app2.greatmacsoft.pro Open in urlscan Pro
54.84.14.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec501...
Effective URL:
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_camp...
Submission: On December 19 via automatic, source openphish (December 19th 2017, 11:54:38 pm UTC)

Summary HTTP 67 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 19 domains to perform 67 HTTP transactions. The main IP is 54.84.14.110, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is app2.greatmacsoft.pro.

This is the only time app2.greatmacsoft.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a01:7c8:eb:0... 2a01:7c8:eb:0:149:210:209:24	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	134.249.116.78 134.249.116.78	15895 (KSNET-AS) (KSNET-AS)
1 1	69.42.65.36 69.42.65.36	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
1 2	188.42.162.193 188.42.162.193	35415 (WEBZILLA) (WEBZILLA)
1	18.194.73.12 18.194.73.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.72.109.192 54.72.109.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	185.49.145.177 185.49.145.177	35415 (WEBZILLA) (WEBZILLA)
2 2	34.199.220.253 34.199.220.253	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	54.84.14.110 54.84.14.110	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
11	52.222.171.154 52.222.171.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
67	20

13 2a01:7c8:eb:0:149:210:209:24 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)

www.sidmusic.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.249.116.78 (Lviv, Ukraine)

ASN15895 (KSNET-AS, UA)
PTR: 134-249-116-78.broadband.kyivstar.net

134.249.116.78	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.42.65.36 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
PTR: frevi.webair.com

www.cpm20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.162.193 (Luxembourg) 1 redirects

ASN35415 (WEBZILLA, NL)

bestadbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.73.12 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-73-12.eu-central-1.compute.amazonaws.com

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.109.192 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-109-192.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.49.145.177 (Netherlands)

ASN35415 (WEBZILLA, NL)

mt.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.220.253 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-220-253.compute-1.amazonaws.com

greatmacsoft.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.84.14.110 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-14-110.compute-1.amazonaws.com

app2.greatmacsoft.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.171.154 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-171-154.fra54.r.cloudfront.net

static.mackeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.166 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	sidmusic.nl www.sidmusic.nl
11	mackeeper.com static.mackeeper.com
7	greatmacsoft.pro 2 redirects greatmacsoft.pro app2.greatmacsoft.pro	4 KB
4	doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net
4	facebook.net connect.facebook.net
4	gstatic.com fonts.gstatic.com
4	googleapis.com fonts.googleapis.com
3	facebook.com www.facebook.com
3	rtmark.net my.rtmark.net mt.rtmark.net
2	google.com www.google.com Failed
2	bing.com bat.bing.com
2	googleadservices.com www.googleadservices.com
2	bestadbid.com 1 redirects bestadbid.com	2 KB
1	google-analytics.com www.google-analytics.com
1	googletagmanager.com www.googletagmanager.com
1	crwdcntrl.net 1 redirects ad.crwdcntrl.net	311 B
1	cpm20.com 1 redirects www.cpm20.com	544 B
0	atdmt.com Failed cx.atdmt.com Failed
0	google.de Failed www.google.de Failed
67	19

	Domain	Requested by
13	www.sidmusic.nl	www.sidmusic.nl
11	static.mackeeper.com	app2.greatmacsoft.pro
5	app2.greatmacsoft.pro	app2.greatmacsoft.pro static.mackeeper.com
4	connect.facebook.net	www.sidmusic.nl connect.facebook.net
4	fonts.gstatic.com	app2.greatmacsoft.pro
4	fonts.googleapis.com	app2.greatmacsoft.pro static.mackeeper.com
3	www.facebook.com	app2.greatmacsoft.pro
2	www.google.com	app2.greatmacsoft.pro
2	googleads.g.doubleclick.net	www.googleadservices.com
2	ad.doubleclick.net	app2.greatmacsoft.pro
2	bat.bing.com	www.sidmusic.nl app2.greatmacsoft.pro
2	www.googleadservices.com	app2.greatmacsoft.pro www.googletagmanager.com
2	greatmacsoft.pro	2 redirects
2	mt.rtmark.net	bestadbid.com
2	bestadbid.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	app2.greatmacsoft.pro
1	ad.crwdcntrl.net	1 redirects
1	my.rtmark.net	bestadbid.com
1	www.cpm20.com	1 redirects
0	cx.atdmt.com Failed
0	www.google.de Failed	app2.greatmacsoft.pro
67	22

This site contains links to these domains. Also see Links.

Domain
mackeeper.com

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2017-11-29` - `2018-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2017-11-29` - `2018-02-21`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2017-11-29` - `2018-02-21`	3 months	crt.sh
www.google.com Google Internet Authority G2	`2017-11-29` - `2018-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Frame ID: (BDF70E9263B5910E2856B0246E25BBC1)
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e0... Page URL
https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
http://bestadbid.com/afu.php?zoneid=1462665&var= Page URL
http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=abe76be2ea2f4781603c6d0b737533ac650141081... HTTP 302
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4... HTTP 302
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4... HTTP 302
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Page Statistics

67
Requests

22 %
HTTPS

45 %
IPv6

19
Domains

22
Subdomains

20
IPs

5
Countries

0 kB
Transfer

1112 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://mackeeper.com/privacy-policy?utm_source=land_230&utm_medium=landings
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://mackeeper.com/about?utm_source=land_230&utm_medium=landings
Title: Company

Search URL Search Domain Scan URL

URL: http://mackeeper.com/eula?utm_source=land_230&utm_medium=landings
Title: EULA

Search URL Search Domain Scan URL

URL: http://mackeeper.com/remote_support?utm_source=land_230&utm_medium=landings
Title: Support

Search URL Search Domain Scan URL

URL: http://mackeeper.com/uninstall_mackeeper?utm_source=land_230&utm_medium=landings
Title: Uninstall

Search URL Search Domain Scan URL

URL: http://mackeeper.com/cookie-policy?utm_source=land_230&utm_medium=landings
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72 Page URL
https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
http://bestadbid.com/afu.php?zoneid=1462665&var= Page URL
http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=abe76be2ea2f4781603c6d0b737533ac6501410818086058236&empty=0&var=&uuid=729816ad-1b09-435b-8441-aef113eacf69&ad_scheme=1&rotation_type=5&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1218&adparams=bm9qcz0wJnNhdmVkX3JlZmVyZXI9aHR0cCUzQSUyRiUyRnd3dy5zaWRtdXNpYy5ubCUyRndwLWluY2x1ZGVzJTJGNTg4NWQ4MGExM2MwZGIxZjhlMDUxY2I0MGE1MzkzZDk2ZmVjNTAxMThjNzIlMkY1ODg1ZDgwYTEzYzBkYjFmOGUwNTFjYjQwYTUzOTNkOTZmZWM1MDExOGM3MiUyRm15JTJGaWRlbnRpdHkucGhwJTNGY21kJTNEX2FjY291bnQlMjZkaXNwYXRjaCUzRDU4ODVkODBhMTNjMGRiMWY4ZTA1MWNiNDBhNTM5M2Q5NmZlYzUwMTE4Yzcy&ip=65a89d51a74c843ac913134976da73e8&x=1600&y=1200&sw=1600&sh=1200&wx=0&wy=0&ww=1600&wh=1200&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&drf=http%3A%2F%2Fwww.sidmusic.nl%2Fwp-includes%2F5885d80a13c0db1f8e051cb40a5393d96fec50118c72%2F5885d80a13c0db1f8e051cb40a5393d96fec50118c72%2Fmy%2Fidentity.php%3Fcmd%3D_account%26dispatch%3D5885d80a13c0db1f8e051cb40a5393d96fec50118c72&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&id=d76df311111ee39aa5cba4e78832ecd6&co=1&rf=1&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&timeout=0 HTTP 302
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e69ea09be6d4ccd5e0d9cde2ecc0c7cae7d4c0daced3dfc4c4e3f0&trt=29_317511156&alert=7&c4=flat,inst&c3=attn&tid_ext=1462665;406248596945 HTTP 302
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e6c2979fa9a4a894dbd4c0e6ecd1d0cee7c6c4cfd3ddced6d2cfe9caccdce5c893a9aa&trt=29_317511156&alert=7&c4=flat,inst&c3=attn&tid_ext=1462665;406248596945&alert=7&original_tid=mk_prpllr_chrm_smcpa_ww&reqid=501352c3058c84578d5c11e2bf495e90 HTTP 302
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
http://bestadbid.com/afu.php?zoneid=1462665&var=

Request Chain 16

http://ad.crwdcntrl.net/5/c=10546/pe=y?http%3A%2F%2Fmt.rtmark.net%2Fltm.gif%3Fid%3De2ef3d0d919c409a1120c00c3846858b%26sg%3D%24%7Baud_ids%7D HTTP 302
http://mt.rtmark.net/ltm.gif?id=e2ef3d0d919c409a1120c00c3846858b&sg=

Request Chain 47

https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1315589207&t=pageview&_s=1&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&dr=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&ul=en-us&de=UTF-8&dt=ATTN%3A%20Clean%20your%20Mac&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1338045478&gjid=1762857267&cid=378469944.1513727668&tid=UA-56634126-2&_gid=518842970.1513727668&_r=1&gtm=GbeKSH3PK&z=340660736 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_gid=518842970.1513727668&gjid=1762857267&_v=j66&z=340660736 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_v=j66&z=340660736

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set identity.php Show response
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ 16 KB
0 93ms
81ms Document
text/html 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: de2b36e33bd03738be3bb876e10d2504b3d0bcd4d45769d7ededd510be764251

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e; path=/
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK zeb.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/gg/ 0
0 38ms
37ms Stylesheet
text/html 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/gg/zeb.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK info.js Show response
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/dzx/js/ 0
0 44ms
31ms Script
text/html 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/dzx/js/info.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK loading.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/dzx/css/ 0
0 59ms
47ms Stylesheet
text/html 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/dzx/css/loading.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK page.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/ 25 KB
0 36ms
24ms Stylesheet
text/css 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/page.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: e856f3cffe66e1af455d15cb0c13140098fa0b84d62398940af6e6b4c5a091a1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "64b2-544c55d881a00"
Transfer-Encoding: chunked
Content-Type: text/css
Last-Modified: Thu, 29 Dec 2016 05:29:12 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.filer.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/ 12 KB
0 29ms
17ms Stylesheet
text/css 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/jquery.filer.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: b3d92327d60aa2ab4ec3aa2420e88dd1afd4b76e55d9c6d5a085759afefc82a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
ETag: "3025-544d7f758c280"
Transfer-Encoding: chunked
Content-Type: text/css
Last-Modified: Fri, 30 Dec 2016 03:40:42 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.filer-dragdropbox-theme.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/themes/ 4 KB
0 44ms
32ms Stylesheet
text/css 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/css/themes/jquery.filer-dragdropbox-theme.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: f8483c20273ebd24226807d6fbf4d1efa73fda4cd5b5110f004aba6fdc4dbcf3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "110d-53eb295731000"
Transfer-Encoding: chunked
Content-Type: text/css
Last-Modified: Wed, 12 Oct 2016 22:33:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-latest.min.js Show response
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/js/ 431 B
0 49ms
20ms Script
application/javascript 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/js/jquery-latest.min.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: b05c63a25e3541fe0773f15f5d5b9ea43a4b1b4773c957bdacffbab6bcc84c46

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
ETag: "1af-560a3da3c95a3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Last-Modified: Mon, 18 Dec 2017 21:15:40 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.filer.min.js Show response
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/js/ 431 B
0 55ms
20ms Script
application/javascript 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/js/jquery.filer.min.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: b05c63a25e3541fe0773f15f5d5b9ea43a4b1b4773c957bdacffbab6bcc84c46

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "1af-560a3da3c95a3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Last-Modified: Mon, 18 Dec 2017 21:15:40 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.min.js
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity/ds/ 16 KB
0 128ms
91ms Script
text/html 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity/ds/jquery.min.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb0
X-TransIP-Backend: web671
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK identity.png
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/images/ 82 KB
0 25ms
24ms Image
image/png 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/images/identity.png
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: 0882d6fe50c0192201ba48bc0e93d8c27431053bad996debbcc7b614f90b4755

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "1496d-54eb4b5290f00"
Transfer-Encoding: chunked
Content-Type: image/png
Last-Modified: Thu, 04 May 2017 15:48:44 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK card.png
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/images/ 82 KB
0 21ms
21ms Image
image/png 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/images/card.png
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "1496d-54eb4b9cf3e80"
Transfer-Encoding: chunked
Content-Type: image/png
Last-Modified: Thu, 04 May 2017 15:50:02 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-filer.css
www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/assets/fonts/jquery.filer-icons/ 12 KB
0 21ms
21ms Stylesheet
text/css 2a01:7c8:eb:0:149:210:209:24
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/assets/fonts/jquery.filer-icons/jquery-filer.css
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 2a01:7c8:eb:0:149:210:209:24 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: Apache /
Resource Hash: 5801156a82939ad99e1d9be0743d1acb244c6ca544b4c9481879275b805da1f1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.sidmusic.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Cookie: PHPSESSID=cf899bdd854ee6e4f897d2c2ec53ba4e
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
X-TransIP-Balancer: lb1
X-TransIP-Backend: web671
Server: Apache
ETag: "2fca-53eb295731000"
Transfer-Encoding: chunked
Content-Type: text/css
Last-Modified: Wed, 12 Oct 2016 22:33:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.js
134.249.116.78/ 2 KB
0 53ms
27ms Script
application/javascript 134.249.116.78
KSNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://134.249.116.78/jquery.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/ID/identity/js/jquery-latest.min.js
Protocol: HTTP/1.1
Server: 134.249.116.78 Lviv, Ukraine, ASN15895 (KSNET-AS, UA),
Reverse DNS: 134-249-116-78.broadband.kyivstar.net
Software: Apache/2.4.28 (Win32) OpenSSL/1.0.2l PHP/7.1.10 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 134.249.116.78
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept: */*
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 19 Dec 2017 23:54:23 GMT
Last-Modified: Mon, 11 Dec 2017 09:15:08 GMT
Server: Apache/2.4.28 (Win32) OpenSSL/1.0.2l PHP/7.1.10
ETag: "88c-5600cf87a38e0"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2188

GET
H/1.1

200
OK

Cookie set afu.php Show response
bestadbid.com/
Redirect Chain

https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7
http://bestadbid.com/afu.php?zoneid=1462665&var=

13 KB
0

69ms
52ms

Document
text/html

188.42.162.193
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://bestadbid.com/afu.php?zoneid=1462665&var=

Protocol

HTTP/1.1

Server

188.42.162.193 , Luxembourg, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

f195db0d1c8106c669fb15853840f3749bf18e55eda49a10c00717878e147cde

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bestadbid.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2017 23:54:25 GMT
Content-Encoding: gzip
Server: nginx
Timing-Allow-Origin: * *
X-FRAME-OPTIONS: DENY
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Set-Cookie: SeenToday=1; expires=Wed, 20-Dec-2017 23:54:25 GMT; Max-Age=86400; path=/ OAGEO9457f=13%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Wed, 20-Dec-2017 23:54:25 GMT; Max-Age=86400; path=/ oaidts=1513727665; expires=Wed, 19-Dec-2018 23:54:25 GMT; Max-Age=31536000; path=/ OAID=e2ef3d0d919c409a1120c00c3846858b; expires=Wed, 19-Dec-2018 23:54:25 GMT; Max-Age=31536000; path=/ OAID=e2ef3d0d919c409a1120c00c3846858b; expires=Wed, 19-Dec-2018 23:54:25 GMT; Max-Age=31536000; path=/ exsdsf=1513727665 pbk3=abe76be2ea2f4781603c6d0b737533ac6501410818086058236; expires=Wed, 20-Dec-2017 00:04:25 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 20-Dec-2017 23:54:25 GMT; Max-Age=86400; path=/
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 19 Dec 2017 23:54:24 GMT
Server: nginx/1.12.1
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: http://bestadbid.com/afu.php?zoneid=1462665&var=
Set-Cookie: u_pl=14212202; expires=Tue, 19 Dec 2017 23:55:24 GMT backurled=14212202; expires=Tue, 19 Dec 2017 23:55:24 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK Cookie set img.gif
my.rtmark.net/ 43 B
0 15ms
6ms Other
image/gif 18.194.73.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://my.rtmark.net/img.gif?f=merge&userId=e2ef3d0d919c409a1120c00c3846858b
Requested by: Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Protocol: HTTP/1.1
Server: 18.194.73.12 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-73-12.eu-central-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://bestadbid.com
Accept-Encoding: gzip, deflate
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: max-age=0
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection: keep-alive
Content-Length: 0
Cache-Control: max-age=0
Origin: http://bestadbid.com
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Set-Cookie: ID=e2ef3d0d919c409a1120c00c3846858b; expires=Wed, 19 Dec 2018 23:54:25 GMT
Date: Tue, 19 Dec 2017 23:54:25 GMT
Server: nginx/1.10.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ltm.gif
mt.rtmark.net/
Redirect Chain

http://ad.crwdcntrl.net/5/c=10546/pe=y?http%3A%2F%2Fmt.rtmark.net%2Fltm.gif%3Fid%3De2ef3d0d919c409a1120c00c3846858b%26sg%3D%24%7Baud_ids%7D
http://mt.rtmark.net/ltm.gif?id=e2ef3d0d919c409a1120c00c3846858b&sg=

43 B
0

14ms
14ms

Other
image/gif

185.49.145.177
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://mt.rtmark.net/ltm.gif?id=e2ef3d0d919c409a1120c00c3846858b&sg=
Protocol: HTTP/1.1
Server: 185.49.145.177 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: mt.rtmark.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection: keep-alive
Cache-Control: max-age=0
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Dec 2017 23:54:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 19 Dec 2017 23:54:25 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: http://mt.rtmark.net/ltm.gif?id=e2ef3d0d919c409a1120c00c3846858b&sg=
Cache-Control: no-cache
X-Server: 10.26.1.227
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK omr.gif
mt.rtmark.net/ 43 B
0 30ms
13ms Other
image/gif 185.49.145.177
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://mt.rtmark.net/omr.gif?s=afu&geo=DE&p=5%2C101&zoneid=1462665&oaid=1
Requested by: Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Protocol: HTTP/1.1
Server: 185.49.145.177 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://bestadbid.com
Accept-Encoding: gzip, deflate
Host: mt.rtmark.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: max-age=0
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection: keep-alive
Content-Length: 0
Cache-Control: max-age=0
Origin: http://bestadbid.com
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Dec 2017 23:54:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

Primary Request / Show response
app2.greatmacsoft.pro/landings/230/
Redirect Chain

http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=abe76be2ea2f4781603c6d0b737533ac6501410818086058236&empty=0&var=&uuid=729816ad-1b09-435b-8441-aef113eacf69&ad_scheme=1&rotation_type=5&ppucou...
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e69ea09be6d4ccd5e0d9cde2ecc0c7cae7d4c0daced3dfc4c4e3f0&trt=...
http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e6c2979fa9a4a894dbd4c0e6ecd1d0cee7c6c4cfd3ddced6d2cfe9caccd...
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_...

13 KB
0

1070ms
110ms

Document
text/html

54.84.14.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90

Protocol

HTTP/1.1

Server

54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-84-14-110.compute-1.amazonaws.com

Software

nginx /

Resource Hash

64c3b1af8ae0be79c631325404f8ea5094acaff6db46f9fbae66d7a607bbe17f

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua; font-src 'self' *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com;

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app2.greatmacsoft.pro
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Cookie: ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; globalAffid=312.32775174.1513727666.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection: keep-alive
Cache-Control: no-cache
Referer: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua; font-src 'self' *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com;
Content-Encoding: gzip
Server: nginx
Date: Tue, 19 Dec 2017 23:54:27 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
transfer-encoding: chunked
Connection: keep-alive
Request-ID: 5e88aada65ec0df2fe4f3f3356513e4c

Redirect headers

Date: Tue, 19 Dec 2017 23:54:26 GMT
Server: nginx
P3P: policyref="http://site.com/p3p.xml", CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Location: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Set-Cookie: ldrOs=%22Mac+OS+X%22; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrBrowserLite=%22Chrome%22; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrBrowser=%22Chrome%22; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro userid=mzb_133406; expires=Wed, 20-Dec-2017 23:54:26 GMT; Max-Age=86400 useridw=mzb_133406; expires=Tue, 26-Dec-2017 23:54:26 GMT; Max-Age=604800 aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; expires=Fri, 14-Dec-2018 23:54:26 GMT; Max-Age=31104000; path=/; domain=.greatmacsoft.pro globalAffid=312.32775174.1513727666.30.mzb; expires=Sun, 17-Jun-2018 23:54:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro userDefiner=mzb_2706; expires=Sun, 17-Jun-2018 23:54:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro userPrePay=mk_prpllr_chrm_smcpa_ww_230; expires=Sun, 17-Jun-2018 23:54:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro trt=29_317511156; expires=Sun, 17-Jun-2018 23:54:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro
Connection: keep-alive
Request-ID: c1204d3d3cdfdcbd1b780a9d15da4361
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1 200
OK jquery.min.js Show response
static.mackeeper.com/landings/libs/jquery/ 94 KB
0 31ms
7ms Script
application/javascript 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Server: nginx
Age: 558657
ETag: W/"57164f85-1762a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 07318a09275049862b4535d73a930b7d.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: ehhNLXwVvfYJe7l0FAAVa8oYCJe3fnSKoRdEoHC4AYAhz3lqJzqPLQ==
Expires: Fri, 12 Jan 2018 12:43:30 GMT

GET
H/1.1 200
OK cookie.js Show response
static.mackeeper.com/landings/libs/js/ 3 KB
0 31ms
8ms Script
application/javascript 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 44e1406420fac320ea35accac2ba1958e905872598d7590f654ea1cd134a275c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Server: nginx
Age: 558657
ETag: W/"57164f85-d52"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 1226
X-Amz-Cf-Id: kgJ-XvCbes5Sn6wgIpS1ptrPsMBrDQiGeIw_W6SlZJpDezc591zEwg==
Expires: Fri, 12 Jan 2018 12:43:30 GMT

GET
H/1.1 200
OK loclist.js Show response
static.mackeeper.com/landings/libs/js/ 620 B
0 29ms
6ms Script
application/javascript 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Server: nginx
Age: 558657
ETag: W/"57164f85-26c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 322
X-Amz-Cf-Id: J8VYL_oSbIDh06u5ER517ILipC0Bh-3zFg-mEqsYz4owg4YOv0ANwA==
Expires: Fri, 12 Jan 2018 12:43:30 GMT

GET
H/1.1 200
OK alerts.js Show response
static.mackeeper.com/landings/libs/alert/ 108 KB
0 37ms
6ms Script
application/javascript 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: eab029901ec252d3b85b20ffd7d1671e00f0b9994402c9218240729341b72dd0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2017 10:26:48 GMT
Server: nginx
Age: 558658
ETag: W/"5a291768-1b127"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 16405
X-Amz-Cf-Id: 0znZfoQE7KO2RM8q-zzdsfAFACnqNhlRzUB4ZYP5VAu0WMWDpMQ23A==
Expires: Fri, 12 Jan 2018 12:43:29 GMT

GET
H/1.1 200
OK script.js Show response
app2.greatmacsoft.pro/landings/libs/titleBlink/ 2 KB
0 181ms
101ms Script
application/javascript 54.84.14.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.greatmacsoft.pro/landings/libs/titleBlink/script.js
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-14-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7da287f4549f49aa5c1320e26550971adabdb043938b379e2fb9a4b4369b8382

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app2.greatmacsoft.pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Cookie: ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; globalAffid=312.32775174.1513727666.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Oct 2017 10:36:54 GMT
Server: nginx
ETag: W/"59f700c6-624"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Request-ID: 2d681550613d905d9c6b4634708c7a5e
Content-Length: 490

GET
H/1.1 200
OK reset.css
static.mackeeper.com/landings/libs/ 1 KB
0 31ms
8ms Stylesheet
text/css 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/reset.css?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 345b6ffa53cc44771d8eabf8d54613e7f9156aaca3d1204b63138150429e3f7e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2016 09:40:42 GMT
Server: nginx
Age: 558657
ETag: W/"575e7f9a-4bf"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 fabe381dacc990f9c402cdc69b69dd26.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 594
X-Amz-Cf-Id: 0AySBWdbM0C0MCJM6OiG0_CVDIC6_L8sYPB96WJz3v4djzqztgBOMA==
Expires: Fri, 12 Jan 2018 12:43:30 GMT

GET
H/1.1 200
OK style.min.css
static.mackeeper.com/landings/230/css/ 5 KB
0 29ms
7ms Stylesheet
text/css 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: e00ca4627940b1e839fe7779ca8532183f1b2674131b56c03a50d9f2bc4c0254

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 13:41:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2017 09:56:24 GMT
Server: nginx
Age: 36805
ETag: W/"5a38e248-157b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 fabe381dacc990f9c402cdc69b69dd26.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 1650
X-Amz-Cf-Id: l0dtRmUI1_AIVNmz1payRRGjMtfgndBuuyLZ3kALEsEXDFRggk-b9w==
Expires: Thu, 18 Jan 2018 13:41:02 GMT

GET
H/1.1 200
OK style.min.css
static.mackeeper.com/landings/libs/overlay-info/css/ 11 KB
0 29ms
7ms Stylesheet
text/css 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/overlay-info/css/style.min.css?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 5dd68bdc6eea899ae774856b8141163804dadc5ad50dd3bd1828b12726cd15c2

Request headers

Accept: text/css,*/*;q=0.1
Pragma: no-cache
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2016 15:08:10 GMT
Server: nginx
Age: 558657
ETag: W/"5825deda-2a07"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 1eb4c4d1a01293f27e472fcc60f7102d.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 1894
X-Amz-Cf-Id: Myw5lf5AYU61wdRLbcbYvcad3t4g1oChTzKbSWr49nTakAIr-ZtSdA==
Expires: Fri, 12 Jan 2018 12:43:30 GMT

GET
H/1.1 200
OK script.js Show response
static.mackeeper.com/landings/libs/overlay-info/ 652 B
0 7ms
6ms Script
application/javascript 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://static.mackeeper.com/landings/libs/overlay-info/script.js?mkv=1
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 45e3efc24eebb4164c2b54220491c17aa34e2d558e6bb479e1e68df6dbcc7681

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Wed, 13 Dec 2017 12:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Aug 2016 11:45:48 GMT
Server: nginx
Age: 558658
ETag: W/"57a47c6c-28c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Content-Length: 284
X-Amz-Cf-Id: h4zryHD9SNBNceofqQ2rFzrg6hMt_lJC-i1rxwlC6kNbeZSZxa5VQA==
Expires: Fri, 12 Jan 2018 12:43:29 GMT

GET
H/1.1 200
OK scripts.min.js Show response
app2.greatmacsoft.pro/landings/libs/localizedDate/ 7 KB
0 201ms
100ms Script
application/javascript 54.84.14.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.greatmacsoft.pro/landings/libs/localizedDate/scripts.min.js
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-14-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cdafb95451243ce55a748c4b6efb2f40b5bb13522075fd350e2467f705f3435b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app2.greatmacsoft.pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Cookie: ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; globalAffid=312.32775174.1513727666.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2017 13:30:00 GMT
Server: nginx
ETag: W/"5a0d92d8-1c39"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Request-ID: 7123c4895bc29ad575663ecbcca4745d
Content-Length: 2587

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 19 KB
0 22ms
14ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90

Protocol

HTTP/1.1

Server

172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

27f1fbc2fb7fca1af8043ec9042707868e85b1672272f795d88e7dc8877189f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14974593292366838264
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 7134
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
0 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

edbb30ed75e9824ce2e59fad7b55a1b085c84bcdae444f4548cfb5830e581d99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2017 23:54:27 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
0 37ms
37ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

4ee4b161bf7138bf7589cd0a37309dcfbef9712424def9677f1410f020e9e12d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /gtm.js?id=GTM-KSH3PK
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagmanager.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 49664
x-xss-protection: 1; mode=block
expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
0 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&subset=latin,latin-ext

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

80c3865b6d94203e0ee14ad4fbea27dc4364bc59a10a95af9855838740def1d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2017 23:54:27 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
0 22ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto:700

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b3079978e3eeac8eebc13449195a917d299bcca5501e1936c14548b9b0d43edf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2017 23:54:27 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H/1.1 200
OK logo.png
static.mackeeper.com/landings/230/img/ 2 KB
0 7ms
7ms Image
image/png 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mackeeper.com/landings/230/img/logo.png
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: fb618198b824cff21ccf2fe8274d5608de2a7bed1256adc540fe22b873cc73fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 13:41:02 GMT
Via: 1.1 e7ce333c56f455a0dae7f1f5ea5d6086.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Oct 2017 10:53:39 GMT
Server: nginx
Age: 36805
ETag: "59e9d5b3-7eb"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2027
X-Amz-Cf-Id: Tq6yXjeScIm15SqyEhiJzqGGszMp_jyoCyC5hxtFz64Vvk1iDK3haA==
Expires: Thu, 18 Jan 2018 13:41:02 GMT

GET
H/1.1 200
OK Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
0 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://app2.greatmacsoft.pro
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: http://app2.greatmacsoft.pro

Response headers

Date: Fri, 08 Dec 2017 23:54:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:32:46 GMT
Server: sffe
Age: 950383
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 10876
X-XSS-Protection: 1; mode=block
Expires: Sat, 08 Dec 2018 23:54:44 GMT

GET
H/1.1 200
OK shield.png
static.mackeeper.com/landings/230/img/ 24 KB
0 7ms
7ms Image
image/png 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mackeeper.com/landings/230/img/shield.png
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: c2113178e6fec803f9ec75cf2daea3450a40db4868f7127b59a6ba154a1f1667

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 13:41:02 GMT
Via: 1.1 07318a09275049862b4535d73a930b7d.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Oct 2017 10:53:39 GMT
Server: nginx
Age: 36805
ETag: "59e9d5b3-6059"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24665
X-Amz-Cf-Id: 2m_Sdiqrsz0HdQk1Cn1wfGgV119quM00g4KDm-AQyO5dRoq61wPzcQ==
Expires: Thu, 18 Jan 2018 13:41:02 GMT

GET
H/1.1 200
OK oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
0 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://app2.greatmacsoft.pro
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: http://app2.greatmacsoft.pro

Response headers

Date: Fri, 08 Dec 2017 13:17:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:32:50 GMT
Server: sffe
Age: 988646
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 10748
X-XSS-Protection: 1; mode=block
Expires: Sat, 08 Dec 2018 13:17:01 GMT

GET
H/1.1 200
OK d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
0 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v18/d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://app2.greatmacsoft.pro
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: http://app2.greatmacsoft.pro

Response headers

Date: Thu, 07 Dec 2017 20:39:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Server: sffe
Age: 1048492
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 10764
X-XSS-Protection: 1; mode=block
Expires: Fri, 07 Dec 2018 20:39:35 GMT

GET
H/1.1 200
OK icon-btn.png
static.mackeeper.com/landings/230/img/ 2 KB
0 7ms
7ms Image
image/png 52.222.171.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.mackeeper.com/landings/230/img/icon-btn.png
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 52.222.171.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-171-154.fra54.r.cloudfront.net
Software: nginx /
Resource Hash: 97bce68f85f0d3cbb6dda0c529283b71cbc08de780e61eab9baf84341559f4db

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 13:41:03 GMT
Via: 1.1 fabe381dacc990f9c402cdc69b69dd26.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Oct 2017 10:53:39 GMT
Server: nginx
Age: 36804
ETag: "59e9d5b3-61e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000 must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1566
X-Amz-Cf-Id: 0MwdVLzjTRJbVNeC6xGDRSn2Yo6iPuY6mK01UJkqaGZ96hcTNqF57w==
Expires: Thu, 18 Jan 2018 13:41:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 35 KB
0 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 2410
date: Tue, 19 Dec 2017 23:14:17 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Wed, 20 Dec 2017 01:14:17 GMT

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 16 KB
0 14ms
13ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK

Protocol

HTTP/1.1

Server

172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ca024e1b4a86c69b79f33e6ab9afe9b9020c968a681e078a5233fd128669f0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16410984212093220393
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 6101
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 37 KB
0 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5f9215efa15f2a41a2a8e8c6ff56f57dc48779e5377e308abdbd77e5f0ab1267

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /en_US/fbevents.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: public
x-fb-debug: k6vcmTWqrOhXvgDMHOjR/BZySNfCYbay8FakCD6t1+59d6BLb7TuLgKHzki3sg5H9AwmO6i6z/hDjP6UGLcVng==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2017 23:54:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 12075
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set bat.js Show response
bat.bing.com/ 11 KB
0 40ms
34ms Script
application/javascript 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://bat.bing.com/bat.js
Requested by: Host: www.sidmusic.nl
URL: http://www.sidmusic.nl/wp-includes/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/5885d80a13c0db1f8e051cb40a5393d96fec50118c72/my/identity.php?cmd=_account&dispatch=5885d80a13c0db1f8e051cb40a5393d96fec50118c72
Protocol: HTTP/1.1
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 12f4322709a5325b098775ca8bc24c7f0e0bafe36d53f8d8198495ec734daee3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2017 14:28:15 GMT
X-MSEdge-Ref: Ref A: 4C861FACCB0E48A89D9AA79721DBED61 Ref B: FRAEDGE0508 Ref C: 2017-12-19T23:54:27Z
ETag: "802933d09d58d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=1800
Set-Cookie: MUID=18B482B63D4467773AEA89EB39446425; domain=.bing.com; expires=Sun, 13-Jan-2019 23:54:27 GMT; path=/; MUIDB=2191D83BD95D67273DA0D366D82F6695; path=/; httponly; expires=Sun, 13-Jan-2019 23:54:27 GMT
Accept-Ranges: bytes
Content-Length: 3655

GET
H2 200 B11000446.146506911
ad.doubleclick.net/ddm/ad/N426403.1402839PROPELLERADS.COM1/ 43 B
0 38ms
15ms Image
image/gif 172.217.16.166
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/N426403.1402839PROPELLERADS.COM1/B11000446.146506911?gtmcb=670345564

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ddm/ad/N426403.1402839PROPELLERADS.COM1/B11000446.146506911?gtmcb=670345564
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: ad.doubleclick.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2017 23:54:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Dec-2017 00:09:27 GMT; path=/; domain=.doubleclick.net
content-type: image/gif
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/ 3 KB
0 37ms
15ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1513727667752&cv=8&fst=1513727667752&num=1&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ca013ec008f1544be0c7d4ea3bd3fc56a0c9c5d61fdcbacd60684128ecfa867a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/viewthroughconversion/1010020041/?random=1513727667752&cv=8&fst=1513727667752&num=1&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: googleads.g.doubleclick.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1151
x-xss-protection: 1; mode=block
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Dec-2017 00:09:27 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B11535539.153573767;sz=1x1;ord=4397533314525.3594;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/adj/N426403.2664803MACKEEPER/ 11 B
0 38ms
22ms Script
text/javascript 172.217.16.166
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N426403.2664803MACKEEPER/B11535539.153573767;sz=1x1;ord=4397533314525.3594;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ddm/adj/N426403.2664803MACKEEPER/B11535539.153573767;sz=1x1;ord=4397533314525.3594;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
cache-control: no-cache
:authority: ad.doubleclick.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 31
x-xss-protection: 1; mode=block
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Dec-2017 00:09:27 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/837055539/ 3 KB
0 28ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837055539/?random=1513727667762&cv=8&fst=1513727667762&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Gbe&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

173f439ca05ed822ee5dc6546dcc6a06ffa84e64163ee7f29997945c4df336ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/viewthroughconversion/837055539/?random=1513727667762&cv=8&fst=1513727667762&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Gbe&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&rfmt=3&fmt=4
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: googleads.g.doubleclick.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1209
x-xss-protection: 1; mode=block
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Dec-2017 00:09:27 GMT; path=/; domain=.doubleclick.net
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1315589207&t=pageview&_s=1&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_sourc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_gid=518842970.1513727668&gjid=1762857267&_v=j66&z=340660736
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_v=j66&z=340660736

0
0

GET
H2 200 1593188040964422 Show response
connect.facebook.net/signals/config/ 54 KB
0 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1593188040964422?v=2.8.6&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

453f1aebf3845740b564ab990a8ed64e18285ce3dbcc598b5fb347cfa49a5270

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/1593188040964422?v=2.8.6&r=stable
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 16166
x-xss-protection: 0
pragma: public
x-fb-debug: WweaWYtXH9NIR6WcvKzuFK+IPWzhvXK+GTjFYwe7Qu8I/RJtu2Mxkts7/DgbuxM9SoTsWhUGMp4Ti32772uHXA==
x-frame-options: DENY
date: Tue, 19 Dec 2017 23:54:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content 0
bat.bing.com/action/ 0
0 45ms
44ms Image
text/plain 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bat.bing.com/action/0?ti=4019963&Ver=2&mid=af0f1702-ae3b-8450-d4c8-1db306efcece&evt=pageLoad&sid=d7d9be17-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATTN:%20Clean%20your%20Mac&r=http%3A%2F%2Fbestadbid.com%2Fafu.php&p=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&msclkid=N&rn=921105
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: HTTP/1.1
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Cookie: MUID=18B482B63D4467773AEA89EB39446425; MUIDB=2191D83BD95D67273DA0D366D82F6695
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 19 Dec 2017 23:54:27 GMT
Cache-Control: no-cache, must-revalidate
X-MSEdge-Ref: Ref A: D6312E8331034B00BC4E1FAD7F20533F Ref B: FRAEDGE0508 Ref C: 2017-12-19T23:54:27Z
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/ads/user-lists/1010020041/ 0
0

GET
H2 200 /
www.google.com/ads/user-lists/1010020041/ 42 B
0 38ms
25ms Image
image/gif 2a00:1450:4001:821::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/1010020041/?random=1513727667752&cv=8&fst=1513724400000&num=1&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=1229265771&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1010020041/?random=1513727667752&cv=8&fst=1513724400000&num=1&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=1229265771&rmt_tld=0&ipr=y
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2017 23:54:27 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/ads/user-lists/837055539/ 0
0

GET
H2 200 /
www.google.com/ads/user-lists/837055539/ 42 B
0 26ms
26ms Image
image/gif 2a00:1450:4001:821::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/837055539/?random=1513727667762&cv=8&fst=1513724400000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=1823142869&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/837055539/?random=1513727667762&cv=8&fst=1513724400000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=1823142869&rmt_tld=0&ipr=y
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2017 23:54:27 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 126593688055701 Show response
connect.facebook.net/signals/config/ 54 KB
0 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/126593688055701?v=2.8.6&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f086782c7417ebf916f472ef0d40fa75f1a92c320cfb09227a8641bf011b63ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/126593688055701?v=2.8.6&r=stable
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 16173
x-xss-protection: 0
pragma: public
x-fb-debug: xH/qQRC5hHw0bGlt39SOJnt0p+1t8242Ri8YIO/cX0TWoZ5/kMLwQ6+zCBF66p2xO+YHJQtv8TlWbpSiQvny7Q==
x-frame-options: DENY
date: Tue, 19 Dec 2017 23:54:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
0 28ms
2ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727667813&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=28&it=1513727667786
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=1593188040964422&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727667813&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=28&it=1513727667786
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: fr=0RLuEgn48SNDC5YUJ..BaOaaz...1.0.BaOaaz.; expires=Monday, 19-Mar-2018 23:54:27 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length: 44
expires: Tue, 19 Dec 2017 23:54:27 GMT

GET
H2 200 iwl.js Show response
connect.facebook.net/signals/plugins/ 1 KB
0 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/iwl.js?v=2.8.6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

054ca0c1548cd3457f67e2adeb2c60424a65a1cb104d034ec60057d5a18b513e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/plugins/iwl.js?v=2.8.6
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 762
x-xss-protection: 0
pragma: public
x-fb-debug: oAzlb/Bts60f3iVzm2pmq9e8kdlGS9r1+7lFForJGkXJqouS9s+IJBzp/sBF2r6+G2urmRKanGfRrbbxD6Rw8g==
x-frame-options: DENY
date: Tue, 19 Dec 2017 23:54:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
0 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=126593688055701&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727667849&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=30&it=1513727667786
Requested by: Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=126593688055701&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727667849&sw=1600&sh=1200&v=2.8.6&r=stable&ec=0&o=30&it=1513727667786
pragma: no-cache
cookie: fr=0RLuEgn48SNDC5YUJ..BaOaaz...1.0.BaOaaz.
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie
content-length: 44
expires: Tue, 19 Dec 2017 23:54:27 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK index.html Show response
app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/ 10 KB
0 102ms
101ms XHR
text/html 54.84.14.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/index.html
Requested by: Host: static.mackeeper.com
URL: http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Protocol: HTTP/1.1
Server: 54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-14-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 62dc72e1691cc320211054ed1213f3da29a9d5ed2e654c444ac02a52fed8f5ce

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app2.greatmacsoft.pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
X-Requested-With: XMLHttpRequest
Cookie: ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; globalAffid=312.32775174.1513727666.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156; _ga=GA1.2.378469944.1513727668; _gid=GA1.2.518842970.1513727668; _gat_UA-56634126-2=1; _uetsid=_uetd7d9be17
Connection: keep-alive
Cache-Control: no-cache
Accept: */*
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Oct 2017 08:20:45 GMT
Server: nginx
ETag: W/"59d499dd-26dd"
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Request-ID: 4f404d9489e013a963366731a69f822f
Content-Length: 1706

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
0 15ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext

Requested by

Host: static.mackeeper.com
URL: http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b32d2630728c817657e08ae24cec0a3ba5da793755d75c4b2d8f9b286fa77a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Dec 2017 23:54:28 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 19 Dec 2017 23:54:28 GMT

GET
H/1.1 200
OK icon.png
app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/img/ 5 KB
0 101ms
101ms Image
image/png 54.84.14.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/img/icon.png
Protocol: HTTP/1.1
Server: 54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-14-110.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6d2f1a387c659db4c0769f8051a3ef5a9fce4f8c9c221f2bab58fdbb92fc54f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: app2.greatmacsoft.pro
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
Cookie: ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219; globalAffid=312.32775174.1513727666.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156; _ga=GA1.2.378469944.1513727668; _gid=GA1.2.518842970.1513727668; _gat_UA-56634126-2=1; _uetsid=_uetd7d9be17
Connection: keep-alive
Cache-Control: no-cache
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 19 Dec 2017 23:54:28 GMT
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Server: nginx
ETag: "57164f85-1590"
Content-Type: image/png
Request-ID: 15a93f930f494d4abc6f8aba8a34640c
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5520

GET
H/1.1 200
OK toadOcfmlt9b38dHJxOBGCP2LEk6lMzYsRqr3dHFImA.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 13 KB
0 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v11/toadOcfmlt9b38dHJxOBGCP2LEk6lMzYsRqr3dHFImA.woff2

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://app2.greatmacsoft.pro
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext
Origin: http://app2.greatmacsoft.pro

Response headers

Date: Mon, 11 Dec 2017 01:41:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 18:25:45 GMT
Server: sffe
Age: 771173
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 12968
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Dec 2018 01:41:35 GMT

GET /
www.facebook.com/tr/ 0
0

GET /
cx.atdmt.com/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
0 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=126593688055701&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727669349&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.6&o=30
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=126593688055701&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727669349&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.6&o=30
pragma: no-cache
cookie: fr=0RLuEgn48SNDC5YUJ..BaOaaz..Fo5.1.0.BaOaaz.
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
:scheme: https
:method: GET
Referer: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.32775174.1513727666.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;406248596945&c3=attn&c4=flat,inst&reqid=501352c3058c84578d5c11e2bf495e90
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 19 Dec 2017 23:54:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie
content-length: 44
expires: Tue, 19 Dec 2017 23:54:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_v=j66&z=340660736

Domain: www.google.de
URL: https://www.google.de/ads/user-lists/1010020041/?random=1513727667752&cv=8&fst=1513724400000&num=1&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=1229265771&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/ads/user-lists/837055539/?random=1513727667762&cv=8&fst=1513724400000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=1823142869&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=378469944.1513727668&jid=1338045478&_v=j66&z=340660736&slf_rd=1&random=703860480

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=1593188040964422&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.32775174.1513727666.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B406248596945%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3D501352c3058c84578d5c11e2bf495e90&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513727669316&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.6&o=28

Domain: cx.atdmt.com
URL: https://cx.atdmt.com/?c=15934850351756228925&f=AYxn85EinlwJnPHCEs8i2fpE0s2B_rK8I76H7khBByH3_QD_7ElyExiIjtr9OiNaxkts-Bfc3r_2x8OApbRGWTMQ&id=1593188040964422&l=3&v=0

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.greatmacsoft.pro/	1970-01-18 12:28:49	Name: _uetsid Value: _uetd7d9be17
.greatmacsoft.pro/	1970-01-18 12:28:47	Name: _gat_UA-56634126-2 Value: 1
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: _gid Value: GA1.2.518842970.1513727668
.greatmacsoft.pro/	1970-01-18 16:47:59	Name: trt Value: 29_317511156
.greatmacsoft.pro/	1970-01-18 21:07:11	Name: aaffss Value: mzb_312.32775174.1513727666.30.mzb%3A1%3A20171219
.greatmacsoft.pro/	1970-01-18 16:47:59	Name: globalAffid Value: 312.32775174.1513727666.30.mzb
.greatmacsoft.pro/	1970-01-19 05:59:59	Name: _ga Value: GA1.2.378469944.1513727668
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: ldrOs Value: %22Mac+OS+X%22
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: ldrUaFull Value: %7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2263%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223239%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513425399%22%7D
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: ldrBrowser Value: %22Chrome%22
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: uniqueSplitDay Value: mzb_133406_mk_prpllr_chrm_smcpa_ww_230
.greatmacsoft.pro/	1970-01-18 16:47:59	Name: userPrePay Value: mk_prpllr_chrm_smcpa_ww_230
.greatmacsoft.pro/	1970-01-18 16:47:59	Name: userDefiner Value: mzb_2706
.doubleclick.net/	1970-01-18 21:50:23	Name: IDE Value: AHWqTUnLieDIRXXTMDGWeUEwuNGfs3gyPcWQ8joSI86pxeaTgPFe0dE2mInTkUCj
.greatmacsoft.pro/	1970-01-18 12:30:14	Name: ldrBrowserLite Value: %22Chrome%22

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ad.doubleclick.net
app2.greatmacsoft.pro
bat.bing.com
bestadbid.com
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greatmacsoft.pro
mt.rtmark.net
my.rtmark.net
static.mackeeper.com
www.cpm20.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sidmusic.nl
cx.atdmt.com
www.facebook.com
www.google.com
www.google.de
13.107.21.200
134.249.116.78
172.217.16.166
172.217.16.194
18.194.73.12
185.49.145.177
188.42.162.193
2a00:1450:4001:814::200a
2a00:1450:4001:814::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a01:7c8:eb:0:149:210:209:24
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.199.220.253
52.222.171.154
54.72.109.192
54.84.14.110
69.42.65.36
054ca0c1548cd3457f67e2adeb2c60424a65a1cb104d034ec60057d5a18b513e
0882d6fe50c0192201ba48bc0e93d8c27431053bad996debbcc7b614f90b4755
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f4322709a5325b098775ca8bc24c7f0e0bafe36d53f8d8198495ec734daee3
173f439ca05ed822ee5dc6546dcc6a06ffa84e64163ee7f29997945c4df336ee
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
27f1fbc2fb7fca1af8043ec9042707868e85b1672272f795d88e7dc8877189f9
345b6ffa53cc44771d8eabf8d54613e7f9156aaca3d1204b63138150429e3f7e
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44e1406420fac320ea35accac2ba1958e905872598d7590f654ea1cd134a275c
453f1aebf3845740b564ab990a8ed64e18285ce3dbcc598b5fb347cfa49a5270
45e3efc24eebb4164c2b54220491c17aa34e2d558e6bb479e1e68df6dbcc7681
4ee4b161bf7138bf7589cd0a37309dcfbef9712424def9677f1410f020e9e12d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5801156a82939ad99e1d9be0743d1acb244c6ca544b4c9481879275b805da1f1
5dd68bdc6eea899ae774856b8141163804dadc5ad50dd3bd1828b12726cd15c2
5f9215efa15f2a41a2a8e8c6ff56f57dc48779e5377e308abdbd77e5f0ab1267
62dc72e1691cc320211054ed1213f3da29a9d5ed2e654c444ac02a52fed8f5ce
64c3b1af8ae0be79c631325404f8ea5094acaff6db46f9fbae66d7a607bbe17f
6d2f1a387c659db4c0769f8051a3ef5a9fce4f8c9c221f2bab58fdbb92fc54f2
7da287f4549f49aa5c1320e26550971adabdb043938b379e2fb9a4b4369b8382
80c3865b6d94203e0ee14ad4fbea27dc4364bc59a10a95af9855838740def1d6
8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066
97bce68f85f0d3cbb6dda0c529283b71cbc08de780e61eab9baf84341559f4db
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
b05c63a25e3541fe0773f15f5d5b9ea43a4b1b4773c957bdacffbab6bcc84c46
b3079978e3eeac8eebc13449195a917d299bcca5501e1936c14548b9b0d43edf
b3d92327d60aa2ab4ec3aa2420e88dd1afd4b76e55d9c6d5a085759afefc82a0
c2113178e6fec803f9ec75cf2daea3450a40db4868f7127b59a6ba154a1f1667
ca013ec008f1544be0c7d4ea3bd3fc56a0c9c5d61fdcbacd60684128ecfa867a
ca024e1b4a86c69b79f33e6ab9afe9b9020c968a681e078a5233fd128669f0be
cdafb95451243ce55a748c4b6efb2f40b5bb13522075fd350e2467f705f3435b
d1b32d2630728c817657e08ae24cec0a3ba5da793755d75c4b2d8f9b286fa77a
de2b36e33bd03738be3bb876e10d2504b3d0bcd4d45769d7ededd510be764251
e00ca4627940b1e839fe7779ca8532183f1b2674131b56c03a50d9f2bc4c0254
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e856f3cffe66e1af455d15cb0c13140098fa0b84d62398940af6e6b4c5a091a1
eab029901ec252d3b85b20ffd7d1671e00f0b9994402c9218240729341b72dd0
edbb30ed75e9824ce2e59fad7b55a1b085c84bcdae444f4548cfb5830e581d99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f086782c7417ebf916f472ef0d40fa75f1a92c320cfb09227a8641bf011b63ed
f195db0d1c8106c669fb15853840f3749bf18e55eda49a10c00717878e147cde
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
f8483c20273ebd24226807d6fbf4d1efa73fda4cd5b5110f004aba6fdc4dbcf3
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fb618198b824cff21ccf2fe8274d5608de2a7bed1256adc540fe22b873cc73fc

app2.greatmacsoft.pro Open in urlscan Pro 54.84.14.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

22 %HTTPS

45 %IPv6

19 Domains

22 Subdomains

20 IPs

5 Countries

0 kBTransfer

1112 kBSize

15 Cookies

6 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app2.greatmacsoft.pro Open in urlscan Pro
54.84.14.110 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

22 %
HTTPS

45 %
IPv6

19
Domains

22
Subdomains

20
IPs

5
Countries

0 kB
Transfer

1112 kB
Size

15
Cookies

67 HTTP transactions
0 data transactions