Submitted URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term= Submission: On April 15 via manual (April 15th 2019, 1:38:07 pm)
Effective URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Submission: On April 15 via manual

Summary

This website contacted 23 IPs in 7 countries across 19 domains to perform 90 HTTP transactions.
The main IP is 54.81.148.134, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is app7.kromtech.net.
The TLS certificate was issued by Amazon on September 11th 2018 with a validity of a year.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
1 54.81.148.134 14618 (AMAZON-AES)
30 13.35.253.100 16509 (AMAZON-02)
2 172.217.21.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 188.42.160.69 35415 (WEBZILLA)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.9 60068 (CDN77)
1 34.194.106.103 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.205.43 54825 (PACKET)
1 5 2a02:6b8::1:119 13238 (YANDEX)
7 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 172.217.22.38 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 147.75.33.239 54825 (PACKET)
7 2a00:1450:400... 15169 (GOOGLE)
2 54.89.4.184 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.228.179 15169 (GOOGLE)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a03:2880:f0f... 32934 (FACEBOOK)
90 23
Domain
Subdomains
Transfer
32 mackeeper.com
805 KB
9 doubleclick.net
10 KB
7 google.com
www.google.com Failed
840 B
5 yandex.ru
88 KB
3 hotjar.com
88 KB
3 exelator.com
2 KB
3 googletagmanager.com
82 KB
2 facebook.com
553 B
2 gstatic.com
26 KB
2 facebook.net
57 KB
2 bing.com
7 KB
2 rtmark.net
1 KB
2 googleadservices.com
18 KB
2 kromtech.net
19 KB
1 atdmt.com
318 B
1 owox.com
30 B
1 google-analytics.com
17 KB
1 fonts.googleapis.com
706 B
0 google.de Failed
www.google.de Failed
0 B
90 19
Domain Requested by
30 static.mackeeper.com app7.kromtech.net
7 www.google.com app7.kromtech.net
7 googleads.g.doubleclick.net www.googleadservices.com
5 mc.yandex.ru 1 redirects app7.kromtech.net
3 www.googletagmanager.com app7.kromtech.net
2 www.facebook.com 1 redirects app7.kromtech.net
2 event.mackeeper.com app7.kromtech.net
2 fonts.gstatic.com app7.kromtech.net
2 6102726.fls.doubleclick.net 1 redirects app7.kromtech.net
2 connect.facebook.net app7.kromtech.net
connect.facebook.net
2 bat.bing.com app7.kromtech.net
2 loadus.exelator.com 2 redirects
2 my.rtmark.net app7.kromtech.net
2 www.googleadservices.com app7.kromtech.net
www.googletagmanager.com
1 cx.atdmt.com
1 google-analytics.bi.owox.com app7.kromtech.net
1 vars.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com app7.kromtech.net
1 fonts.googleapis.com app7.kromtech.net
1 assets.kromtech.net app7.kromtech.net
1 load77.exelator.com app7.kromtech.net
1 app7.kromtech.net
0 www.google.de Failed app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
app7.kromtech.net
90 25

This site contains links to these domains. Also see Links.

Domain
download.kromtech.net
mackeeper.com
Subject / Issuer Validity Valid
kromtech.net
Amazon
2018-09-11 -
2019-10-11
a year
kromtech.com
Amazon
2018-04-02 -
2019-05-02
a year
www.googleadservices.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.google-analytics.com
Google Internet Authority G3
2019-03-26 -
2019-06-18
3 months
my.rtmark.net
RapidSSL RSA CA 2018
2018-04-05 -
2019-05-05
a year
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2019-02-13 -
2019-05-14
3 months
assets.kromtech.net
Amazon
2018-06-20 -
2019-07-20
a year
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
static.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
www.bing.com
Microsoft IT TLS CA 5
2017-07-20 -
2019-07-10
2 years
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months
*.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
script.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months
www.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
mackeeper.com
Amazon
2018-09-11 -
2019-10-11
a year
vars.hotjar.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months
google-analytics.bi.owox.com
Let's Encrypt Authority X3
2019-04-09 -
2019-07-08
3 months
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2019-02-26 -
2019-05-26
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

90 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a27...
/landings/197.10
36 KB
19 KB
Document
General
Full URL
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.148.134 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-81-148-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
19d31a88857ead4a7a89ad5600794a291b50e4c72add5237bcce72a9d2828568
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/;

Request headers

:method
GET
:authority
app7.kromtech.net
:scheme
https
:path
/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 15 Apr 2019 13:39:47 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
content-security-policy
default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/;
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=cna6c0oakk1hde8483hi3g5m56; path=/
request-id
5246926f9c820db82d9477a21aace136
content-encoding
gzip
Verified jquery.min.js?mkv=1
static.mackeeper.com/landings/libs/jquery
94 KB
33 KB
Script
General
Full URL
https://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Verified resource
jquery/1.11.1/jquery.min.js at cdnjs.com, project jquery

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
W/"57164f85-1762a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, must-revalidate
x-amz-cf-id
2OrSXy8NkMoraLDxS_g27T_I0SaszL9gciCSu0WlgClsd0wYrc0G5Q==
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
expires
Wed, 08 May 2019 12:57:13 GMT
cookie.js?mkv=1
static.mackeeper.com/landings/libs/js
624 B
766 B
Script
General
Full URL
https://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
f5d702fdef5359dd9943f36608f717db1a8666613630c8a17d9dcf1d0bf704bc

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607354
etag
W/"5ae70052-270"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, must-revalidate
content-length
369
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
Jba6foLGpFNeWifMNzxK5ZTwNy4qrK2qcsmDfxkcMK0yvYo4ASGpzA==
expires
Wed, 08 May 2019 12:57:13 GMT
loclist.js?mkv=1
static.mackeeper.com/landings/libs/js
620 B
720 B
Script
General
Full URL
https://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
W/"57164f85-26c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, must-revalidate
content-length
322
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
wyBVgiQ-WLwI--Qz3IWO2B36iic0GbEiP3KK93XTfzm4NEQ4LJSX1Q==
expires
Wed, 08 May 2019 12:57:13 GMT
alerts.js?mkv=4
static.mackeeper.com/landings/libs/alert
55 KB
12 KB
Script
General
Full URL
https://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
6e52915c1977626ced58d25c08088e9d23f057769e86259fa1577056ca905764

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Thu, 04 Oct 2018 13:30:26 GMT
server
nginx
age
607354
etag
W/"5bb615f2-dbe8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, must-revalidate
content-length
12380
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
jqBDJHzJcEWPQIM4hPg1uIy2cqacvzCEQeEHyatOjmMtDO5YeoImvw==
expires
Wed, 08 May 2019 12:57:13 GMT
reset.css?mkv=1
static.mackeeper.com/landings/libs
829 B
863 B
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/reset.css?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e1bac7cd8e0ee2b6372f871a9c88654bb9d9a10b4e0ce73b462b20f6848b96e1

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607354
etag
W/"5ae70052-33d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=2592000, must-revalidate
content-length
475
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
ZvSxBm0XXCw3ZDnMRwVJaHNtL69Z_VTGePeiIXxaIihFd2IFWeYMFA==
expires
Wed, 08 May 2019 12:57:13 GMT
style.min.css?mkv=1
static.mackeeper.com/landings/197.10/css
23 KB
7 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
948297f95044a8c82d425cffa9ca1cf10f90cbe546fbc83b0dce3b1d0ffe572c

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 13:01:38 GMT
content-encoding
gzip
last-modified
Mon, 08 Apr 2019 12:53:22 GMT
server
nginx
age
607089
etag
W/"5cab4442-5ddb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=2592000, must-revalidate
content-length
6751
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
L0qvs1Na5Gyp2ABLk2iW1R3kfzlBsDJ5513m2fZMEuFGXepvMWn40w==
expires
Wed, 08 May 2019 13:01:38 GMT
proximanova-semibold.otf?q=2&mkv=1
static.mackeeper.com/landings/libs/fonts
166 KB
167 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/fonts/proximanova-semibold.otf?q=2&mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
c3464282792703bd57a0210d84ccea17c78820d5a129bd5a9e6957dbad9996de

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
"57164f85-298b0"
x-cache
Hit from cloudfront
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
170160
x-amz-cf-id
-7glCnKx9lusTHU05DCcixYW_qMLf82JiTvd_04NYXNiPSbwb9RXBw==
expires
Wed, 08 May 2019 12:57:13 GMT
proximanova-bold.otf?q=2&mkv=1
static.mackeeper.com/landings/libs/fonts
167 KB
168 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/fonts/proximanova-bold.otf?q=2&mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
858059885397fe54122dd48ee98ac071478376231d8334b5f15f991183a9d480

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
"57164f85-29c64"
x-cache
Hit from cloudfront
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
171108
x-amz-cf-id
srr7QwWh6Js_9q3StZAQ2oUQi02zV1t8JuttrNM5AsrRta_F4g8q9g==
expires
Wed, 08 May 2019 12:57:13 GMT
proximanova-light.otf?q=2&mkv=1
static.mackeeper.com/landings/libs/fonts
163 KB
164 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/fonts/proximanova-light.otf?q=2&mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
c123a265d32a128b971400b2441317b4bdfb1031338aa1b4b931b65d1c316975

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
"57164f85-28c44"
x-cache
Hit from cloudfront
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
166980
x-amz-cf-id
xgb9XxZ1TmMBJSFSRN7rCQ9Cc9hvnxaeyS15gewdTL-wCcxAtbg7iA==
expires
Wed, 08 May 2019 12:57:13 GMT
proximanova-regular.otf?q=2&mkv=1
static.mackeeper.com/landings/libs/fonts
162 KB
163 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/fonts/proximanova-regular.otf?q=2&mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
7241611bd00236517d175753868e4cb8bd795c63842cba7c508dd4cbef26577e

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Apr 2016 15:32:21 GMT
server
nginx
age
607354
etag
"57164f85-289b8"
x-cache
Hit from cloudfront
content-type
application/octet-stream
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
166328
x-amz-cf-id
FJzNIFWq1rjQaLgEkB0wwJdGVAkAGMJUMu6PZB20bXqP4FeycSdNGQ==
expires
Wed, 08 May 2019 12:57:13 GMT
Adblocked conversion.js
www.googleadservices.com/pagead
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1b4db5f8870f0aaeb13d48cc04ddecaf0eafadbd1ef23503b2098821b4643d6c
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
9238
x-xss-protection
0
server
cafe
etag
10956419951226987826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked js?id=AW-854379023
www.googletagmanager.com/gtag
63 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-854379023
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
ab294c54d94bb00c1d242e19b7bd3a1d98a996f489ab48d63cbebea7e1fd6d3a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
br
last-modified
Thu, 11 Apr 2019 22:27:45 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24712
x-xss-protection
0
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked js?id=DC-6102726
www.googletagmanager.com/gtag
63 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6102726
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
a401e7fe3a91075f86392225643c900352816135a6ca42c0fca40a94b60bbee5
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
br
last-modified
Thu, 11 Apr 2019 22:27:45 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24709
x-xss-protection
0
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked p.js?f=sync&lr=1&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c
my.rtmark.net
709 B
951 B
Script
General
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.69 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
00fcb0b991992d5fb75abe0b701dee80fcaa93efc07908b7f8faea348cf7d01e
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:39:47 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/javascript
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
709
style.min.css?mkv=1
static.mackeeper.com/landings/libs/adBlockRequestPopup/css
2 KB
1 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
038c7ab1f9c4b857d66552feb948f1959b4a3ed9ec489e7ea4f2b6ce071c2762

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:15 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 09:39:10 GMT
server
nginx
age
607352
etag
W/"5b7e80be-85a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=2592000, must-revalidate
content-length
666
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
zB_Qo25GA3M7TzDEUP_ii-Z1PBEodLY8rGRLcubkMtLnKvv190Z4-w==
expires
Wed, 08 May 2019 12:57:15 GMT
style.min.css?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/css
9 KB
2 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/css/style.min.css?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
4654259808ec1bef83e503bf53f2364e88600b01ff8830f7f87bcb96c2d42c68

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Tue, 17 Jul 2018 16:58:39 GMT
server
nginx
age
607354
etag
W/"5b4e203f-24ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=2592000, must-revalidate
content-length
1320
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
NT6ABl1C-wvGPcRudsUzSGbowZpI7DptjhJi9bFNqXemPGR3RAj2tA==
expires
Wed, 08 May 2019 12:57:13 GMT
Safari-step1.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
7 KB
8 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Safari-step1.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
d389df87a8c1b7582d4aab888d89bdcaed2057f830762fc8c126519e45dd6a45

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607354
etag
"5ae70052-1df2"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
7666
x-amz-cf-id
gImwxhDYnrdKRoIKHBYEeUWjkcLDqpN6ZBW4rN70UAnQnrBDNrg52w==
expires
Wed, 08 May 2019 12:57:13 GMT
Safari-step2_en.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
7 KB
7 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Safari-step2_en.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
06f008e286a0c471efbf39ac648903c7809280f5e96529d97f8d3b4b93983400

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:15 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607352
etag
"5ae70052-1bac"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
7084
x-amz-cf-id
u550b8xk7lxbt13I3fAUqElIN03UasoXWacqWYnf-TTk4XZ7Jtyogw==
expires
Wed, 08 May 2019 12:57:15 GMT
Chrome-step3_en.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
12 KB
12 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step3_en.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
41d2ff93e89bc96ae37fd850c59d0f3a3acddf2f7352a7e6898ab6519293809e

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:15 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607352
etag
"5ae70052-2fbc"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
12220
x-amz-cf-id
3P8iRRy9iNof62ElallehtQ-9BnHKRSGmsbxH92bJDGeRCB0mmgchQ==
expires
Wed, 08 May 2019 12:57:15 GMT
arrow.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
2 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/arrow.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
c91a11db90c88ada7769de314d26ce6dbdca5b88b8fd8d8cee5e4a4997eaa252

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:14 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607353
etag
"5ae70052-7e9"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
2025
x-amz-cf-id
LxdC_apVdtYST0qGnHBGOBCblVwuFf1eiLTJLk8E48rba10y6C7hzg==
expires
Wed, 08 May 2019 12:57:14 GMT
Chrome-step1.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
8 KB
9 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step1.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
21144da6e8e3a03e7c373709bb6fb48e2b02a9992cb6b30765d0baedd10b3aa3

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607354
etag
"5ae70052-216b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
8555
x-amz-cf-id
OZpDPqUryqObDxMNuMvhgy7nIOCLnOt0eK7AknSiDcn2oX0eTRItHA==
expires
Wed, 08 May 2019 12:57:13 GMT
Chrome-step2_en.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
9 KB
9 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step2_en.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
2ebfe2a635f472aad6ff68681344078dbf39e1e0a053872b3223bbdfb3cee997

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:15 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607352
etag
"5ae70052-23e6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
9190
x-amz-cf-id
SeLSDXUWjlnlDPrK09VYm34PJGgNFQ8cqK3uoLzgb4FTdh4yzKLv2g==
expires
Wed, 08 May 2019 12:57:15 GMT
Firefox-step2.png?mkv=1
static.mackeeper.com/landings/libs/nev-overlay/img/overlay
3 KB
3 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Firefox-step2.png?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
087407c3ee83285deb13dbeb3357c7baca32f94a5213a00bd6d80f0876d0ae76

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:12 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:58 GMT
server
nginx
age
607354
etag
"5ae70052-c79"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
3193
x-amz-cf-id
WN2ClsX4NpJzk2PGjpnzyd0ijetr4oA11Ivwfbt16yzKminJ4y7sXQ==
expires
Wed, 08 May 2019 12:57:12 GMT
style.min.css?mkv=1
static.mackeeper.com/landings/libs/gdpr-banner/css
5 KB
3 KB
Stylesheet
General
Full URL
https://static.mackeeper.com/landings/libs/gdpr-banner/css/style.min.css?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
88e373998f56992943631a24da394032facf6d6069e0bc07cc4a2ca69b468bb7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Thu, 31 May 2018 13:55:45 GMT
server
nginx
age
607354
etag
W/"5b0ffee1-13b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=2592000, must-revalidate
content-length
2184
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
v_z28JWRKnZ8Xzkzd-VnBIAB1VJMRU5NTA9bZlyvK69HkiZfJTGzIA==
expires
Wed, 08 May 2019 12:57:13 GMT
script.js?mkv=1
static.mackeeper.com/landings/libs/gdpr-banner
2 KB
1 KB
Script
General
Full URL
https://static.mackeeper.com/landings/libs/gdpr-banner/script.js?mkv=1
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
461fb78cfcc8d2070bf3f14f94e7cc1b66c151f2f6d9124bf185dcd84981a4e4

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
content-encoding
gzip
last-modified
Fri, 12 Oct 2018 07:21:08 GMT
server
nginx
age
607354
etag
W/"5bc04b64-701"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2592000, must-revalidate
content-length
685
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id
za0CwTPbGLC7iZaKtBh2mma_ZrIu1R0lSyanVayTitak5N0ituNO3A==
expires
Wed, 08 May 2019 12:57:13 GMT
Verified Adblocked pixel.gif
load77.exelator.com
Redirect Chain
  • https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0
  • https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
271 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.9 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-2.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Verified resource
extjs/3.4.1-1/resources/images/default/s.gif at cdnjs.com, project extjs
extjs/3.4.1-1/resources/images/gray/s.gif at cdnjs.com, project extjs
extjs/3.4.1-1/resources/images/yourtheme/s.gif at cdnjs.com, project extjs
extjs/3.4.1-1/resources/images/vista/s.gif at cdnjs.com, project extjs
extjs/4.2.1/resources/ext-theme-gray/images/tree/s.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
195.181.175.2
x-age
82163
accept-ranges
bytes
content-length
43

Redirect headers

date
Mon, 15 Apr 2019 13:39:47 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Verified pae?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&productId=29&advertisingType=mzb_2754&tid=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&geo=DE&name=View&lid=2346&r...
assets.kromtech.net
43 B
146 B
Image
General
Full URL
https://assets.kromtech.net/pae?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&productId=29&advertisingType=mzb_2754&tid=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&geo=DE&name=View&lid=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.103 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-194-106-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Verified resource
fancybox/2.1.5/blank.gif at cdnjs.com, project fancybox

Request headers

:path
/pae?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&productId=29&advertisingType=mzb_2754&tid=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&geo=DE&name=View&lid=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
assets.kromtech.net
referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
:scheme
https
:method
GET
Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 15 Apr 2019 13:39:47 GMT
server
nginx
content-length
43
access-control-allow-methods
GET
content-type
image/gif
css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
fonts.googleapis.com
5 KB
706 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8a5c9a820e5660585a358240bc90962a9c252a0968912889cffd2637c2661ca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Apr 2019 13:39:47 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Apr 2019 13:39:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked gtm.js?id=GTM-KSH3PK
www.googletagmanager.com
232 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
73ffaa1fc346259f6c5d6faaf6dcffaa4e9901ff8cb129023b52e04ac274f8e9
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
br
last-modified
Thu, 11 Apr 2019 22:27:45 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
33815
x-xss-protection
0
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked hotjar-190488.js?sv=5
static.hotjar.com/c
7 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-190488.js?sv=5
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.43 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-31
Software
openresty /
Resource Hash
af38052ba74c1ccf006c03976b901979057ce0f5eb421c5bcdf49145207d9cbb
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
61
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1844
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/c89f18af85ea68721e6a299c7084ac17
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.018
accept-ranges
bytes
section-io-id
38bbb7d263302d750be00e1b5e733c7f
Adblocked tag.js
mc.yandex.ru/metrika
331 KB
85 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f13ecc987c94d8b382383a34c1d5247fcc41e29cc63cbebf17757240fc40f956
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:39:47 GMT
Content-Encoding
br
Last-Modified
Sat, 13 Apr 2019 12:26:28 GMT
Server
nginx/1.12.2
ETag
"5cb1d574-153f6"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
87030
Expires
Mon, 15 Apr 2019 14:39:47 GMT
Adblocked ?random=1555335587338&cv=9&fst=1555335587338&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http...
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1555335587338&cv=9&fst=1555335587338&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e68f1ae15e49bcd37f4b950185a083aedb8fdfd7df1ec463b9e438bf02bf4d28
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked bat.js
bat.bing.com
22 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2019 01:08:18 GMT
x-msedge-ref
Ref A: D00A5CBDEBAA4B7FA674CF94ADEFAD3B Ref B: VIEEDGE0711 Ref C: 2019-04-15T13:39:47Z
access-control-allow-origin
*
etag
"0ed1a6a4bd5d41:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7002
Adblocked fbevents.js
connect.facebook.net/en_US
53 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
q9BcUnKQzwB66Srw54xCrf9Gu0wo6l2DfNpmA8iry3JnfC/hkdj0znT6mdlyrNEKZ2Wn0g1i3O8HSYRbSPOEiA==
date
Mon, 15 Apr 2019 13:39:47 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked activityi;dc_pre=CNiUxsmc0uECFcsGiwodra4JRQ;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08;u4=197.10;u12=b4c9f6...
6102726.fls.doubleclick.net
Redirect Chain
  • https://6102726.fls.doubleclick.net/activityi;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08;u4=197.10;u12=b4c9...
  • https://6102726.fls.doubleclick.net/activityi;dc_pre=CNiUxsmc0uECFcsGiwodra4JRQ;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3d...
0
0
Document
General
Full URL
https://6102726.fls.doubleclick.net/activityi;dc_pre=CNiUxsmc0uECFcsGiwodra4JRQ;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08;u4=197.10;u12=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8956988938864.475?
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f38.1e100.net
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6102726.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNiUxsmc0uECFcsGiwodra4JRQ;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08;u4=197.10;u12=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8956988938864.475?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 15 Apr 2019 13:39:47 GMT
expires
Mon, 15 Apr 2019 13:39:47 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
432
x-xss-protection
0
set-cookie
IDE=AHWqTUm9oYAOSu6b9kj2IQruDJgpPUAwMCWwPUIcuaZQZgz5Fb5QDKsWtCoo0JLq; expires=Sat, 09-May-2020 13:39:47 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 15 Apr 2019 13:39:47 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6102726.fls.doubleclick.net/activityi;dc_pre=CNiUxsmc0uECFcsGiwodra4JRQ;src=6102726;type=landi0;cat=index0;u1=mzb_2754;u2=DE;u3=mk_rvnwr_cpi_t2_19710;PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08;u4=197.10;u12=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8956988938864.475?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:54:47 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
data:truncated
data:truncated
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c6bf7b18059ebd4a4bce2fd2b809f28cab9e23d4ba1a5b0c2f8fab0330b6e44

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo.png
static.mackeeper.com/landings/197.10/img
1 KB
1 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/logo.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e7bfd14c1e5ca18ae420544966e3c61bca2acecbb4f2283bed54606c8875274d

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:16 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607351
etag
"5ae70051-436"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1078
x-amz-cf-id
Herqz9v96k6aKa6uQoHyqrwt-1W_pw9WLcQaToTR0ePAIBJSLXpHnQ==
expires
Wed, 08 May 2019 12:57:16 GMT
mac__pink.png
static.mackeeper.com/landings/197.10/img
10 KB
10 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/mac__pink.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
2ac47132b6c3aeb7ba9074c0c5643833ab677f4ac0bd886323b05e0bb3189381

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-2756"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
10070
x-amz-cf-id
DcBXh1y08nBoOYEp1DFLYCplZXEIudsWuNo1V8-Es3iLg_a7IfJRVA==
expires
Wed, 08 May 2019 12:57:09 GMT
btn-arrow.png
static.mackeeper.com/landings/197.10/img
2 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/btn-arrow.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
285d345de8083848a3108363f76747a5d93982f619a14fb246395afbd78c979b

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-73c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1852
x-amz-cf-id
RPnGVg0UoWkqP_G1JEt4IHSZIpQfSKFkpyNXXALlvtXxpzsTnfYQYw==
expires
Wed, 08 May 2019 12:57:09 GMT
stars.png
static.mackeeper.com/landings/197.10/img
2 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/stars.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
63229f6a14bbe4aebe109afa0cdf0d46123ac03d150aced22edc5ce6c3eace7c

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-67f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1663
x-amz-cf-id
rcP8ohRMlt_-eeLnHi5ixvvLaCe_ubLlBkZMjhdpZvoHQnP7A0j1Sg==
expires
Wed, 08 May 2019 12:57:09 GMT
mac__mint.png
static.mackeeper.com/landings/197.10/img
9 KB
9 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/mac__mint.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
bdf82bc70aca5f83bdcd5ec5f2c668c460a9777df489e621c6214bc8fee04f30

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-22d7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
8919
x-amz-cf-id
2hvd6QMLCzFAvL6mAk-38RuDZILEg3hH9G2w7z7F1i07FJeJqk4GdA==
expires
Wed, 08 May 2019 12:57:09 GMT
sprite__step-icon.png
static.mackeeper.com/landings/197.10/img
2 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/sprite__step-icon.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
337b857b9e7ebd6fb3e0630fc96831260ebab97e6c6b2105785e97e156a7b0d2

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-743"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1859
x-amz-cf-id
XvwM_gCouyBXQL-Jh-XrQFF1PX3Jzm33TP53aI6gK9YFDmzjdJUVJg==
expires
Wed, 08 May 2019 12:57:09 GMT
step-arrow.png
static.mackeeper.com/landings/197.10/img
445 B
813 B
Image
General
Full URL
https://static.mackeeper.com/landings/197.10/img/step-arrow.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
538da36a373827459e4883502403c5300252c08210a6bd1876d31c27b638f223

Request headers

Referer
https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:09 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Mon, 30 Apr 2018 11:38:57 GMT
server
nginx
age
607358
etag
"5ae70051-1bd"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
445
x-amz-cf-id
C136hvoKhJZ2qPQXYtVKdyWJW4VwVC3UhceRVMOPYSs-5V-yneCzzg==
expires
Wed, 08 May 2019 12:57:09 GMT
i.png
static.mackeeper.com/landings/libs/adBlockRequestPopup/img
1 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/adBlockRequestPopup/img/i.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
d6e32667cdd39707c4f305fe54b9db929a353c4deb44e7c1627d34e92882e9db

Request headers

Referer
https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:15 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 14:28:05 GMT
server
nginx
age
607352
etag
"5b0eb4f5-586"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1414
x-amz-cf-id
5ok9dU7LDP_BLsRSI3SH4HcfiEE1bpCnAIJah07z-SbFYFunuHCcEg==
expires
Wed, 08 May 2019 12:57:15 GMT
x.png
static.mackeeper.com/landings/libs/adBlockRequestPopup/img
1 KB
2 KB
Image
General
Full URL
https://static.mackeeper.com/landings/libs/adBlockRequestPopup/img/x.png
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-100.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
03cf4dc4c261e12d1053f15edffc3cd5340751508cde5456e1481bd5d15f74b8

Request headers

Referer
https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 08 Apr 2019 12:57:13 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 14:28:05 GMT
server
nginx
age
607354
etag
"5b0eb4f5-5e0"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1504
x-amz-cf-id
g0Dwmt9fHFxsY4BUDlnesVjk0vxS0y7hSUB5PSVf1eEsSuwNdEF9Kg==
expires
Wed, 08 May 2019 12:57:13 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v12
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
Origin
https://app7.kromtech.net

Response headers

date
Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:11:07 GMT
server
sffe
age
1790415
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:32 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v12
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
Origin
https://app7.kromtech.net

Response headers

date
Mon, 25 Mar 2019 20:19:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:10:34 GMT
server
sffe
age
1790414
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13108
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:33 GMT
Adblocked conversion_async.js
www.googleadservices.com/pagead
23 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-854379023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6f023a6ff39f91547bad71637e127374fdcbdeab0ab4a1c102e6251f90e4369b
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8844
x-xss-protection
0
server
cafe
etag
16103572366717130859
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:39:47 GMT
Adblocked 1593188040964422?v=2.8.47&r=stable
connect.facebook.net/signals/config
174 KB
42 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1593188040964422?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7b2105b0ff0beeb8fe979b33dcc7e684adfed44185b3a24f01cb4c1b5bc302ae
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
42745
x-xss-protection
0
pragma
public
x-fb-debug
iOunoa3ObyZMq0RkZnTXsiLGwOjJeCTEawuNZ59iEau+IbqvGiUHmCAwjFJdNe1nYNlouKDXi3Up35jmntBVQg==
date
Mon, 15 Apr 2019 13:39:47 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked modules.ea087be38ca3d9764b1a.js
script.hotjar.com
414 KB
86 KB
Script
General
Full URL
https://script.hotjar.com/modules.ea087be38ca3d9764b1a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-190488.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
/
Resource Hash
701a8ebd83f17c314a51d721284670531d9e880f371fa619d128c883cd9b0dd9
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2019 13:14:23 GMT
access-control-allow-origin
*
etag
W/"17507aff29104de01dcbec2a79115ce2"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.072
section-io-origin-status
200
accept-ranges
bytes
section-io-id
b026c57c772be5e5e262fe751565f4f6
content-length
87481
Adblocked ?random=1555335587338&cv=9&fst=1555333200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtec...
www.google.com/pagead/1p-user-list/854379023
42 B
120 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/854379023/?random=1555335587338&cv=9&fst=1555333200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&fmt=3&cdct=2&is_vtc=1&random=364207292&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?random=1555335587338&cv=9&fst=1555333200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtec...
www.google.de/pagead/1p-user-list/854379023
0
0

Adblocked 0?ti=4019963&Ver=2&mid=6515ac96-ee48-439c-9a87-9a4adcac8f7f&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b...
bat.bing.com/action
0
136 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4019963&Ver=2&mid=6515ac96-ee48-439c-9a87-9a4adcac8f7f&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&r=&evt=pageLoad&msclkid=N&rn=265055
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 11CC2BF16AEC4EFFA755FA0175FFFFEB Ref B: VIEEDGE0711 Ref C: 2019-04-15T13:39:47Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Verified Adblocked img.gif?f=sync&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c&ttl=&rurl=
my.rtmark.net
43 B
366 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c&ttl=&rurl=
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.69 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Verified resource
diva.js/3.1.0/img/blank.gif at cdnjs.com, project diva.js
extjs/4.2.1/resources/ext-theme-gray/images/grid/grid3-rowheader.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:39:47 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
image/gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
event.php?step=Landing_Loaded&substep=Hit&uniqid=554281327d73ed84177ba11378481656&affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&bundleid=29_45121156&prodid=29&response=json&payload=%7B%22partner%2...
event.mackeeper.com
0
0
Document
General
Full URL
https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&uniqid=554281327d73ed84177ba11378481656&affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&bundleid=29_45121156&prodid=29&response=json&payload=%7B%22partner%22%3A%22mzb_2754%22%2C%22landing_name%22%3A%22197.10%22%7D&session=cna6c0oakk1hde8483hi3g5m56&time=1555335587585
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.4.184 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-89-4-184.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
event.mackeeper.com
:scheme
https
:path
/event.php?step=Landing_Loaded&substep=Hit&uniqid=554281327d73ed84177ba11378481656&affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&bundleid=29_45121156&prodid=29&response=json&payload=%7B%22partner%22%3A%22mzb_2754%22%2C%22landing_name%22%3A%22197.10%22%7D&session=cna6c0oakk1hde8483hi3g5m56&time=1555335587585
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)

Response headers

status
409
date
Mon, 15 Apr 2019 13:39:47 GMT
content-length
0
data:truncated
data:truncated
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a520b55a223a4a0d55bd7842f1dbb6075a31926b3f52ea3c5f2490cd37c0ed34

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016...
mc.yandex.ru/watch/50559844
Redirect Chain
  • https://mc.yandex.ru/watch/50559844?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db5...
  • https://mc.yandex.ru/watch/50559844/1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3D...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/50559844/1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520%28April%252015th%25202019%2C%25201%3A38%3A07%2520pm%29&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555335586730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190415133947%3Aet%3A1555335588%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A512739692%3Ahid%3A855785420%3Ads%3A28%2C219%2C218%2C86%2C0%2C0%2C0%2C378%2C6%2C%2C%2C%2C851%3Afp%3A739%3Awn%3A6701%3Ahl%3A2%3Agdpr%3A14%3Av%3A1532%3Awv%3A2%3Ast%3A1555335588%3Au%3A1555335588787564615%3At%3AMacKeeper
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Apr 2019 13:39:47 GMT
Last-Modified
Mon, 15-Apr-2019 13:39:47 GMT
Server
nginx/1.12.2
Location
/watch/50559844/1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520%28April%252015th%25202019%2C%25201%3A38%3A07%2520pm%29&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555335586730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190415133947%3Aet%3A1555335588%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A512739692%3Ahid%3A855785420%3Ads%3A28%2C219%2C218%2C86%2C0%2C0%2C0%2C378%2C6%2C%2C%2C%2C851%3Afp%3A739%3Awn%3A6701%3Ahl%3A2%3Agdpr%3A14%3Av%3A1532%3Awv%3A2%3Ast%3A1555335588%3Au%3A1555335588787564615%3At%3AMacKeeper
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://app7.kromtech.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Apr-2019 13:39:47 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Apr 2019 13:39:47 GMT
Last-Modified
Mon, 15-Apr-2019 13:39:47 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
https://app7.kromtech.net
Strict-Transport-Security
max-age=31536000
Location
/watch/50559844/1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520%28April%252015th%25202019%2C%25201%3A38%3A07%2520pm%29&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555335586730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190415133947%3Aet%3A1555335588%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A512739692%3Ahid%3A855785420%3Ads%3A28%2C219%2C218%2C86%2C0%2C0%2C0%2C378%2C6%2C%2C%2C%2C851%3Afp%3A739%3Awn%3A6701%3Ahl%3A2%3Agdpr%3A14%3Av%3A1532%3Awv%3A2%3Ast%3A1555335588%3Au%3A1555335588787564615%3At%3AMacKeeper
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Apr-2019 13:39:47 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
440
date
Mon, 15 Apr 2019 13:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 15 Apr 2019 15:32:27 GMT
Adblocked box-d743cafc9d1fb7eed204caa92025802f.html
vars.hotjar.com
0
0
Document
General
Full URL
https://vars.hotjar.com/box-d743cafc9d1fb7eed204caa92025802f.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-190488.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
/
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-d743cafc9d1fb7eed204caa92025802f.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)

Response headers

status
200
date
Mon, 15 Apr 2019 13:39:47 GMT
content-type
text/html
content-length
964
cache-control
max-age=31536000
last-modified
Fri, 29 Mar 2019 12:28:03 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.039
etag
W/"d743cafc9d1fb7eed204caa92025802f"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
30b55eb538faa89f688411a13ee98600
Verified Adblocked advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:39:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Mon, 15 Apr 2019 14:39:47 GMT
Adblocked 1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016...
mc.yandex.ru/watch/50559844
152 B
705 B
XHR
General
Full URL
https://mc.yandex.ru/watch/50559844/1?wmode=7&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520%28April%252015th%25202019%2C%25201%3A38%3A07%2520pm%29&charset=utf-8&browser-info=ti%3A10%3Ans%3A1555335586730%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190415133947%3Aet%3A1555335588%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A512739692%3Ahid%3A855785420%3Ads%3A28%2C219%2C218%2C86%2C0%2C0%2C0%2C378%2C6%2C%2C%2C%2C851%3Afp%3A739%3Awn%3A6701%3Ahl%3A2%3Agdpr%3A14%3Av%3A1532%3Awv%3A2%3Ast%3A1555335588%3Au%3A1555335588787564615%3At%3AMacKeeper
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2acc7e0d3c3a57167b115db0e5fa29f42a96c66ce9b288c80f2959bd4a2222f2
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Origin
https://app7.kromtech.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 15 Apr 2019 13:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 15-Apr-2019 13:39:47 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://app7.kromtech.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 15-Apr-2019 13:39:47 GMT
Adblocked ?random=1555335587921&cv=9&fst=1555335587921&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1555335587921&cv=9&fst=1555335587921&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c313d896402bd7052f91aa8ba86a01e72418e6849c4cc9b4d3beade49400bef1
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?random=1555335587927&cv=9&fst=1555335587927&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1555335587927&cv=9&fst=1555335587927&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
85c9e851be8db80acf221c2ef692e7ee1e337223ab4bf92bfb77658ac5a56ea1
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?random=1555335587928&cv=9&fst=1555335587928&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1555335587928&cv=9&fst=1555335587928&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e38418850d0fbaed625df811682aa68a8496af0a4ae656c01d8adc634ba9835b
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1278
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?random=1555335587929&cv=9&fst=1555335587929&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/787486911
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787486911/?random=1555335587929&cv=9&fst=1555335587929&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
858b42b16fb1a8bc10df4fa9d43402e752d5fab05aeca401ef987319415991e6
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1278
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?random=1555335587930&cv=9&fst=1555335587930&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1555335587930&cv=9&fst=1555335587930&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
4da59037bf4afb7670621173486910f91ab5fef05ac5bf6b0b34038a10507823
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?random=1555335587931&cv=9&fst=1555335587931&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&s...
googleads.g.doubleclick.net/pagead/viewthroughconversion/780563185
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780563185/?random=1555335587931&cv=9&fst=1555335587931&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
24e4241f9d6e997c3ac3ccaf9f97e08fe361ad2c169f7f42fe34fadc8ebf2583
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1280
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?random=1555335587929&cv=9&fst=1555333200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=even...
www.google.com/pagead/1p-user-list/803067473
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803067473/?random=1555335587929&cv=9&fst=1555335587929&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/803067473/?random=1555335587929&cv=9&fst=1555333200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
0
0

ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=2009856331.1555335588&jid=458276631&_v=j73&z=514791785
www.google.com/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1839694041&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26ale...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=2009856331.1555335588&jid=458276631&_gid=2003525418.1555335588&gjid=1783071801&_v=j73&z=514791785
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=2009856331.1555335588&jid=458276631&_v=j73&z=514791785
0
0

ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-6&cid=2009856331.1555335588&jid=77717995&_v=j73&z=766389288
www.google.com/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1839694041&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26ale...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-6&cid=2009856331.1555335588&jid=77717995&_gid=2003525418.1555335588&gjid=1333339203&_v=j73&z=766389288
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-6&cid=2009856331.1555335588&jid=77717995&_v=j73&z=766389288
0
0

ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=2009856331.1555335588&jid=3876248&_v=j73&z=384416745
www.google.com/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1839694041&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dp=%2Flandings%2F197.10%2F&ul=en-us&de=UTF-8&dt=MacKeepe...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-22&cid=2009856331.1555335588&jid=3876248&_gid=2003525418.1555335588&gjid=31083677&_v=j73&z=384416745
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=2009856331.1555335588&jid=3876248&_v=j73&z=384416745
0
0

Adblocked collect?v=1&_v=j73&a=1839694041&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dp=%2Flandings%2F197.10%2F&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x12...
google-analytics.bi.owox.com
30 B
30 B
Image
General
Full URL
https://google-analytics.bi.owox.com/collect?v=1&_v=j73&a=1839694041&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dp=%2Flandings%2F197.10%2F&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGHACEABB~&jid=3876248&gjid=31083677&cid=2009856331.1555335588&tid=UA-56634126-22&_gid=2003525418.1555335588&_r=1&gtm=2wg430KSH3PK&cd5=2009856331.1555335588_1555335587966&z=384416745
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.228.179 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:48 GMT
via
1.1 google
server
openresty
access-control-allow-origin
*
content-type
application/octet-stream
status
200
owoxcode
403
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
Adblocked ?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-...
www.facebook.com/tr
44 B
245 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&rl=&if=false&ts=1555335588035&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1555335588030.1496394057&it=1555335587568&coo=false&rqm=GET
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:39:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 15 Apr 2019 13:39:48 GMT
Adblocked ?random=1555335587930&cv=9&fst=1555333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgt...
www.google.com/pagead/1p-user-list/957119846
42 B
120 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/957119846/?random=1555335587930&cv=9&fst=1555333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3Db4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb%26alert%3D44%26epayId%3D29%26guid%3Db53dfdfa-5f83-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cb48941-a3586a6092cb4bec20ae0bac%26tid_ext%3DPoioneerClick%3Be1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08%26trt%3D29_45121156%26userDefiner%3Dmzb_2754%26utm_campaign%3Dmk_rvnwr_cpi_t2_19710%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%2520%2520Submission%3A%2520On%2520April%252015%2520via%2520manual%2520(April%252015th%25202019%2C%25201%3A38%3A07%2520pm)&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=3143328029&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app7.kromtech.net
URL: https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app7.kromtech.net/landings/197.10/?affid=b4c9f680-5f83-11e9-8b7f-7b49df18a000-mzb&alert=44&epayId=29&guid=b53dfdfa-5f83-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cb48941-a3586a6092cb4bec20ae0bac&tid_ext=PoioneerClick;e1a8a2738a7bf51ab77d8cd3db0c9b79679a5b08&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_19710&utm_content=&utm_medium=&utm_source=&utm_term=%20%20Submission:%20On%20April%2015%20via%20manual%20(April%2015th%202019,%201:38:07%20pm)
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:39:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?random=1555335587930&cv=9&fst=1555333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgt...
www.google.de/pagead/1p-user-list/957119846
0
0

Adblocked ?random=1555335587929&cv=9&fst=1555333200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa430&sendb=1&data=event%3Dgt...
www.google.com/pagead/1p-user-list/787486911
42 B
120 B
Image