urlscan.io logo urlscan.io
SecurityTrails logo

app2.greatmacsoft.pro Open in urlscan Pro
54.84.14.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cn.mediplus-orders.jp/
Effective URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_camp...
Submission: On December 12 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 7 countries across 19 domains to perform 106 HTTP transactions. The main IP is 54.84.14.110, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is app2.greatmacsoft.pro.
This is the only time app2.greatmacsoft.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 202.74.0.82 4594 (HKISL-ASN...)
3 172.217.22.2 15169 (GOOGLE)
1 134.249.116.78 15895 (KSNET-AS)
1 1 69.42.65.41 27257 (WEBAIR-IN...)
1 2 188.42.162.155 35415 (WEBZILLA)
1 35.156.71.137 16509 (AMAZON-02)
1 1 54.72.109.192 16509 (AMAZON-02)
2 185.49.145.151 35415 (WEBZILLA)
2 2 52.1.110.197 14618 (AMAZON-AES)
2 54.84.14.110 14618 (AMAZON-AES)
11 54.192.2.241 16509 (AMAZON-02)
3 34.199.220.253 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 172.217.21.198 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
2 204.79.197.200 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f10... 32934 (FACEBOOK)
106 20
20    202.74.0.82 (Hong Kong)

ASN4594 (HKISL-ASN Internet Solutions Limited, HK)
cn.mediplus-orders.jp
3    172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
www.googleadservices.com
1    134.249.116.78 (Lviv, Ukraine)

ASN15895 (KSNET-AS, UA)
PTR: 134-249-116-78.broadband.kyivstar.net
134.249.116.78
1    69.42.65.41 (New York, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.cpm20.com
2    188.42.162.155 (Luxembourg)

ASN35415 (WEBZILLA, NL)
bestadbid.com
1    35.156.71.137 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-71-137.eu-central-1.compute.amazonaws.com
my.rtmark.net
1    54.72.109.192 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-109-192.eu-west-1.compute.amazonaws.com
ad.crwdcntrl.net
2    185.49.145.151 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: v-6-07-17-d6376-151.webazilla.com
mt.rtmark.net
2    52.1.110.197 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-110-197.compute-1.amazonaws.com
greatmacsoft.pro
2    54.84.14.110 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-14-110.compute-1.amazonaws.com
app2.greatmacsoft.pro
11    54.192.2.241 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-2-241.lhr5.r.cloudfront.net
static.mackeeper.com
3    34.199.220.253 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-220-253.compute-1.amazonaws.com
app2.greatmacsoft.pro
4    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:818::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    172.217.21.198 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:815::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com
3    2a00:1450:4001:820::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
20 cn.mediplus-orders.jp cn.mediplus-orders.jp
11 static.mackeeper.com app2.greatmacsoft.pro
5 app2.greatmacsoft.pro app2.greatmacsoft.pro
static.mackeeper.com
4 fonts.gstatic.com app2.greatmacsoft.pro
4 fonts.googleapis.com app2.greatmacsoft.pro
static.mackeeper.com
3 www.facebook.com app2.greatmacsoft.pro
3 www.google.com app2.greatmacsoft.pro
3 connect.facebook.net cn.mediplus-orders.jp
connect.facebook.net
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.googleadservices.com cn.mediplus-orders.jp
app2.greatmacsoft.pro
www.googletagmanager.com
2 bat.bing.com cn.mediplus-orders.jp
app2.greatmacsoft.pro
2 ad.doubleclick.net app2.greatmacsoft.pro
2 greatmacsoft.pro 2 redirects
2 mt.rtmark.net bestadbid.com
2 bestadbid.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com app2.greatmacsoft.pro
1 ad.crwdcntrl.net 1 redirects
1 my.rtmark.net bestadbid.com
1 www.cpm20.com 1 redirects
0 cx.atdmt.com Failed
0 www.google.de Failed app2.greatmacsoft.pro
106 22

This site contains links to these domains. Also see Links.

Domain
mackeeper.com
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2017-11-21 -
2018-02-13		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-11-21 -
2018-02-13		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2017-11-21 -
2018-02-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
www.google.com
Google Internet Authority G2		 2017-11-21 -
2018-02-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Frame ID: (373715F7B8EE9AC2402C53A9AB39B634)
Requests: 106 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cn.mediplus-orders.jp/ Page URL
  2. https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
    http://bestadbid.com/afu.php?zoneid=1462665&var= Page URL
  3. http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=2fb41b308fab6653f3878dc600f410d6649866479... HTTP 302
    http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4... HTTP 302
    http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4... HTTP 302
    http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i

Page Statistics

106
Requests

15 %
HTTPS

36 %
IPv6

19
Domains

22
Subdomains

20
IPs

7
Countries

373 kB
Transfer

967 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cn.mediplus-orders.jp/ Page URL
  2. https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
    http://bestadbid.com/afu.php?zoneid=1462665&var= Page URL
  3. http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=2fb41b308fab6653f3878dc600f410d66498664792017360461&empty=0&var=&uuid=f86cb768-9912-47d4-944c-698fc12a0d49&ad_scheme=1&rotation_type=5&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1221&adparams=bm9qcz0wJnNhdmVkX3JlZmVyZXI9aHR0cCUzQSUyRiUyRmNuLm1lZGlwbHVzLW9yZGVycy5qcCUyRg%3D%3D&ip=65a89d51a74c843ac913134976da73e8&x=1600&y=1200&sw=1600&sh=1200&wx=0&wy=0&ww=1600&wh=1200&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&drf=http%3A%2F%2Fcn.mediplus-orders.jp%2F&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&id=e97a9a8a2921c12db053d473305d9073&co=1&rf=1&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&timeout=0 HTTP 302
    http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e69ea09be6d4ccd5e0d9cde2ecc0c7cae7d4c0daced3dfc4c4e3f0&trt=29_317511156&alert=7&c4=flat,inst&c3=attn&tid_ext=1462665;399523270065 HTTP 302
    http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e6c2979fa9a4a894dbd4c0e6ecd1d0cee7c6c4cfd3ddced6d2cfe9caccdce5c893a9aa&trt=29_317511156&alert=7&c4=flat,inst&c3=attn&tid_ext=1462665;399523270065&alert=7&original_tid=mk_prpllr_chrm_smcpa_ww&reqid=be009485856a823404cbb9effdafe9b0 HTTP 302
    http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7 HTTP 302
  • http://bestadbid.com/afu.php?zoneid=1462665&var=
Request Chain 53
  • http://ad.crwdcntrl.net/5/c=10546/pe=y?http%3A%2F%2Fmt.rtmark.net%2Fltm.gif%3Fid%3D079b06c4d517698ccc71d916bdf434e0%26sg%3D%24%7Baud_ids%7D HTTP 302
  • http://mt.rtmark.net/ltm.gif?id=079b06c4d517698ccc71d916bdf434e0&sg=
Request Chain 88
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=332677406&t=pageview&_s=1&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&dr=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&ul=en-us&de=UTF-8&dt=ATTN%3A%20Clean%20your%20Mac&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1527607726&gjid=1698263230&cid=1977536518.1513088307&tid=UA-56634126-2&_gid=1359108131.1513088307&_r=1&gtm=GbeKSH3PK&z=1072105879 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_gid=1359108131.1513088307&gjid=1698263230&_v=j66&z=1072105879 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_v=j66&z=1072105879

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
cn.mediplus-orders.jp/ 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.6.28
Resource Hash
dbe0a432000e9390e36c3b13f9b3ce39a6ce9ea423ddef52d73dca4203f30996

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Set-Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0; path=/
Date
Tue, 12 Dec 2017 14:18:24 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
X-Powered-By
PHP/5.6.28
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
import.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		380 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/import.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
20c3a03f62737c93c2c3483b39553ace24317ae704a83af192cea4df6da1bf53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59f7-17c-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
380
ja.js
cn.mediplus-orders.jp/js/locales/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/locales/ja.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
265e8c321ce3dda664b1f5c5d5018026b94234f1e76fbe600545414beb6d649f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Thu, 04 Jun 2015 05:28:39 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a2312-c29-517aa72a74fc0"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3113
locale.js
cn.mediplus-orders.jp/js/ 		431 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/locale.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b05c63a25e3541fe0773f15f5d5b9ea43a4b1b4773c957bdacffbab6bcc84c46

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Fri, 08 Dec 2017 16:29:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a230c-1af-55fd6b06ab423"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
431
css.js
cn.mediplus-orders.jp/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/css.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9c9f1d48e14e0233bcb88a2ffc47ade4d962c838584c457ea155d7cc8bd9bbd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Mon, 30 Jun 2014 06:08:46 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a228f-132d-4fd077deb1780"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
4909
navi.js
cn.mediplus-orders.jp/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/navi.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2aa5a86c3eeb37cf7a3f296cd0734134f165a0f4ef8070f2052adfef992069db

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Mon, 30 Jun 2014 06:08:46 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a2326-442-4fd077deb1780"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1090
win_op.js
cn.mediplus-orders.jp/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/win_op.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7ac4b182ab2a098930852d30e75ead75e134349740daf730ee04536577191693

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Mon, 30 Jun 2014 06:08:46 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a2330-72d-4fd077deb1780"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1837
site.js
cn.mediplus-orders.jp/js/ 		431 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/site.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Fri, 08 Dec 2017 16:29:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a232a-1af-55fd6b06afe5b"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
431
jquery-1.4.2.min.js
cn.mediplus-orders.jp/js/ 		431 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/js/jquery-1.4.2.min.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Fri, 08 Dec 2017 16:29:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1a2292-1af-55fd6b06a1012"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
431
islider.css
cn.mediplus-orders.jp/user_data/packages/defaultta/js/ 		332 B
332 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/js/islider.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877af740d27019b929c831a0074fa600b60dde4110dfecf7fd82df4213bc2ef5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c5c90-14c-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
332
jquery.js
cn.mediplus-orders.jp/user_data/packages/defaultta/js/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/js/jquery.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c5c95-119ee-4fee5f8160080"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
72174
islider.js
cn.mediplus-orders.jp/user_data/packages/defaultta/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/js/islider.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c5c93-87a-4fee5f8160080"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2170
ec_zenkin.gif
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
logo_lead.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
logo_mediplus.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
header_badge.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
btn_mypage.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
btn_cart.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
menu1.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu2.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu3.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu4.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu5.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu6.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu7.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
menu8.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/ 		0
0
main_image.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
main_image02.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
161014_btn01.gif
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
161014_btn02.gif
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
about_gel.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
160808_c.png
cn.mediplus-orders.jp/user_data/packages/defaultta/mv/ 		0
0
landing.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
chat.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
brandconcept.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
beauty.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
movie.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
yorokobi.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
manga.jpg
cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ 		0
0
copyright.png
cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/ 		0
0
conversion.js
www.googleadservices.com/pagead/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googleadservices.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 12 Dec 2017 14:18:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14974593292366838264
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
7134
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:25 GMT
WebChatEntryPopUp.js
cn.mediplus-orders.jp/user_data/chat/ 		0
0
reset.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		986 B
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/reset.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fb7f79056acbc83a6b05a8715659e13bcbe1cab64c08db05da1463c1bc8d10fb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59fd-3da-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
986
common.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		20 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/common.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3b1e0c77d177fa9739d9598ff108a84ff0ce4ad8aba87e8b74541ba9580b6898

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Wed, 12 Oct 2016 09:07:54 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59f3-4eb6-53ea754151ddd"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
20150
contents.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/contents.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a39bd30d97ba02b4d38d8d4557e8171ffd8150aa76fdc7c705936ccde017b2e0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Wed, 12 Oct 2016 08:24:20 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59f5-41f1-53ea6b843971d"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
16881
table.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/table.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
10f47297f4ce812055a5737d42af417073f361a3a3bda3218a87b90a97b21138

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59ff-676-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1654
bloc.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/bloc.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3e8297a5746abdbafd92d58b889b5c24ab32b8500b72507cf9287ffed47e8b6b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59ee-2b40-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
11072
bloc_alpha.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/bloc_alpha.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8f3d0b236fff8fef77c21250362ef3ec29baa6886ce99a2932c19f06c0d5e3e6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59f1-b5f-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2911
popup.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/popup.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
65be0cb66c181d7b2d501a6594f57817f42abf23eaa8110b59b81d22414d1ab6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59f9-8c8-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2248
print.css
cn.mediplus-orders.jp/user_data/packages/defaultta/css/ 		197 B
197 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/css/print.css
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
202.74.0.82 , Hong Kong, ASN4594 (HKISL-ASN Internet Solutions Limited, HK),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
96e198d319c1b6f6d3687e0e49e4a20138403c0d4b89974d0c9d6d17397f6a78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cn.mediplus-orders.jp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://cn.mediplus-orders.jp/
Cookie
ECSESSID=u6l5vdg3d2ul4argcat1aenip0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Last-Modified
Thu, 24 Jul 2014 00:59:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1c59fb-c5-4fee5f8160080"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
197
jquery.js
134.249.116.78/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://134.249.116.78/jquery.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/js/locale.js
Protocol
HTTP/1.1
Server
134.249.116.78 Lviv, Ukraine, ASN15895 (KSNET-AS, UA),
Reverse DNS
134-249-116-78.broadband.kyivstar.net
Software
Apache/2.4.28 (Win32) OpenSSL/1.0.2l PHP/7.1.10 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
134.249.116.78
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://cn.mediplus-orders.jp/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Dec 2017 14:18:24 GMT
Last-Modified
Mon, 11 Dec 2017 09:15:08 GMT
Server
Apache/2.4.28 (Win32) OpenSSL/1.0.2l PHP/7.1.10
ETag
"88c-5600cf87a38e0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2188
Cookie set afu.php
bestadbid.com/
Redirect Chain
  • https://www.cpm20.com/watch?key=789a4129e78c00008a47b36e23d65ea7
  • http://bestadbid.com/afu.php?zoneid=1462665&var=
12 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://bestadbid.com/afu.php?zoneid=1462665&var=
Protocol
HTTP/1.1
Server
188.42.162.155 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
af48d3c6e62e68dd76178c4da890f7b9eea7cbb53440b755aa448a559e564cc9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bestadbid.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://cn.mediplus-orders.jp/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://cn.mediplus-orders.jp/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Server
nginx
Timing-Allow-Origin
* *
X-FRAME-OPTIONS
DENY
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Set-Cookie
SeenToday=1; expires=Wed, 13-Dec-2017 14:18:25 GMT; Max-Age=86400; path=/ OAGEO9457f=13%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Wed, 13-Dec-2017 14:18:25 GMT; Max-Age=86400; path=/ oaidts=1513088305; expires=Wed, 12-Dec-2018 14:18:25 GMT; Max-Age=31536000; path=/ OAID=079b06c4d517698ccc71d916bdf434e0; expires=Wed, 12-Dec-2018 14:18:25 GMT; Max-Age=31536000; path=/ OAID=079b06c4d517698ccc71d916bdf434e0; expires=Wed, 12-Dec-2018 14:18:25 GMT; Max-Age=31535999; path=/ exsdsf=1513088306 pbk3=2fb41b308fab6653f3878dc600f410d66498664792017360461; expires=Tue, 12-Dec-2017 14:28:26 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 12 Dec 2017 14:18:25 GMT
Server
nginx/1.12.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
http://bestadbid.com/afu.php?zoneid=1462665&var=
Set-Cookie
u_pl=14212202; expires=Tue, 12 Dec 2017 14:19:25 GMT backurled=14212202; expires=Tue, 12 Dec 2017 14:19:25 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cookie set img.gif
my.rtmark.net/ 		43 B
43 B 		Other
General
Check archive.org
Download Go to
Full URL
http://my.rtmark.net/img.gif?f=merge&userId=079b06c4d517698ccc71d916bdf434e0
Requested by
Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Protocol
HTTP/1.1
Server
35.156.71.137 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-71-137.eu-central-1.compute.amazonaws.com
Software
nginx/1.10.1 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://bestadbid.com
Accept-Encoding
gzip, deflate
Host
my.rtmark.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
max-age=0
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection
keep-alive
Content-Length
0
Cache-Control
max-age=0
Origin
http://bestadbid.com
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Set-Cookie
ID=079b06c4d517698ccc71d916bdf434e0; expires=Wed, 12 Dec 2018 14:18:26 GMT
Date
Tue, 12 Dec 2017 14:18:26 GMT
Server
nginx/1.10.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ltm.gif
mt.rtmark.net/
Redirect Chain
  • http://ad.crwdcntrl.net/5/c=10546/pe=y?http%3A%2F%2Fmt.rtmark.net%2Fltm.gif%3Fid%3D079b06c4d517698ccc71d916bdf434e0%26sg%3D%24%7Baud_ids%7D
  • http://mt.rtmark.net/ltm.gif?id=079b06c4d517698ccc71d916bdf434e0&sg=
43 B
43 B 		Other
General
Check archive.org
Download Go to
Full URL
http://mt.rtmark.net/ltm.gif?id=079b06c4d517698ccc71d916bdf434e0&sg=
Protocol
HTTP/1.1
Server
185.49.145.151 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-6-07-17-d6376-151.webazilla.com
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mt.rtmark.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection
keep-alive
Cache-Control
max-age=0
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2017 14:18:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2017 14:18:26 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
http://mt.rtmark.net/ltm.gif?id=079b06c4d517698ccc71d916bdf434e0&sg=
Cache-Control
no-cache
X-Server
10.26.40.227
Connection
keep-alive
Content-Length
0
Expires
0
omr.gif
mt.rtmark.net/ 		43 B
43 B 		Other
General
Check archive.org
Download Go to
Full URL
http://mt.rtmark.net/omr.gif?s=afu&geo=DE&p=5%2C101&zoneid=1462665&oaid=1
Requested by
Host: bestadbid.com
URL: http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Protocol
HTTP/1.1
Server
185.49.145.151 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-6-07-17-d6376-151.webazilla.com
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://bestadbid.com
Accept-Encoding
gzip, deflate
Host
mt.rtmark.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
max-age=0
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Connection
keep-alive
Content-Length
0
Cache-Control
max-age=0
Origin
http://bestadbid.com
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2017 14:18:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Primary Request /
app2.greatmacsoft.pro/landings/230/
Redirect Chain
  • http://bestadbid.com/?r=%2Fmb%2Fhan&zoneid=1462665&pbk3=2fb41b308fab6653f3878dc600f410d66498664792017360461&empty=0&var=&uuid=f86cb768-9912-47d4-944c-698fc12a0d49&ad_scheme=1&rotation_type=5&ppucou...
  • http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1e69297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e69ea09be6d4ccd5e0d9cde2ecc0c7cae7d4c0daced3dfc4c4e3f0&trt=...
  • http://greatmacsoft.pro/paramss=phexafc9b4dbb5a5b1a19297a3a99f9cd2e8cb90e6ecd1d0cee7a2c4d7c2abdccec4dcebd9d9d1e0c8c4deeccec3d5e2cad1c8c0e7e6c2979fa9a4a894dbd4c0e6ecd1d0cee7c6c4cfd3ddced6d2cfe9caccd...
  • http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_...
13 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-14-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a8e5d823ba22df40ce5ab7efbcb39e67db6ce0aca4ecef497142f3597a0fdf28
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua; font-src 'self' *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com;

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
app2.greatmacsoft.pro
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
Cookie
ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; globalAffid=312.15194134.1513088306.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection
keep-alive
Cache-Control
no-cache
Referer
http://bestadbid.com/afu.php?zoneid=1407888&var=1462665
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob:; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua; font-src 'self' *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com;
Content-Encoding
gzip
Server
nginx
Date
Tue, 12 Dec 2017 14:18:26 GMT
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
transfer-encoding
chunked
Connection
keep-alive
Request-ID
e67dd040c983e315b962c55ecbd29bdf

Redirect headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Server
nginx
P3P
policyref="http://site.com/p3p.xml", CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Location
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Set-Cookie
ldrOs=%22Mac+OS+X%22; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrBrowserLite=%22Chrome%22; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrBrowser=%22Chrome%22; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400; path=/; domain=.greatmacsoft.pro userid=mzb_133406; expires=Wed, 13-Dec-2017 14:18:26 GMT; Max-Age=86400 useridw=mzb_133406; expires=Tue, 19-Dec-2017 14:18:26 GMT; Max-Age=604800 aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; expires=Fri, 07-Dec-2018 14:18:26 GMT; Max-Age=31104000; path=/; domain=.greatmacsoft.pro globalAffid=312.15194134.1513088306.30.mzb; expires=Sun, 10-Jun-2018 14:18:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro userDefiner=mzb_2706; expires=Sun, 10-Jun-2018 14:18:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro userPrePay=mk_prpllr_chrm_smcpa_ww_230; expires=Sun, 10-Jun-2018 14:18:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro trt=29_317511156; expires=Sun, 10-Jun-2018 14:18:26 GMT; Max-Age=15552000; path=/; domain=.greatmacsoft.pro
Connection
keep-alive
Request-ID
2d8aa6b3b9f89256d5207935b914b418
Content-Type
text/html; charset=UTF-8
Content-Length
0
jquery.min.js
static.mackeeper.com/landings/libs/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 15:32:21 GMT
Server
nginx
Age
5545
ETag
W/"57164f85-1762a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 599cec68a88e27b10f404ff4c80a9166.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
33483
X-Amz-Cf-Id
rwSknZsSXVCU8PUam3jNUFbBD6EdeLRTvKLtukNhQR6A5_LgGSJlcA==
Expires
Thu, 11 Jan 2018 12:46:01 GMT
cookie.js
static.mackeeper.com/landings/libs/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
44e1406420fac320ea35accac2ba1958e905872598d7590f654ea1cd134a275c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 15:32:21 GMT
Server
nginx
Age
5545
ETag
W/"57164f85-d52"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 32ae8cb69e094c4793f264ed99171242.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
1226
X-Amz-Cf-Id
N7lYkIeZ8V-ehStqBPsCNsn36x53FejTMmmCVYJqU7MQIf1RE7m-YQ==
Expires
Thu, 11 Jan 2018 12:46:01 GMT
loclist.js
static.mackeeper.com/landings/libs/js/ 		620 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2016 15:32:21 GMT
Server
nginx
Age
5546
ETag
W/"57164f85-26c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f86a895a07bf7cfe7b3bc406fbe56c18.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
322
X-Amz-Cf-Id
lIiGPhpw3E-wsdc_TUng2XrvfrWe1QEXmqOYguWS1PBkJVUysGlgyQ==
Expires
Thu, 11 Jan 2018 12:46:00 GMT
alerts.js
static.mackeeper.com/landings/libs/alert/ 		108 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
eab029901ec252d3b85b20ffd7d1671e00f0b9994402c9218240729341b72dd0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2017 10:26:48 GMT
Server
nginx
Age
5546
ETag
W/"5a291768-1b127"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 d3389211a03760b83dfb110cc5d823db.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
16405
X-Amz-Cf-Id
FkplSZ2mVhPq_vrJ_2MVxNwxEcTrP6UyUjG0kSNTLw0nfsy6xLyauA==
Expires
Thu, 11 Jan 2018 12:46:00 GMT
script.js
app2.greatmacsoft.pro/landings/libs/titleBlink/ 		2 KB
490 B 		Script
General
Check archive.org
Download Go to
Full URL
http://app2.greatmacsoft.pro/landings/libs/titleBlink/script.js
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.84.14.110 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-84-14-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7da287f4549f49aa5c1320e26550971adabdb043938b379e2fb9a4b4369b8382

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
app2.greatmacsoft.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Cookie
ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; globalAffid=312.15194134.1513088306.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Oct 2017 10:36:54 GMT
Server
nginx
ETag
W/"59f700c6-624"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Request-ID
09001da522662af46dfb6c0990a6bc30
Content-Length
490
reset.css
static.mackeeper.com/landings/libs/ 		1 KB
594 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/reset.css?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
345b6ffa53cc44771d8eabf8d54613e7f9156aaca3d1204b63138150429e3f7e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Jun 2016 09:40:42 GMT
Server
nginx
Age
5546
ETag
W/"575e7f9a-4bf"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 5b996d60103604a7ed9443006909c550.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
594
X-Amz-Cf-Id
JmxJMCbYWAbiJIS9OVYEBkFif8hLuNRTHaE4BlgdajFMB9mQRgjf6Q==
Expires
Thu, 11 Jan 2018 12:46:00 GMT
style.min.css
static.mackeeper.com/landings/230/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
21faa44a57e0d8408a06fca53c4f87d570f7b31685ad05de1d5710f1b39759d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 13:38:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2017 12:28:34 GMT
Server
nginx
Age
2405
ETag
W/"5a0c32f2-157d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 599cec68a88e27b10f404ff4c80a9166.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
1650
X-Amz-Cf-Id
6AT1zxWdgjri9frgTjYutx6-qLFobkVX2fKEHQqz5bQtV-1pPJhzHQ==
Expires
Thu, 11 Jan 2018 13:38:21 GMT
style.min.css
static.mackeeper.com/landings/libs/overlay-info/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/overlay-info/css/style.min.css?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
5dd68bdc6eea899ae774856b8141163804dadc5ad50dd3bd1828b12726cd15c2

Request headers

Accept
text/css,*/*;q=0.1
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Nov 2016 15:08:10 GMT
Server
nginx
Age
5545
ETag
W/"5825deda-2a07"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 f86a895a07bf7cfe7b3bc406fbe56c18.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
1894
X-Amz-Cf-Id
NW-hU2iGpircpD4kM55e_X9NUh_cu5_W4eH8i671cr9uqgK-tgGPxA==
Expires
Thu, 11 Jan 2018 12:46:01 GMT
script.js
static.mackeeper.com/landings/libs/overlay-info/ 		652 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
http://static.mackeeper.com/landings/libs/overlay-info/script.js?mkv=1
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
45e3efc24eebb4164c2b54220491c17aa34e2d558e6bb479e1e68df6dbcc7681

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 12:46:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Aug 2016 11:45:48 GMT
Server
nginx
Age
5545
ETag
W/"57a47c6c-28c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f86a895a07bf7cfe7b3bc406fbe56c18.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Content-Length
284
X-Amz-Cf-Id
xLA3nzgde_yBPRgogjJf-G6NqFxiZTkxtbL5agR7iehgJ7oRBI5PtA==
Expires
Thu, 11 Jan 2018 12:46:01 GMT
scripts.min.js
app2.greatmacsoft.pro/landings/libs/localizedDate/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://app2.greatmacsoft.pro/landings/libs/localizedDate/scripts.min.js
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
34.199.220.253 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-220-253.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cdafb95451243ce55a748c4b6efb2f40b5bb13522075fd350e2467f705f3435b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
app2.greatmacsoft.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Cookie
ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; globalAffid=312.15194134.1513088306.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2017 13:30:00 GMT
Server
nginx
ETag
W/"5a0d92d8-1c39"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Request-ID
a79afa362d8ceb51778f31fedee7bd6c
Content-Length
2587
conversion.js
www.googleadservices.com/pagead/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
27f1fbc2fb7fca1af8043ec9042707868e85b1672272f795d88e7dc8877189f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googleadservices.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14974593292366838264
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
7134
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:26 GMT
css
fonts.googleapis.com/ 		7 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
97dceba76fbaefbeff0816e796fccbcbbbc966c1ae2b0f1de31534e120e4279d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2017 14:18:26 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:26 GMT
gtm.js
www.googletagmanager.com/ 		254 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
8faa022286a6c6f9fd564ef6413207e3f0b8e0e203e15682c523aa1378968f24
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtm.js?id=GTM-KSH3PK
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:26 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
49574
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2017 14:18:26 GMT
css
fonts.googleapis.com/ 		8 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&subset=latin,latin-ext
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3cf7e1b82e5b7475dc6b7eb4ac7c27fe328693c4ef4b6f9c2c7452deb380402e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2017 14:18:26 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:26 GMT
css
fonts.googleapis.com/ 		2 KB
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
60c9712a91a1542ad13892e19da2356d3edac5281ba24b967837acfc8b8f278e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2017 14:18:26 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:26 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1513088306839&cv=8&fst=1513088306839&num=1&guid=ON&eid=376635470%2C659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
fd4a2d56e60456b6981c61d3589b694843f24b44dd6fb6569e230d14bbf5c48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/viewthroughconversion/1010020041/?random=1513088306839&cv=8&fst=1513088306839&num=1&guid=ON&eid=376635470%2C659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
googleads.g.doubleclick.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1163
x-xss-protection
1; mode=block
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Dec-2017 14:33:26 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
B11535539.153573767;sz=1x1;ord=6720176504588.064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/adj/N426403.2664803MACKEEPER/ 		11 B
49 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N426403.2664803MACKEEPER/B11535539.153573767;sz=1x1;ord=6720176504588.064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.198 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ddm/adj/N426403.2664803MACKEEPER/B11535539.153573767;sz=1x1;ord=6720176504588.064;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
ad.doubleclick.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 12 Dec 2017 14:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
31
x-xss-protection
1; mode=block
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Dec-2017 14:33:26 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
static.mackeeper.com/landings/230/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mackeeper.com/landings/230/img/logo.png
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
fb618198b824cff21ccf2fe8274d5608de2a7bed1256adc540fe22b873cc73fc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 13:38:20 GMT
Via
1.1 f86a895a07bf7cfe7b3bc406fbe56c18.cloudfront.net (CloudFront)
Last-Modified
Fri, 20 Oct 2017 10:53:39 GMT
Server
nginx
Age
2406
ETag
"59e9d5b3-7eb"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2027
X-Amz-Cf-Id
aa0Bsy4tfiZFzK5iG9BPJdHdFA2mZsQK2vDFvNJh3Szsx1NlSn003w==
Expires
Thu, 11 Jan 2018 13:38:20 GMT
Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v18/Hgo13k-tfSpn0qi1SFdUfZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://app2.greatmacsoft.pro
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
http://app2.greatmacsoft.pro

Response headers

Date
Fri, 08 Dec 2017 23:54:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Oct 2017 17:32:46 GMT
Server
sffe
Age
311022
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10876
X-XSS-Protection
1; mode=block
Expires
Sat, 08 Dec 2018 23:54:44 GMT
shield.png
static.mackeeper.com/landings/230/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mackeeper.com/landings/230/img/shield.png
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
c2113178e6fec803f9ec75cf2daea3450a40db4868f7127b59a6ba154a1f1667

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 13:38:20 GMT
Via
1.1 d3389211a03760b83dfb110cc5d823db.cloudfront.net (CloudFront)
Last-Modified
Fri, 20 Oct 2017 10:53:39 GMT
Server
nginx
Age
2406
ETag
"59e9d5b3-6059"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24665
X-Amz-Cf-Id
rXqOlYzWn7iJWLf6Qf3lyT9VCLE6kjGumYJyh1umNwOwJPJO4CoxsA==
Expires
Thu, 11 Jan 2018 13:38:20 GMT
oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v18/oMMgfZMQthOryQo9n22dcuvvDin1pK8aKteLpeZ5c0A.woff2
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://app2.greatmacsoft.pro
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
http://app2.greatmacsoft.pro

Response headers

Date
Fri, 08 Dec 2017 13:17:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Oct 2017 17:32:50 GMT
Server
sffe
Age
349285
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10748
X-XSS-Protection
1; mode=block
Expires
Sat, 08 Dec 2018 13:17:01 GMT
d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v18/d-6IYplOFocCacKzxwXSOJBw1xU1rKptJj_0jans920.woff2
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://app2.greatmacsoft.pro
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin
http://app2.greatmacsoft.pro

Response headers

Date
Thu, 07 Dec 2017 20:39:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Oct 2017 17:33:02 GMT
Server
sffe
Age
409131
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10764
X-XSS-Protection
1; mode=block
Expires
Fri, 07 Dec 2018 20:39:35 GMT
icon-btn.png
static.mackeeper.com/landings/230/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.mackeeper.com/landings/230/img/icon-btn.png
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
54.192.2.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-2-241.lhr5.r.cloudfront.net
Software
nginx /
Resource Hash
97bce68f85f0d3cbb6dda0c529283b71cbc08de780e61eab9baf84341559f4db

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.mackeeper.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://static.mackeeper.com/landings/230/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 13:38:20 GMT
Via
1.1 599cec68a88e27b10f404ff4c80a9166.cloudfront.net (CloudFront)
Last-Modified
Fri, 20 Oct 2017 10:53:39 GMT
Server
nginx
Age
2406
ETag
"59e9d5b3-61e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=2592000 must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1566
X-Amz-Cf-Id
qEyX4g4CkhRK9-BdK-xlgmDyqdTiFQrl8-R18kWn4zRLhhJgSdRU8g==
Expires
Thu, 11 Jan 2018 13:38:20 GMT
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
1391
date
Tue, 12 Dec 2017 13:55:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Tue, 12 Dec 2017 15:55:15 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK
Protocol
HTTP/1.1
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
ca024e1b4a86c69b79f33e6ab9afe9b9020c968a681e078a5233fd128669f0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googleadservices.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
16410984212093220393
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
6101
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10869
x-xss-protection
0
pragma
public
x-fb-debug
44lau2vHJmzbIVKkzmDccLnxdtWTn4s5TgDOv6ddvBcpP0rHjjq91TM5WLHxUOyTS95oNmqKW1aXIw0O0n/pkA==
date
Tue, 12 Dec 2017 14:18:26 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set bat.js
bat.bing.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bat.bing.com/bat.js
Requested by
Host: cn.mediplus-orders.jp
URL: http://cn.mediplus-orders.jp/
Protocol
HTTP/1.1
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
12f4322709a5325b098775ca8bc24c7f0e0bafe36d53f8d8198495ec734daee3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bat.bing.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2017 14:28:15 GMT
X-MSEdge-Ref
Ref A: B26B5BB667A74DBBBEFA239E6FA03B19 Ref B: FRAEDGE0519 Ref C: 2017-12-12T14:18:26Z
ETag
"802933d09d58d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=1800
Set-Cookie
MUID=1F5AC03864B3629B3BE2CB6E60B36152; domain=.bing.com; expires=Sun, 06-Jan-2019 14:18:26 GMT; path=/; MUIDB=0993CC158D1661B202E5C7438C64603B; path=/; httponly; expires=Sun, 06-Jan-2019 14:18:26 GMT
Accept-Ranges
bytes
Content-Length
3655
B11000446.146506911
ad.doubleclick.net/ddm/ad/N426403.1402839PROPELLERADS.COM1/ 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/N426403.1402839PROPELLERADS.COM1/B11000446.146506911?gtmcb=2038207262
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.198 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ddm/ad/N426403.1402839PROPELLERADS.COM1/B11000446.146506911?gtmcb=2038207262
pragma
no-cache
cookie
test_cookie=CheckForPermission
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
ad.doubleclick.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2017 14:18:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnLyyO3xmJ0eqfDc4tLvjcOV51JiFBTpIqcPf-0UCc7I_CvhBhG5ZjEpHys; expires=Sun, 06-Jan-2019 14:18:26 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/1010020041/ 		0
0
/
www.google.com/ads/user-lists/1010020041/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/1010020041/?random=1513088306839&cv=8&fst=1513087200000&num=1&guid=ON&eid=376635470%2C659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=313218216&rmt_tld=0&ipr=y
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/user-lists/1010020041/?random=1513088306839&cv=8&fst=1513087200000&num=1&guid=ON&eid=376635470%2C659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=313218216&rmt_tld=0&ipr=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2017 14:18:26 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1513088306930&cv=8&fst=1513088306839&num=2&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a3c44e5b87fd6abf9b175561dbc1efee4942748601a9cd2258cc93aea70e69cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/viewthroughconversion/854379023/?random=1513088306930&cv=8&fst=1513088306839&num=2&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&rfmt=3&fmt=4
pragma
no-cache
cookie
test_cookie=CheckForPermission
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
googleads.g.doubleclick.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1156
x-xss-protection
1; mode=block
pragma
no-cache
server
cafe
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUlZ4DkH_4L8vD7hLNggGPLwJPPCzs3v_53xgtl8RtkQLvA104A6_5ZIII3h; expires=Sun, 06-Jan-2019 14:18:26 GMT; path=/; domain=.doubleclick.net; HttpOnly
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837055539/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837055539/?random=1513088306946&cv=8&fst=1513088306946&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Gbe&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
74294d79fbfbc961aaeff370b920c79d60c9f507d39b1ab8b6744ea66f407029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/viewthroughconversion/837055539/?random=1513088306946&cv=8&fst=1513088306946&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=Gbe&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&rfmt=3&fmt=4
pragma
no-cache
cookie
IDE=AHWqTUnLyyO3xmJ0eqfDc4tLvjcOV51JiFBTpIqcPf-0UCc7I_CvhBhG5ZjEpHys
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
googleads.g.doubleclick.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2017 14:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1208
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
1593188040964422
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1593188040964422?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
778e342835ad6716012f747ef655566d55b0281473387c9c9c942a905bf16fb7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/1593188040964422?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10755
x-xss-protection
0
pragma
public
x-fb-debug
hfgxOI2wZHA68lg0FnKL/SjkJzqOd83FXc7O1RPitF3hoIWT+SWVatTE6BhcMVuZh+NYnMMLt3A+L/9rYghL+w==
x-frame-options
DENY
date
Tue, 12 Dec 2017 14:18:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j66&a=332677406&t=pageview&_s=1&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_gid=1359108131.1513088307&gjid=1698263230&_v=j66&z=1072105879
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_v=j66&z=1072105879
0
0
0
bat.bing.com/action/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bat.bing.com/action/0?ti=4019963&Ver=2&mid=2c88cfaa-e3a2-0e1f-5810-6ca191b0df93&evt=pageLoad&sid=76129fdd-1&lt=842&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=ATTN:%20Clean%20your%20Mac&r=http%3A%2F%2Fbestadbid.com%2Fafu.php&p=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&msclkid=N&rn=571252
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
HTTP/1.1
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bat.bing.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Cookie
MUID=1F5AC03864B3629B3BE2CB6E60B36152; MUIDB=0993CC158D1661B202E5C7438C64603B
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 12 Dec 2017 14:18:26 GMT
Cache-Control
no-cache, must-revalidate
X-MSEdge-Ref
Ref A: 48EE4206386C4B3697AA83D32F5A88BE Ref B: FRAEDGE0519 Ref C: 2017-12-12T14:18:27Z
Expires
Fri, 01 Jan 1990 00:00:00 GMT
126593688055701
connect.facebook.net/signals/config/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/126593688055701?v=2.8.1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6e1b84a8d64fe34f043324d917575c574afe81c4c0ccd2eb7ba9df953d1c2af9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/126593688055701?v=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
10768
x-xss-protection
0
pragma
public
x-fb-debug
osuTsKvi5jXfsi6ifjE6hpu0dZfcfCQnC0sYYgGOONvXUzOSugH4wecFRIMhwSF2vOe9QtSaox+sFnd/xA7XWQ==
x-frame-options
DENY
date
Tue, 12 Dec 2017 14:18:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088306983&v=2.8.1&ec=0&o=28&it=1513088306955
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=1593188040964422&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088306983&v=2.8.1&ec=0&o=28&it=1513088306955
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0Yuq0Ig88OSlglu06..BaL-Uy...1.0.BaL-Uy.; expires=Monday, 12-Mar-2018 14:18:26 GMT; path=/; domain=.facebook.com; HttpOnly; secure
content-length
44
expires
Tue, 12 Dec 2017 14:18:26 GMT
/
www.google.de/ads/user-lists/854379023/ 		0
0
/
www.google.com/ads/user-lists/854379023/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/854379023/?random=1513088306930&cv=8&fst=1513087200000&num=2&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=567193106&rmt_tld=0&ipr=y
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/user-lists/854379023/?random=1513088306930&cv=8&fst=1513087200000&num=2&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=567193106&rmt_tld=0&ipr=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2017 14:18:27 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=126593688055701&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088307006&v=2.8.1&ec=0&o=30&it=1513088306955
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=126593688055701&ev=PageView&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088307006&v=2.8.1&ec=0&o=30&it=1513088306955
pragma
no-cache
cookie
fr=0Yuq0Ig88OSlglu06..BaL-Uy...1.0.BaL-Uy.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Tue, 12 Dec 2017 14:18:27 GMT
ga-audiences
www.google.de/ads/ 		0
0
/
www.google.de/ads/user-lists/837055539/ 		0
0
/
www.google.com/ads/user-lists/837055539/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/837055539/?random=1513088306946&cv=8&fst=1513087200000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=3235098606&rmt_tld=0&ipr=y
Requested by
Host: app2.greatmacsoft.pro
URL: http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/user-lists/837055539/?random=1513088306946&cv=8&fst=1513087200000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=3235098606&rmt_tld=0&ipr=y
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2017 14:18:27 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/index.html
Requested by
Host: static.mackeeper.com
URL: http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Protocol
HTTP/1.1
Server
34.199.220.253 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-220-253.compute-1.amazonaws.com
Software
nginx /
Resource Hash
62dc72e1691cc320211054ed1213f3da29a9d5ed2e654c444ac02a52fed8f5ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
app2.greatmacsoft.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
X-Requested-With
XMLHttpRequest
Cookie
ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; globalAffid=312.15194134.1513088306.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156; _ga=GA1.2.1977536518.1513088307; _gid=GA1.2.1359108131.1513088307; _gat_UA-56634126-2=1; _uetsid=_uet76129fdd
Connection
keep-alive
Cache-Control
no-cache
Accept
*/*
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2017 08:20:45 GMT
Server
nginx
ETag
W/"59d499dd-26dd"
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
Request-ID
18cc60a3c745a939dc9523195fe496f4
Content-Length
1706
css
fonts.googleapis.com/ 		8 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext
Requested by
Host: static.mackeeper.com
URL: http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
58d7d41215008af5da0d637e8cf624ad55a8ef870d9bf4bf044a13e893c35d70
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2017 14:18:27 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Dec 2017 14:18:27 GMT
icon.png
app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://app2.greatmacsoft.pro/landings/libs/alert/alerts/chrome/img/icon.png
Protocol
HTTP/1.1
Server
34.199.220.253 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-220-253.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6d2f1a387c659db4c0769f8051a3ef5a9fce4f8c9c221f2bab58fdbb92fc54f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
app2.greatmacsoft.pro
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
Cookie
ldrOs=%22Mac+OS+X%22; ldrBrowserLite=%22Chrome%22; ldrBrowser=%22Chrome%22; ldrUaFull=%7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D; uniqueSplitDay=mzb_133406_mk_prpllr_chrm_smcpa_ww_230; aaffss=mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212; globalAffid=312.15194134.1513088306.30.mzb; userDefiner=mzb_2706; userPrePay=mk_prpllr_chrm_smcpa_ww_230; trt=29_317511156; _ga=GA1.2.1977536518.1513088307; _gid=GA1.2.1359108131.1513088307; _gat_UA-56634126-2=1; _uetsid=_uet76129fdd
Connection
keep-alive
Cache-Control
no-cache
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 12 Dec 2017 14:18:27 GMT
Last-Modified
Tue, 19 Apr 2016 15:32:21 GMT
Server
nginx
ETag
"57164f85-1590"
Content-Type
image/png
Request-ID
283395cc82aea3d0c3775f8782c67b99
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5520
toadOcfmlt9b38dHJxOBGCP2LEk6lMzYsRqr3dHFImA.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v11/toadOcfmlt9b38dHJxOBGCP2LEk6lMzYsRqr3dHFImA.woff2
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://app2.greatmacsoft.pro
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&subset=latin,vietnamese,latin-ext
Origin
http://app2.greatmacsoft.pro

Response headers

Date
Mon, 11 Dec 2017 01:41:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:25:45 GMT
Server
sffe
Age
131812
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
12968
X-XSS-Protection
1; mode=block
Expires
Tue, 11 Dec 2018 01:41:35 GMT
/
www.facebook.com/tr/ 		0
0
/
cx.atdmt.com/ 		0
0
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=126593688055701&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088308507&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&v=2.8.1&o=30
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=126593688055701&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088308507&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&v=2.8.1&o=30
pragma
no-cache
cookie
fr=0Yuq0Ig88OSlglu06..BaL-Uy..Fov.1.0.BaL-Uy.
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
:scheme
https
:method
GET
Referer
http://app2.greatmacsoft.pro/landings/230/?affid=mzb_312.15194134.1513088306.30.mzb&utm_source=prpllr&utm_medium=cpa&utm_campaign=mk_prpllr_chrm_smcpa_ww_230&utm_term=&utm_content=&userDefiner=mzb_2706&epayId=29&landId=2492&alert=7&trt=29_317511156&tid_ext=1462665;399523270065&c3=attn&c4=flat,inst&reqid=be009485856a823404cbb9effdafe9b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 14:18:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Tue, 12 Dec 2017 14:18:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/ec_zenkin.gif
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/logo_lead.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/logo_mediplus.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/header_badge.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/btn_mypage.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/btn_cart.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu1.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu2.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu3.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu4.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu5.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu6.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu7.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/button/menu8.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/main_image.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/main_image02.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/161014_btn01.gif
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/161014_btn02.gif
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/about_gel.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/mv/160808_c.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/landing.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/chat.png
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/brandconcept.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/beauty.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/movie.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/yorokobi.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/banner/manga.jpg
Domain
cn.mediplus-orders.jp
URL
http://cn.mediplus-orders.jp/user_data/packages/defaultta/img/common/copyright.png
Domain
cn.mediplus-orders.jp
URL
https://cn.mediplus-orders.jp/user_data/chat/WebChatEntryPopUp.js?crosid=2016050001&showIcn=0
Domain
www.google.de
URL
https://www.google.de/ads/user-lists/1010020041/?random=1513088306839&cv=8&fst=1513087200000&num=1&guid=ON&eid=376635470%2C659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=313218216&rmt_tld=1&ipr=y
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_v=j66&z=1072105879
Domain
www.google.de
URL
https://www.google.de/ads/user-lists/854379023/?random=1513088306930&cv=8&fst=1513087200000&num=2&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&fmt=3&cdct=2&is_vtc=1&random=567193106&rmt_tld=1&ipr=y
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=1977536518.1513088307&jid=1527607726&_v=j66&z=1072105879&slf_rd=1&random=1947195383
Domain
www.google.de
URL
https://www.google.de/ads/user-lists/837055539/?random=1513088306946&cv=8&fst=1513087200000&num=1&label=c1JqCM2mzXUQs-iRjwM&guid=ON&eid=659238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=4&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&ref=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&tiba=ATTN%3A%20Clean%20your%20Mac&async=1&fmt=3&cdct=2&is_vtc=1&random=3235098606&rmt_tld=1&ipr=y
Domain
www.facebook.com
URL
https://www.facebook.com/tr/?id=1593188040964422&ev=Microdata&dl=http%3A%2F%2Fapp2.greatmacsoft.pro%2Flandings%2F230%2F%3Faffid%3Dmzb_312.15194134.1513088306.30.mzb%26utm_source%3Dprpllr%26utm_medium%3Dcpa%26utm_campaign%3Dmk_prpllr_chrm_smcpa_ww_230%26utm_term%3D%26utm_content%3D%26userDefiner%3Dmzb_2706%26epayId%3D29%26landId%3D2492%26alert%3D7%26trt%3D29_317511156%26tid_ext%3D1462665%3B399523270065%26c3%3Dattn%26c4%3Dflat%2Cinst%26reqid%3Dbe009485856a823404cbb9effdafe9b0&rl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1462665&if=false&ts=1513088308490&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%22%7D&v=2.8.1&o=28
Domain
cx.atdmt.com
URL
https://cx.atdmt.com/?c=518368354778943627&f=AYw3Pebx40RCAystxWGxSlCIzeh9tubOdkqCblzL7NVA3da8tbxqhz8doLUbAcLCRPJl0nXQH2Iqg7En1Mp4KcUh&id=1593188040964422&l=3&v=0

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| $ function| jQuery object| lenTr object| alertsTranslates function| alertManagerInit object| alertManager function| removeExitPopup string| baseLink string| baseLinkPath string| baseRelUrl object| _this number| timerId string| lang_param object| dataLayer object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions string| axel number| a object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| UET

15 Cookies

Domain/Path Name / Value
.greatmacsoft.pro/ Name: _uetsid
Value: _uet76129fdd
.greatmacsoft.pro/ Name: _gat_UA-56634126-2
Value: 1
.greatmacsoft.pro/ Name: _gid
Value: GA1.2.1359108131.1513088307
.greatmacsoft.pro/ Name: trt
Value: 29_317511156
.greatmacsoft.pro/ Name: aaffss
Value: mzb_312.15194134.1513088306.30.mzb%3A1%3A20171212
.greatmacsoft.pro/ Name: globalAffid
Value: 312.15194134.1513088306.30.mzb
.greatmacsoft.pro/ Name: _ga
Value: GA1.2.1977536518.1513088307
.greatmacsoft.pro/ Name: ldrOs
Value: %22Mac+OS+X%22
.greatmacsoft.pro/ Name: ldrUaFull
Value: %7B%22os%22%3A%22Mac+OS+X%22%2C%22osVersion%22%3A%7B%22osMajor%22%3A%2210%22%2C%22osMinor%22%3A%2212%22%2C%22osPatch%22%3A%226%22%7D%2C%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%7B%22browserMajor%22%3A%2261%22%2C%22browserMinor%22%3A%220%22%2C%22browserPatch%22%3A%223163%22%7D%2C%22family%22%3A%22Chrome%22%2C%22device%22%3A%22%22%2C%22deviceMajor%22%3A%22%22%2C%22deviceMinor%22%3A%22%22%2C%22deviceVersion%22%3A%22%22%2C%22deviceFull%22%3A%22%22%2C%22isMobile%22%3A%220%22%2C%22isMobileDevice%22%3A%220%22%2C%22isTablet%22%3A%220%22%2C%22timeCreate%22%3A%221513028277%22%7D
.greatmacsoft.pro/ Name: ldrBrowser
Value: %22Chrome%22
.greatmacsoft.pro/ Name: uniqueSplitDay
Value: mzb_133406_mk_prpllr_chrm_smcpa_ww_230
.greatmacsoft.pro/ Name: userPrePay
Value: mk_prpllr_chrm_smcpa_ww_230
.greatmacsoft.pro/ Name: userDefiner
Value: mzb_2706
.doubleclick.net/ Name: IDE
Value: AHWqTUlZ4DkH_4L8vD7hLNggGPLwJPPCzs3v_53xgtl8RtkQLvA104A6_5ZIII3h
.greatmacsoft.pro/ Name: ldrBrowserLite
Value: %22Chrome%22

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ad.doubleclick.net
app2.greatmacsoft.pro
bat.bing.com
bestadbid.com
cn.mediplus-orders.jp
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greatmacsoft.pro
mt.rtmark.net
my.rtmark.net
static.mackeeper.com
www.cpm20.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
cn.mediplus-orders.jp
cx.atdmt.com
www.facebook.com
www.google.com
www.google.de
134.249.116.78
172.217.21.198
172.217.22.2
185.49.145.151
188.42.162.155
202.74.0.82
204.79.197.200
2a00:1450:4001:815::2003
2a00:1450:4001:815::200a
2a00:1450:4001:818::2008
2a00:1450:4001:818::200e
2a00:1450:4001:819::2002
2a00:1450:4001:820::2004
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.199.220.253
35.156.71.137
52.1.110.197
54.192.2.241
54.72.109.192
54.84.14.110
69.42.65.41
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f47297f4ce812055a5737d42af417073f361a3a3bda3218a87b90a97b21138
12f4322709a5325b098775ca8bc24c7f0e0bafe36d53f8d8198495ec734daee3
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
20c3a03f62737c93c2c3483b39553ace24317ae704a83af192cea4df6da1bf53
21faa44a57e0d8408a06fca53c4f87d570f7b31685ad05de1d5710f1b39759d1
265e8c321ce3dda664b1f5c5d5018026b94234f1e76fbe600545414beb6d649f
27f1fbc2fb7fca1af8043ec9042707868e85b1672272f795d88e7dc8877189f9
2aa5a86c3eeb37cf7a3f296cd0734134f165a0f4ef8070f2052adfef992069db
345b6ffa53cc44771d8eabf8d54613e7f9156aaca3d1204b63138150429e3f7e
3b1e0c77d177fa9739d9598ff108a84ff0ce4ad8aba87e8b74541ba9580b6898
3cf7e1b82e5b7475dc6b7eb4ac7c27fe328693c4ef4b6f9c2c7452deb380402e
3e8297a5746abdbafd92d58b889b5c24ab32b8500b72507cf9287ffed47e8b6b
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44e1406420fac320ea35accac2ba1958e905872598d7590f654ea1cd134a275c
45e3efc24eebb4164c2b54220491c17aa34e2d558e6bb479e1e68df6dbcc7681
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
58d7d41215008af5da0d637e8cf624ad55a8ef870d9bf4bf044a13e893c35d70
5dd68bdc6eea899ae774856b8141163804dadc5ad50dd3bd1828b12726cd15c2
60c9712a91a1542ad13892e19da2356d3edac5281ba24b967837acfc8b8f278e
62dc72e1691cc320211054ed1213f3da29a9d5ed2e654c444ac02a52fed8f5ce
65be0cb66c181d7b2d501a6594f57817f42abf23eaa8110b59b81d22414d1ab6
6d2f1a387c659db4c0769f8051a3ef5a9fce4f8c9c221f2bab58fdbb92fc54f2
6e1b84a8d64fe34f043324d917575c574afe81c4c0ccd2eb7ba9df953d1c2af9
74294d79fbfbc961aaeff370b920c79d60c9f507d39b1ab8b6744ea66f407029
778e342835ad6716012f747ef655566d55b0281473387c9c9c942a905bf16fb7
7ac4b182ab2a098930852d30e75ead75e134349740daf730ee04536577191693
7da287f4549f49aa5c1320e26550971adabdb043938b379e2fb9a4b4369b8382
877af740d27019b929c831a0074fa600b60dde4110dfecf7fd82df4213bc2ef5
8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066
8f3d0b236fff8fef77c21250362ef3ec29baa6886ce99a2932c19f06c0d5e3e6
8faa022286a6c6f9fd564ef6413207e3f0b8e0e203e15682c523aa1378968f24
96e198d319c1b6f6d3687e0e49e4a20138403c0d4b89974d0c9d6d17397f6a78
97bce68f85f0d3cbb6dda0c529283b71cbc08de780e61eab9baf84341559f4db
97dceba76fbaefbeff0816e796fccbcbbbc966c1ae2b0f1de31534e120e4279d
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c9f1d48e14e0233bcb88a2ffc47ade4d962c838584c457ea155d7cc8bd9bbd7
a39bd30d97ba02b4d38d8d4557e8171ffd8150aa76fdc7c705936ccde017b2e0
a3c44e5b87fd6abf9b175561dbc1efee4942748601a9cd2258cc93aea70e69cb
a8e5d823ba22df40ce5ab7efbcb39e67db6ce0aca4ecef497142f3597a0fdf28
af48d3c6e62e68dd76178c4da890f7b9eea7cbb53440b755aa448a559e564cc9
b05c63a25e3541fe0773f15f5d5b9ea43a4b1b4773c957bdacffbab6bcc84c46
c2113178e6fec803f9ec75cf2daea3450a40db4868f7127b59a6ba154a1f1667
ca024e1b4a86c69b79f33e6ab9afe9b9020c968a681e078a5233fd128669f0be
cdafb95451243ce55a748c4b6efb2f40b5bb13522075fd350e2467f705f3435b
dbe0a432000e9390e36c3b13f9b3ce39a6ce9ea423ddef52d73dca4203f30996
e1f244c41a11d32ede57cc0db3c2c2cf6b1cb0fc55a0bdf23130ef607ad80969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab029901ec252d3b85b20ffd7d1671e00f0b9994402c9218240729341b72dd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fb618198b824cff21ccf2fe8274d5608de2a7bed1256adc540fe22b873cc73fc
fb7f79056acbc83a6b05a8715659e13bcbe1cab64c08db05da1463c1bc8d10fb
fd4a2d56e60456b6981c61d3589b694843f24b44dd6fb6569e230d14bbf5c48d