app7.kromtech.net Open in urlscan Pro
52.201.134.21  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://bisnisonlineluarbiasa.com/ Page URL
2. http://fedegok.tk/index/?5731550755135 HTTP 302
   http://rintointhensin.icu/?u=h2xkd0x&o=lxkgnum&t=808 HTTP 302
   http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Page URL
   
3. http://sweeps3869.funysmile21.life/web/ HTTP 302
   http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz705K3RQWPAroWfEWx50SBK4isbamzRIz20BeZ8i6QieOA52bAIm%2fNXMbGAuzXDc0VmQ%3d HTTP 302
   http://realcenter-mobileapps2.com/away.php Page URL
   
4. https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 Page URL
5. https://best.prizedeal32.info/?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 Page URL
6. https://best.prizedeal32.info/proc.php?0615a4e03080e26ed97463f9148be2d4ea107dd6 HTTP 302
   https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 Page URL
   
7. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314&m=rd12l61XrG9XlsmcBR1sUsL.EUvHTgRLgWecP0f4G5CJ553.P03A553cPleN5KeP5wZJ53APBu9zmRr6dpei_xAi_LfCWWVrB-9IB-1zBRrTj03N8ULBEGP Page URL
8. https://up.trkgenius.com/out.php?v=dcf03f57748351ce6791d99815772d25 HTTP 302
   https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx Page URL
   
9. http://popcash.net/world/go/216668/462082 HTTP 301
   http://ps.popcash.net/go/216668/462082 Page URL
   
10. http://ps.popcash.net/ad/ad?p=216668&w=462082&t=d9010ea7b46aa9f9&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    http://xml.poprtb.pro/click?i=MbCYOUpB7CQ_0 HTTP 302
    https://feed1.50million.club/feed/offer/508bde63-838a-11e9-8cfd-abc59f5adda9 HTTP 302
    https://kromtech.net/link/f4fb68a2-1d7e-11e9-a958-127369ec21d1&tid_ext=edaadf27;185.151.58.117 HTTP 302
    https://assets.kromtech.net/lnd?back=aHR0cHM6Ly9rcm9tdGVjaC5uZXQvbGluay9mNGZiNjhhMi0xZDdlLTExZTktYTk1OC0xMjczNjllYzIxZDEmdGlkX2V4dD1lZGFhZGYyNzsxODUuMTUxLjU4LjExNyZyZXFpZD1Sb290PTEtNWNmMGZhM2UtYTc5ZjVkN2VmMDQ0YmU0Y2RkMmJiOGJh&reqid=Root%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&sign=cdded0a430ad9cdb8704ff68ef5b9aed467c548d HTTP 302
    https://kromtech.net/link/f4fb68a2-1d7e-11e9-a958-127369ec21d1&tid_ext=edaadf27;185.151.58.117&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&guid=53acd008-838a-11e9-bfed-0e44482e0016&adb=0 HTTP 302
    https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Page URL
    

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

• http://fedegok.tk/index/?5731550755135 HTTP 302
• http://rintointhensin.icu/?u=h2xkd0x&o=lxkgnum&t=808 HTTP 302
• http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1

Request Chain 28

• http://sweeps3869.funysmile21.life/web/ HTTP 302
• http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz705K3RQWPAroWfEWx50SBK4isbamzRIz20BeZ8i6QieOA52bAIm%2fNXMbGAuzXDc0VmQ%3d HTTP 302
• http://realcenter-mobileapps2.com/away.php

Request Chain 31

• https://best.prizedeal32.info/proc.php?0615a4e03080e26ed97463f9148be2d4ea107dd6 HTTP 302
• https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314

Request Chain 33

• https://up.trkgenius.com/out.php?v=dcf03f57748351ce6791d99815772d25 HTTP 302
• https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx

Request Chain 35

• http://popcash.net/world/go/216668/462082 HTTP 301
• http://ps.popcash.net/go/216668/462082

Request Chain 61

• https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0 HTTP 302
• https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0&xl8blockcheck=1 HTTP 302
• https://load77.exelator.com/pixel.gif

Request Chain 70

• https://6102726.fls.doubleclick.net/activityi;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5154206050925.974 HTTP 302
• https://6102726.fls.doubleclick.net/activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5154206050925.974

Request Chain 106

• https://mc.yandex.ru/watch/50559844?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper HTTP 302
• https://mc.yandex.ru/watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper

Request Chain 114

• https://www.google-analytics.com/r/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=357765169&gjid=1083742176&cid=16550230.1559296576&tid=UA-56634126-2&_gid=579128436.1559296576&_r=1&gtm=2wg5m0KSH3PK&z=66673756 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_gid=579128436.1559296576&gjid=1083742176&_v=j76&z=66673756 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_v=j76&z=66673756

Request Chain 115

• https://www.google-analytics.com/r/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&dp=%2Flandings%2F197.10%2F&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGHACMABBAAAAC~&jid=654724523&gjid=62917065&cid=16550230.1559296576&tid=UA-56634126-22&_gid=579128436.1559296576&_r=1&gtm=2wg5m0KSH3PK&cd5=16550230.1559296576_1559296576423&z=1935007892 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_gid=579128436.1559296576&gjid=62917065&_v=j76&z=1935007892 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_v=j76&z=1935007892

Request Chain 130

• https://www.facebook.com/tr/?id=1593188040964422&ev=Microdata&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&rl=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&if=false&ts=1559296577993&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22MacKeeper%20%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1559296576486.552801288&it=1559296575974&coo=false&es=automatic&rqm=GET HTTP 302
• https://cx.atdmt.com/?c=17014117200457772116&f=AYwFMIkQsEwi4M_vSBxDcNARL7M1Au_r1yoDXqT21SkV4QlFAoMG7aRvbv3RjF9s0d3bNQN9hmL0DybTer91Y0yc&id=1593188040964422&l=3&v=0

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response bisnisonlineluarbiasa.com/	19 KB 7 KB	567ms 433ms	Document text/html	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 7ed2c4c4aed9cce03ef9e1d9d95927b077f473c8a719a3d2e96d9e3866130bb6 Request headers Host bisnisonlineluarbiasa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/html; charset=UTF-8 Link <https://bisnisonlineluarbiasa.com/wp-json/>; rel="https://api.w.org/" Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Fri, 31 May 2019 09:56:01 GMT Server LiteSpeed Connection Keep-Alive
GET H/1.1	200 OK	css fonts.googleapis.com/	16 KB 2 KB	26ms 16ms	Stylesheet text/css	2a00:1450:4001:820::200a Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash dea4421c9617ac02e6bd7d3f6f6cca802acec330831fc562fb6e4a7952257f97 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Fri, 31 May 2019 09:56:01 GMT Server ESF X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Transfer-Encoding chunked Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin X-XSS-Protection 0 Expires Fri, 31 May 2019 09:56:01 GMT
GET H/1.1	200 OK	font-awesome.min.css bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/	30 KB 8 KB	131ms 126ms	Stylesheet text/css	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:10 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 7949 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	style.css bisnisonlineluarbiasa.com/wp-content/themes/hitmag/	64 KB 16 KB	234ms 110ms	Stylesheet text/css	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/style.css?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 4777544e72a77e0c2568267c4838dc636c3cffd020487e383a694a224ec4a8f3 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 15919 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	flexslider.css bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/	6 KB 2 KB	241ms 113ms	Stylesheet text/css	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/flexslider.css?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 52db182ccc9de3f83db429d2180241038f48d81cce854d1ba9f1377e634fe6fe Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:10 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 1692 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	magnific-popup.css bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/	7 KB 2 KB	245ms 114ms	Stylesheet text/css	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/magnific-popup.css?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:10 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 2120 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	jquery.js Show response bisnisonlineluarbiasa.com/wp-includes/js/jquery/	95 KB 39 KB	373ms 128ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Mon, 23 May 2016 19:30:30 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 39407 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	jquery-migrate.min.js Show response bisnisonlineluarbiasa.com/wp-includes/js/jquery/	10 KB 5 KB	373ms 127ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Fri, 20 May 2016 16:41:28 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 4303 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H2	200	bisnis-online-dari-awal-348x215.jpg bisnisonlineluarbiasa.com/wp-content/uploads/2018/11/	10 KB 10 KB	738ms 117ms	Image image/jpeg	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://bisnisonlineluarbiasa.com/wp-content/uploads/2018/11/bisnis-online-dari-awal-348x215.jpg Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 6ce123394a73a027df115fcc72fd220ccd13a12ff7f36febd66fd9468c7a1d6e Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:01 GMT last-modified Wed, 28 Nov 2018 07:38:59 GMT server LiteSpeed content-type image/jpeg status 200 cache-control public, max-age=604800 alt-svc quic=":443"; ma=2592000; v="35,39,43" content-length 10301 expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	navigation.js Show response bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/	4 KB 2 KB	349ms 120ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/navigation.js?ver=20151215 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 62cc1fc4688e993489101af51c899c67bddf976e08ce9c7d051595144038261b Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 1459 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	skip-link-focus-fix.js Show response bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/	683 B 755 B	115ms 108ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 425 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response bisnisonlineluarbiasa.com/wp-includes/js/	12 KB 5 KB	273ms 142ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:02 GMT Content-Encoding gzip Last-Modified Fri, 13 Jul 2018 17:07:26 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 4903 Expires Fri, 07 Jun 2019 09:56:02 GMT
GET H/1.1	200 OK	jquery.flexslider-min.js Show response bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/	22 KB 8 KB	123ms 122ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 7497 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	scripts.js Show response bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/	1 KB 896 B	114ms 113ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/scripts.js?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 32b6d92002c6e2a6e85e870068ca9c622b9b4925e5d91d22084ea6a7b8f5a21d Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 566 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	jquery.magnific-popup.min.js Show response bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/	20 KB 8 KB	127ms 126ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:01 GMT Content-Encoding gzip Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 8267 Expires Fri, 07 Jun 2019 09:56:01 GMT
GET H/1.1	200 OK	wp-embed.min.js Show response bisnisonlineluarbiasa.com/wp-includes/js/	1 KB 1 KB	238ms 108ms	Script application/javascript	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-includes/js/wp-embed.min.js?ver=4.9.10 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7 Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:02 GMT Content-Encoding gzip Last-Modified Thu, 13 Dec 2018 09:18:50 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 767 Expires Fri, 07 Jun 2019 09:56:02 GMT
GET H/1.1	200 OK	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v15/	14 KB 14 KB	54ms 18ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/lato/v15/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Fri, 31 May 2019 04:29:22 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Mar 2019 20:13:00 GMT Server sffe Age 19600 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 14044 X-XSS-Protection 0 Expires Sat, 30 May 2020 04:29:22 GMT
GET H/1.1	200 OK	4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2 fonts.gstatic.com/s/ubuntu/v13/	14 KB 14 KB	42ms 19ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/ubuntu/v13/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Sat, 09 Mar 2019 00:41:49 GMT X-Content-Type-Options nosniff Last-Modified Tue, 19 Feb 2019 22:37:26 GMT Server sffe Age 7204453 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 14096 X-XSS-Protection 1; mode=block Expires Sun, 08 Mar 2020 00:41:49 GMT
GET H/1.1	200 OK	4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2 fonts.gstatic.com/s/ubuntu/v13/	14 KB 14 KB	47ms 8ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/ubuntu/v13/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Sat, 09 Mar 2019 03:34:11 GMT X-Content-Type-Options nosniff Last-Modified Tue, 19 Feb 2019 22:40:58 GMT Server sffe Age 7194111 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 13848 X-XSS-Protection 1; mode=block Expires Sun, 08 Mar 2020 03:34:11 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 bisnisonlineluarbiasa.com/wp-content/themes/hitmag/fonts/	75 KB 76 KB	172ms 113ms	Font font/woff2	172.93.205.162 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 172.93.205.162 Chicago, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS sierra.clusterwebdns.com Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://bisnisonlineluarbiasa.com/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0 Origin http://bisnisonlineluarbiasa.com Response headers Date Fri, 31 May 2019 09:56:02 GMT Last-Modified Thu, 04 Oct 2018 08:53:08 GMT Server LiteSpeed Content-Type font/woff2 Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 77160 Expires Fri, 07 Jun 2019 09:56:02 GMT
GET H/1.1	200 OK	4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 fonts.gstatic.com/s/ubuntu/v13/	13 KB 14 KB	38ms 8ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/ubuntu/v13/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Sat, 27 Apr 2019 05:32:19 GMT X-Content-Type-Options nosniff Last-Modified Tue, 19 Feb 2019 22:40:36 GMT Server sffe Age 2953423 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 13720 X-XSS-Protection 0 Expires Sun, 26 Apr 2020 05:32:19 GMT
GET H/1.1	200 OK	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v16/	9 KB 9 KB	39ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Mon, 25 Mar 2019 20:23:25 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Mar 2019 20:12:28 GMT Server sffe Age 5751157 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 9080 X-XSS-Protection 1; mode=block Expires Tue, 24 Mar 2020 20:23:25 GMT
GET H/1.1	200 OK	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v15/	14 KB 14 KB	43ms 10ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/lato/v15/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Mon, 25 Mar 2019 20:24:02 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Mar 2019 20:12:18 GMT Server sffe Age 5751120 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 14176 X-XSS-Protection 1; mode=block Expires Tue, 24 Mar 2020 20:24:02 GMT
GET H/1.1	200 OK	S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 fonts.gstatic.com/s/lato/v15/	15 KB 15 KB	43ms 9ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/lato/v15/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext Origin http://bisnisonlineluarbiasa.com Response headers Date Wed, 27 Mar 2019 19:31:30 GMT X-Content-Type-Options nosniff Last-Modified Mon, 25 Mar 2019 20:13:31 GMT Server sffe Age 5581472 Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Content-Length 14864 X-XSS-Protection 1; mode=block Expires Thu, 26 Mar 2020 19:31:30 GMT
GET H2	200	r.php cafephim.vn/wp-includes/ID3/	40 B 201 B	1931ms 268ms	XHR text/html	45.252.248.30 AZDIGI-AS-VN AZDI...
General Check archive.org Show headers Download Go to Full URL https://cafephim.vn/wp-includes/ID3/r.php Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.252.248.30 Thuan An, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN), Reverse DNS Software LiteSpeed / PHP/7.2.18 Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://bisnisonlineluarbiasa.com/ Origin http://bisnisonlineluarbiasa.com Response headers date Fri, 31 May 2019 09:55:37 GMT content-encoding br vary Accept-Encoding,User-Agent server LiteSpeed status 200 x-powered-by PHP/7.2.18 x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin * content-length 44
GET H/1.1	200 OK	js15_as.js s10.histats.com/	11 KB 5 KB	3028ms 10ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL http://s10.histats.com/js15_as.js Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:51:39 GMT Content-Encoding gzip Last-Modified Thu, 06 Dec 2018 14:12:12 GMT X-CDN-Pop-IP 137.74.120.32/27 ETag "-139234964" X-Cacheable Matched cache Vary Accept-Encoding X-IPLB-Instance 4747 Content-Type text/javascript X-CDN-Pop sbg Accept-Ranges bytes Content-Length 4525
GET H/1.1	200 OK	Cookie set / Show response sweeps3869.funysmile21.life/8021172625/ Redirect Chain http://fedegok.tk/index/?5731550755135 http://rintointhensin.icu/?u=h2xkd0x&o=lxkgnum&t=808 http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1	85 B 382 B	182ms 132ms	Document text/html	79.110.23.132 LLHOST // M247
General Check archive.org Show headers Download Go to Full URL http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Requested by Host: bisnisonlineluarbiasa.com URL: http://bisnisonlineluarbiasa.com/ Protocol HTTP/1.1 Server 79.110.23.132 , Romania, ASN202023 (LLHOST // M247, RO), Reverse DNS Software nginx/1.12.0 / ASP.NET Resource Hash a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6 Request headers Host sweeps3869.funysmile21.life Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://bisnisonlineluarbiasa.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://bisnisonlineluarbiasa.com/ Response headers Server nginx/1.12.0 Date Fri, 31 May 2019 09:56:06 GMT Content-Type text/html Content-Length 85 Connection keep-alive Cache-Control private Set-Cookie ASP.NET_SessionId=b0n3qzr5m4oobqwb2ysise3x; path=/; HttpOnly X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Redirect headers Server nginx/1.12.0 Date Fri, 31 May 2019 09:56:06 GMT Content-Length 205 Connection keep-alive Cache-Control private Location http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Set-Cookie ASP.NET_SessionId=rcr50cim5g514n1oofvljup5; path=/; HttpOnly X-Powered-By ASP.NET
GET H/1.1	200 OK	0.php s4.histats.com/stats/	52 B 323 B	205ms 101ms	Script text/html	198.27.67.211 OVH
General Check archive.org Show headers Download Go to Full URL http://s4.histats.com/stats/0.php?4214393&@f16&@g1&@h1&@i1&@j1559296565215&@k0&@l1&@mBisnis%20Online%20Luar%20Biasa%20-%20Luar%20Biasa&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-36397782&@b3:1559296565&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fbisnisonlineluarbiasa.com%2F&@w Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol HTTP/1.1 Server 198.27.67.211 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns510716.ip-198-27-67.net Software / Resource Hash Request headers Referer http://bisnisonlineluarbiasa.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:05 GMT Connection close Content-Length 52 Content-Type text/html;charset=UTF-8
GET H/1.1	200 OK	away.php realcenter-mobileapps2.com/ Redirect Chain http://sweeps3869.funysmile21.life/web/ http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENt93WnJeDtIz7OoG7Gj7zIvuaaGt8gY2m%2fqM2b2Yr%2bhz3UkAyIkB6RgFCu2ohSXo5rlqspso6oeQKebV1cnkewyxWEKM0oSrp3GLHDLrlsW%2bvWkLAuMGz705K3RQWPAroWfEW... http://realcenter-mobileapps2.com/away.php	348 B 578 B	11ms 9ms	Document text/html	195.201.93.115 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://realcenter-mobileapps2.com/away.php Requested by Host: sweeps3869.funysmile21.life URL: http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Protocol HTTP/1.1 Server 195.201.93.115 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.115.93.201.195.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Host realcenter-mobileapps2.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Accept-Encoding gzip, deflate Cookie PHPSESSID=cmbdcos7ufqvce7jm8vtbrdv50 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://sweeps3869.funysmile21.life/8021172625/?u=h2xkd0x&o=lxkgnum&t=808&f=1 Response headers Server nginx/1.10.3 Date Fri, 31 May 2019 09:56:06 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip Redirect headers Server nginx/1.10.3 Date Fri, 31 May 2019 09:56:06 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie PHPSESSID=cmbdcos7ufqvce7jm8vtbrdv50; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Location /away.php
GET H2	200	/ best.prizedeal32.info/	3 KB 2 KB	383ms 122ms	Document text/html	99.198.108.195 SingleHop LLC
General Check archive.org Show headers Download Go to Full URL https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 Requested by Host: realcenter-mobileapps2.com URL: http://realcenter-mobileapps2.com/away.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/7.3.3 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers :method GET :authority best.prizedeal32.info :scheme https :path /?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 server nginx date Fri, 31 May 2019 09:56:07 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.3.3 cache-control no-store, no-cache, must-revalidate, max-age=0 pragma no-cache expires Thu, 01 Jan 1970 00:00:00 GMT set-cookie u=190b72956114c229b13eb4171c8609a0; expires=Sat, 30-May-2020 09:56:07 GMT; Max-Age=31536000; path=/ strict-transport-security max-age=31536000; includeSubdomains; content-encoding gzip
GET H2	200	/ best.prizedeal32.info/	5 KB 2 KB	121ms 121ms	Document text/html	99.198.108.195 SingleHop LLC
General Check archive.org Show headers Download Go to Full URL https://best.prizedeal32.info/?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 Requested by Host: best.prizedeal32.info URL: https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/7.3.3 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers :method GET :authority best.prizedeal32.info :scheme https :path /?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 accept-encoding gzip, deflate, br cookie u=190b72956114c229b13eb4171c8609a0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://best.prizedeal32.info/?utm_medium=ccb1966b9d7c2c6b97aced65bb3ff188a3ca62cc&utm_campaign=mainstream&cid=c7cabd54-511f-40dc-8b8f-39e20b088f76 Response headers status 200 server nginx date Fri, 31 May 2019 09:56:07 GMT content-type text/html; charset=utf-8 vary Accept-Encoding x-powered-by PHP/7.3.3 cache-control no-store, no-cache, must-revalidate, max-age=0 pragma no-cache expires Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security max-age=31536000; includeSubdomains; content-encoding gzip
GET H2	200	in.html Show response up.trkgenius.com/ Redirect Chain https://best.prizedeal32.info/proc.php?0615a4e03080e26ed97463f9148be2d4ea107dd6 https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314	6 KB 3 KB	74ms 22ms	Document text/html	107.6.174.196 SingleHop LLC
General Check archive.org Show headers Download Go to Full URL https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 Requested by Host: best.prizedeal32.info URL: https://best.prizedeal32.info/?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS bigfish.setupcentral.network Software nginx/1.17.0 / Resource Hash 7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority up.trkgenius.com :scheme https :path /in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://best.prizedeal32.info/?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://best.prizedeal32.info/?utm_term=6697127760046850476&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b88186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6b0 Response headers status 200 server nginx/1.17.0 date Fri, 31 May 2019 09:56:07 GMT content-type text/html last-modified Sun, 27 Jan 2019 05:38:08 GMT etag W/"5c4d43c0-1605" strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip Redirect headers status 302 server nginx date Fri, 31 May 2019 09:56:07 GMT content-type text/html; charset=UTF-8 location https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 x-powered-by PHP/7.3.3 cache-control no-store, no-cache, must-revalidate, max-age=0 pragma no-cache expires Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security max-age=31536000; includeSubdomains;
GET H2	200	in.php Show response up.trkgenius.com/	1 KB 985 B	25ms 24ms	Document text/html	107.6.174.196 SingleHop LLC
General Check archive.org Show headers Download Go to Full URL https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314&m=rd12l61XrG9XlsmcBR1sUsL.EUvHTgRLgWecP0f4G5CJ553.P03A553cPleN5KeP5wZJ53APBu9zmRr6dpei_xAi_LfCWWVrB-9IB-1zBRrTj03N8ULBEGP Requested by Host: up.trkgenius.com URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS bigfish.setupcentral.network Software nginx/1.17.0 / Resource Hash eadde14e7a4427d7c3d9078753703b326e97dd119878efac53f636bd6bf7a251 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority up.trkgenius.com :scheme https :path /in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314&m=rd12l61XrG9XlsmcBR1sUsL.EUvHTgRLgWecP0f4G5CJ553.P03A553cPleN5KeP5wZJ53APBu9zmRr6dpei_xAi_LfCWWVrB-9IB-1zBRrTj03N8ULBEGP pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314 Response headers status 200 server nginx/1.17.0 date Fri, 31 May 2019 09:56:08 GMT content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache expires 0 surrogate-control no-store refresh 0; url=out.php?v=dcf03f57748351ce6791d99815772d25 set-cookie t=5f1a01a5b14cfffa strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip
GET H2	200	-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ Show response minently.com/RnSda/rDN3/ojdn/ Redirect Chain https://up.trkgenius.com/out.php?v=dcf03f57748351ce6791d99815772d25 https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx	4 KB 3 KB	373ms 70ms	Document text/html	205.147.93.131 Oracle Corporation
General Check archive.org Show headers Download Go to Full URL https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US), Reverse DNS Software ZENEDGE / Resource Hash 623fc90f761cb83df1618c41100c6cd831216c50cf316045c504b592535ee479 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers :method GET :authority minently.com :scheme https :path /RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314&m=rd12l61XrG9XlsmcBR1sUsL.EUvHTgRLgWecP0f4G5CJ553.P03A553cPleN5KeP5wZJ53APBu9zmRr6dpei_xAi_LfCWWVrB-9IB-1zBRrTj03N8ULBEGP accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697127760046850476&pubid=1314&m=rd12l61XrG9XlsmcBR1sUsL.EUvHTgRLgWecP0f4G5CJ553.P03A553cPleN5KeP5wZJ53APBu9zmRr6dpei_xAi_LfCWWVrB-9IB-1zBRrTj03N8ULBEGP Response headers status 200 content-type text/html;charset=utf-8 x-cache-status NOTCACHED x-zen-fury 06a5f858f217d50f6795985e115098b233a03a92 date Fri, 31 May 2019 09:56:08 GMT cache-control no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0 expires Sat, 26 Jul 1997 05:00:00 GMT set-cookie MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=41962f55bad0cb2fe4f0934fa0750876_1559296568.4115; domain=minently.com; path=/; expires=Mon, 28-May-2029 09:56:08 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1559296568.418; domain=minently.com; path=/; expires=Mon, 28-May-2029 09:56:08 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YWNQTkpyWkJOY3dCRXE3MEVoNTJBSlpZQm53MzJwVzk4ZjJFTTFzeWlqdA%3D%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 09:56:08 UTC; Secure 41962f55bad0cb2fe4f0934fa0750876_1559296568.4115_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT25IK09WeUNyam5jUWhpeEMrWmpGWnRoSkNCWnNuVkEwSjRHempTY2t1RDJJZDM5MWEyS2MyQ095Nmh6b3cvQVhPV0dJdEJzVzRhVTNsS2R2cTRFREZSSDF3Y1FjaGUzaUJsSTlyUUVlbkh5Q3Rkb1JrMmpHRnhFWTNwcFppczhPMXk2SUFlMmpJbXRGbEpmeXhHS1RuVHNraDNVTW5wcjJMaG44WUdxOTZ2eWhxQWEvcC9ZL1hZaHVrVStWcTM0b090ZStYcDIwRlpLTlhQSEl1M3V5ZmhWQUpkU1hWQ1lNWlZpaWFaNzhDS2tTZ0NqMEtXQk82L203aEYzdTdMOGpyY1Y3Ny9kZXpGUUpaZi9rMDA2UEx6N2JBUkZ3MVV2UTNWSFdTU0xycm5tbFVSb2w4K3JjRnBOazhvUEsyRXhsREhEYi9sZlh1SEtLS0wwdG5zdElZeDlzZHVuVWN0T0E5ZlBURm45bWFoNHpjeHdibE8yaWN3aFhIOFVzVW5ENlJuK2pnVlVmWFZQL3BOQ0pYc3J5bitIK2NBY09PZ3U3WnJBenZqNkVqSDNiOEVCcDlrV2Nza0xtNlRWTkhPNzRWakI2RW44NGY0ZGY3akZKS09JYytEN2puclpDc0FUS1VPd1FSc2c3dmptdHc2MGR3elpNK1RnUXlxa1h1bmRIUjViWjFUc3pnaGRHYXRSRjhnaEc4VWJVM3hrRHdIbFFTcldhWVA5emZxckNvUC9qcG5PUXhGYTUwZXIreEYzT3pJdWZvS0JYVXRMQXI5RFpBMEM2N3NDSUZQbStaMVlzemloRCtRcHZCVXhBVlNIbmkrNnhpWnNFRjFzUVFTYzd6bE5OWkZlLzlIcVRLd1l4WFUrL28rbWVnY2tKSGJKdUdLenhHRm5EaGFZUlFvd0FTSUIxcWpRMHFDUzArTnlEeW51RHVVVUY4ZHdraC9pUmFVUjFjeUdUOVdwR3oyemU2Mi94U2NHWHNkMk9COWRKWXV6Yi9FaW14VDNycDlib3E1YTNuNm5zZFR4T2VadU5kT25mK2d4S0NOa2ZJaGVUdzU0d3pvZVpXbmw%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 09:56:08 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=TFNNVU03c20wVmtHWE94aXhvWGF4emcyd0s3SFMwYkEydTBXdXlrZkIxSFo5WlJqL3RReW85MEQyUEk4ZFhBRzlNVngvbmRLKzhOVUthWEZGVTJEb0FSSXBiQUpYb3ovZEdmRldVNkJheTg9; domain=minently.com; path=/; expires=Fri, 31-May-2019 11:01:08 UTC; Secure SERVERID=sfc39; path=/ vary Accept-Encoding Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip server ZENEDGE x-cdn Served-By-Zenedge Redirect headers status 302 server nginx/1.17.0 date Fri, 31 May 2019 09:56:08 GMT content-type text/html; charset=UTF-8 location https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache expires 0 surrogate-control no-store strict-transport-security max-age=31536000; includeSubDomains
GET		462082 popcash.net/world/go/216668/	0 0
GET H/1.1	200 OK	462082 ps.popcash.net/go/216668/ Redirect Chain http://popcash.net/world/go/216668/462082 http://ps.popcash.net/go/216668/462082	466 B 513 B	228ms 105ms	Document text/html	52.200.81.199 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://ps.popcash.net/go/216668/462082 Requested by Host: minently.com URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=97fe1ce2a3e7639523a71fc27dd8e540&ext1=dvx Protocol HTTP/1.1 Server 52.200.81.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-200-81-199.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Host ps.popcash.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer https://minently.com/ Accept-Encoding gzip, deflate Cookie __cfduid=d87529c6c8723ae878e53cbfa42b44f731559296568 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://minently.com/ Response headers Date Fri, 31 May 2019 09:56:08 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Server nginx Vary Accept-Encoding Content-Encoding gzip Redirect headers Date Fri, 31 May 2019 09:56:08 GMT Content-Type text/html Content-Length 162 Connection keep-alive Set-Cookie __cfduid=d87529c6c8723ae878e53cbfa42b44f731559296568; expires=Sat, 30-May-20 09:56:08 GMT; path=/; domain=.popcash.net; HttpOnly Location http://ps.popcash.net/go/216668/462082 Server cloudflare CF-RAY 4df81381b9952340-FRA
GET H2	200	Primary Request / Show response app7.kromtech.net/landings/197.10/ Redirect Chain http://ps.popcash.net/ad/ad?p=216668&w=462082&t=d9010ea7b46aa9f9&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 http://xml.poprtb.pro/click?i=MbCYOUpB7CQ_0 https://feed1.50million.club/feed/offer/508bde63-838a-11e9-8cfd-abc59f5adda9 https://kromtech.net/link/f4fb68a2-1d7e-11e9-a958-127369ec21d1&tid_ext=edaadf27;185.151.58.117 https://assets.kromtech.net/lnd?back=aHR0cHM6Ly9rcm9tdGVjaC5uZXQvbGluay9mNGZiNjhhMi0xZDdlLTExZTktYTk1OC0xMjczNjllYzIxZDEmdGlkX2V4dD1lZGFhZGYyNzsxODUuMTUxLjU4LjExNyZyZXFpZD1Sb290PTEtNWNmMGZhM2UtYTc5... https://kromtech.net/link/f4fb68a2-1d7e-11e9-a958-127369ec21d1&tid_ext=edaadf27;185.151.58.117&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&guid=53acd008-838a-11e9-bfed-0e44482e0016&adb=0 https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb...	35 KB 19 KB	509ms 284ms	Document text/html	52.201.134.21 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Requested by Host: ps.popcash.net URL: http://ps.popcash.net/go/216668/462082 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.201.134.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-201-134-21.compute-1.amazonaws.com Software nginx / Resource Hash bc150159c5f9f985f3cb1a6b1e8a533ea893605612b003b54dbdfeda5361c4f7 Security Headers Name Value Content-Security-Policy default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/ http://*.hotjar.io https://*.hotjar.io; Request headers :method GET :authority app7.kromtech.net :scheme https :path /landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer http://ps.popcash.net/go/216668/462082 accept-encoding gzip, deflate, br cookie guid=53acd008-838a-11e9-bfed-0e44482e0016; userid=mzb_197830; useridw=mzb_197830; ldrBrowser=Chrome; ldrBrowserLite=Chrome; ldrOs=Mac+OS+X; ldrUaFull=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36; uniqueSplitDay=1; aaffss=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%3A0%3A20190531; globalAffid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb; userDefiner=mzb_4146; userPrePay=mk_mymed_cpm_ww; trt=29_45121156 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://ps.popcash.net/go/216668/462082 Response headers status 200 date Fri, 31 May 2019 09:56:14 GMT content-type text/html; charset=UTF-8 server nginx vary Accept-Encoding content-security-policy default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/ http://*.hotjar.io https://*.hotjar.io; expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache set-cookie PHPSESSID=tq8c66j2qop7e3cn1capkc7op6; path=/ request-id 16cc16598253586d327e5a5344f895a3 content-encoding gzip Redirect headers status 302 date Fri, 31 May 2019 09:56:14 GMT content-type text/html; charset=utf-8 content-length 416 location https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= set-cookie guid=53acd008-838a-11e9-bfed-0e44482e0016; Path=/; Domain=kromtech.net; Max-Age=315360000 userid=mzb_197830; Path=/; Domain=kromtech.net; Max-Age=86400 useridw=mzb_197830; Path=/; Domain=kromtech.net; Max-Age=604800 ldrBrowser=Chrome; Path=/; Domain=kromtech.net; Max-Age=86400 ldrBrowserLite=Chrome; Path=/; Domain=kromtech.net; Max-Age=86400 ldrOs=Mac+OS+X; Path=/; Domain=kromtech.net; Max-Age=86400 ldrUaFull=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36; Path=/; Domain=kromtech.net; Max-Age=86400 uniqueSplitDay=1; Path=/; Domain=kromtech.net; Max-Age=86400 aaffss=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%3A0%3A20190531; Path=/; Domain=kromtech.net; Max-Age=31536000 globalAffid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb; Path=/; Domain=kromtech.net; Max-Age=15552000 userDefiner=mzb_4146; Path=/; Domain=kromtech.net; Max-Age=15552000 userPrePay=mk_mymed_cpm_ww; Path=/; Domain=kromtech.net; Max-Age=15552000 trt=29_45121156; Path=/; Domain=kromtech.net; Max-Age=15552000
GET H2	200	jquery.min.js Show response static.mackeeper.com/landings/libs/jquery/	94 KB 33 KB	113ms 49ms	Script application/javascript	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843901 etag W/"57164f85-1762a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=2592000, must-revalidate x-amz-cf-id NMLrMkesDTdAX11Rwc2wqWyCGGvWr_HsHLAxL6LPVg4su0LHrw60Aw== via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	cookie.js Show response static.mackeeper.com/landings/libs/js/	624 B 765 B	113ms 50ms	Script application/javascript	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash f5d702fdef5359dd9943f36608f717db1a8666613630c8a17d9dcf1d0bf704bc Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag W/"5ae70052-270" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=2592000, must-revalidate content-length 369 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id cVOrW44PaaqhuzTqxewWbco-8nUHAnLrxW6jeYhdWGEgmg9T7NAaxQ== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	loclist.js Show response static.mackeeper.com/landings/libs/js/	620 B 718 B	112ms 49ms	Script application/javascript	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 8a12cb2ebe91b7692ed7279a38276cf64d3bf6c6d2845a55eb38e4e042d2b066 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843901 etag W/"57164f85-26c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=2592000, must-revalidate content-length 322 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id 5DhrNatUE7wkAG0IQP-06fVkQdF7OCnNUrzKJeWHG-PCzneKIyt56Q== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	alerts.js Show response static.mackeeper.com/landings/libs/alert/	55 KB 12 KB	113ms 50ms	Script application/javascript	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 6e52915c1977626ced58d25c08088e9d23f057769e86259fa1577056ca905764 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Thu, 04 Oct 2018 13:30:26 GMT server nginx age 843901 etag W/"5bb615f2-dbe8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=2592000, must-revalidate content-length 12380 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id hr768tu5-XurJHgRSOu2kGT8L3MPXCc-ctfm9g4Hplq3-6djIy8LDQ== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	reset.css static.mackeeper.com/landings/libs/	829 B 860 B	111ms 48ms	Stylesheet text/css	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/reset.css?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash e1bac7cd8e0ee2b6372f871a9c88654bb9d9a10b4e0ce73b462b20f6848b96e1 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag W/"5ae70052-33d" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control max-age=2592000, must-revalidate content-length 475 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id eTRToraaRPWBp1EbapzFg3pk7xWKc6up4WhPWJnvcA5pGWtEF7GuTg== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	style.min.css static.mackeeper.com/landings/197.10/css/	23 KB 7 KB	72ms 10ms	Stylesheet text/css	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 948297f95044a8c82d425cffa9ca1cf10f90cbe546fbc83b0dce3b1d0ffe572c Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:06 GMT content-encoding gzip last-modified Mon, 08 Apr 2019 12:53:22 GMT server nginx age 843909 etag W/"5cab4442-5ddb" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control max-age=2592000, must-revalidate content-length 6751 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id GLf0_JCEDv36MUqMla9XmgRF4shy4MHsC52iYeKxHri4bilHD1OfEg== expires Thu, 20 Jun 2019 15:31:06 GMT
GET H2	200	proximanova-semibold.otf static.mackeeper.com/landings/libs/fonts/	166 KB 167 KB	104ms 42ms	Stylesheet application/octet-stream	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/fonts/proximanova-semibold.otf?q=2&mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash c3464282792703bd57a0210d84ccea17c78820d5a129bd5a9e6957dbad9996de Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:18 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843897 etag "57164f85-298b0" x-cache Hit from cloudfront content-type application/octet-stream status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 170160 x-amz-cf-id lApEuoA2KRw_0L7fvBItS2grfIUDJZbOrghmeLG4mHNOCCm6F7K6PA== expires Thu, 20 Jun 2019 15:31:18 GMT
GET H2	200	proximanova-bold.otf static.mackeeper.com/landings/libs/fonts/	167 KB 168 KB	75ms 13ms	Stylesheet application/octet-stream	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/fonts/proximanova-bold.otf?q=2&mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 858059885397fe54122dd48ee98ac071478376231d8334b5f15f991183a9d480 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:18 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843897 etag "57164f85-29c64" x-cache Hit from cloudfront content-type application/octet-stream status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 171108 x-amz-cf-id 2vEHkwMydW3kMUXsn0m0RSjECEX6RMUM7wWyka1ckowGqdnUEtcNkQ== expires Thu, 20 Jun 2019 15:31:18 GMT
GET H2	200	proximanova-light.otf static.mackeeper.com/landings/libs/fonts/	163 KB 164 KB	91ms 29ms	Stylesheet application/octet-stream	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/fonts/proximanova-light.otf?q=2&mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash c123a265d32a128b971400b2441317b4bdfb1031338aa1b4b931b65d1c316975 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:18 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843897 etag "57164f85-28c44" x-cache Hit from cloudfront content-type application/octet-stream status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 166980 x-amz-cf-id pSLpWP8xiGEjNaFQb1JnZysh4Aegl7OyrWnyvo2_KO7kHOWnmMJJJg== expires Thu, 20 Jun 2019 15:31:18 GMT
GET H2	200	proximanova-regular.otf static.mackeeper.com/landings/libs/fonts/	162 KB 163 KB	97ms 35ms	Stylesheet application/octet-stream	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/fonts/proximanova-regular.otf?q=2&mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 7241611bd00236517d175753868e4cb8bd795c63842cba7c508dd4cbef26577e Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:18 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Tue, 19 Apr 2016 15:32:21 GMT server nginx age 843897 etag "57164f85-289b8" x-cache Hit from cloudfront content-type application/octet-stream status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 166328 x-amz-cf-id 3iJK0SmCQNQlQFd0S5MOcdtnFE5eO9JeJanVUy8SjSKiRKWQeRJK6Q== expires Thu, 20 Jun 2019 15:31:18 GMT
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	24 KB 9 KB	26ms 16ms	Script text/javascript	216.58.210.2 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s07-in-f2.1e100.net Software cafe / Resource Hash 1448d19eebf777a4b07f5f9a70629878cf9fd04c305247d95103da42cdd502bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 9306 x-xss-protection 0 server cafe etag 11690690496941220196 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 31 May 2019 09:56:15 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	64 KB 25 KB	26ms 16ms	Script application/javascript	2a00:1450:4001:81f::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-854379023 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash b1bd04f49ed05cb3c810c40b4f321bb7c41d120b7ce70981ed9eddb0547eda27 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding br last-modified Thu, 30 May 2019 16:41:01 GMT server Google Tag Manager (scaffolding) access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 25344 x-xss-protection 0 expires Fri, 31 May 2019 09:56:15 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	64 KB 25 KB	25ms 15ms	Script application/javascript	2a00:1450:4001:81f::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-6102726 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash f3d89be144fc04978811c92f96d3cfc3f5b808d16d0394183d19481ff9e2d6c0 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding br last-modified Thu, 30 May 2019 16:41:01 GMT server Google Tag Manager (scaffolding) access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 25338 x-xss-protection 0 expires Fri, 31 May 2019 09:56:15 GMT
GET H/1.1	200 OK	p.js Show response my.rtmark.net/	709 B 1 KB	79ms 18ms	Script text/javascript	188.42.160.79 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/p.js?f=sync&lr=1&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 00fcb0b991992d5fb75abe0b701dee80fcaa93efc07908b7f8faea348cf7d01e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:15 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type text/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 709
GET H2	200	style.min.css static.mackeeper.com/landings/libs/adBlockRequestPopup/css/	2 KB 1 KB	110ms 49ms	Stylesheet text/css	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 038c7ab1f9c4b857d66552feb948f1959b4a3ed9ec489e7ea4f2b6ce071c2762 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Thu, 23 Aug 2018 09:39:10 GMT server nginx age 843901 etag W/"5b7e80be-85a" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control max-age=2592000, must-revalidate content-length 666 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id 6x-dSKuEHoYU0jtkkbDqaqFU_vdlpMo7mr1gi706fiLp-TuqeD8Ouw== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	style.min.css static.mackeeper.com/landings/libs/nev-overlay/css/	9 KB 2 KB	109ms 48ms	Stylesheet text/css	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/nev-overlay/css/style.min.css?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 4654259808ec1bef83e503bf53f2364e88600b01ff8830f7f87bcb96c2d42c68 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Tue, 17 Jul 2018 16:58:39 GMT server nginx age 843901 etag W/"5b4e203f-24ed" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control max-age=2592000, must-revalidate content-length 1320 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id 3-yzDNlzcUcsTkXzGxnyP9E9eX2sKu8ApmRUNW3dtL7Y3wuv-cNL6g== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	Safari-step1.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	7 KB 8 KB	13ms 11ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Safari-step1.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash d389df87a8c1b7582d4aab888d89bdcaed2057f830762fc8c126519e45dd6a45 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag "5ae70052-1df2" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 7666 x-amz-cf-id S5Y7ce1hRxK3tA1RYGi5CWT_jQd0WdtHVtu392ydCOYJv621uZhxlQ== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	Safari-step2_en.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	7 KB 7 KB	10ms 9ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Safari-step2_en.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 06f008e286a0c471efbf39ac648903c7809280f5e96529d97f8d3b4b93983400 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:19 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843896 etag "5ae70052-1bac" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 7084 x-amz-cf-id qKokgYKGMFXtVKfNnfC9kQHoghXbtRErtWMq8njqVQDkDX_hWt0MGg== expires Thu, 20 Jun 2019 15:31:19 GMT
GET H2	200	Chrome-step3_en.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	12 KB 12 KB	16ms 15ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step3_en.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 41d2ff93e89bc96ae37fd850c59d0f3a3acddf2f7352a7e6898ab6519293809e Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:19 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843896 etag "5ae70052-2fbc" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 12220 x-amz-cf-id RVF60W3lTZGJ_FiaRiCaMvnnB1DrHPQLcktSRNlwfLG0pHO62jFFTg== expires Thu, 20 Jun 2019 15:31:19 GMT
GET H2	200	arrow.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	2 KB 2 KB	16ms 15ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/arrow.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash c91a11db90c88ada7769de314d26ce6dbdca5b88b8fd8d8cee5e4a4997eaa252 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag "5ae70052-7e9" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 2025 x-amz-cf-id K6FywQg9sDXOAWE1UyQLRELmcVVF2XfnbBLGqmRYjgMBcI3MCt-s2g== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	Chrome-step1.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	8 KB 9 KB	9ms 7ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step1.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 21144da6e8e3a03e7c373709bb6fb48e2b02a9992cb6b30765d0baedd10b3aa3 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag "5ae70052-216b" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 8555 x-amz-cf-id cNqixnJUcFtzy-yZHQMgUYM6g3uTikmrDSln9bJ8KqnHlaaGui2rUQ== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	Chrome-step2_en.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	9 KB 9 KB	12ms 9ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Chrome-step2_en.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 2ebfe2a635f472aad6ff68681344078dbf39e1e0a053872b3223bbdfb3cee997 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:19 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843896 etag "5ae70052-23e6" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 9190 x-amz-cf-id uCN5hskyqY6Uv9xw61WPf-r6CFsMUwl9Gf4_HDWUtGGCTc9AiVTs2g== expires Thu, 20 Jun 2019 15:31:19 GMT
GET H2	200	Firefox-step2.png static.mackeeper.com/landings/libs/nev-overlay/img/overlay/	3 KB 3 KB	20ms 15ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/nev-overlay/img/overlay/Firefox-step2.png?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 087407c3ee83285deb13dbeb3357c7baca32f94a5213a00bd6d80f0876d0ae76 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:58 GMT server nginx age 843901 etag "5ae70052-c79" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 3193 x-amz-cf-id QA35-OtHlU_pTa4spnfUuImCIRtZdBl4UQvYUIjNek1zUcCqWOoHUA== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	style.min.css static.mackeeper.com/landings/libs/gdpr-banner/css/	5 KB 3 KB	107ms 47ms	Stylesheet text/css	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/gdpr-banner/css/style.min.css?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 88e373998f56992943631a24da394032facf6d6069e0bc07cc4a2ca69b468bb7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Thu, 31 May 2018 13:55:45 GMT server nginx age 843901 etag W/"5b0ffee1-13b6" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css status 200 cache-control max-age=2592000, must-revalidate content-length 2184 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id aXfEJUzze54fIdyDEXdrJ5X2q2Jvy6N-kfVtJc2VDukMI-i0gPrs_A== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	script.js Show response static.mackeeper.com/landings/libs/gdpr-banner/	2 KB 1 KB	38ms 37ms	Script application/javascript	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://static.mackeeper.com/landings/libs/gdpr-banner/script.js?mkv=1 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 461fb78cfcc8d2070bf3f14f94e7cc1b66c151f2f6d9124bf185dcd84981a4e4 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:14 GMT content-encoding gzip last-modified Fri, 12 Oct 2018 07:21:08 GMT server nginx age 843901 etag W/"5bc04b64-701" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 cache-control max-age=2592000, must-revalidate content-length 685 via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-id 5ASAc6hEI93CGKgBuV6xgFobmNvN20vKCHJkOx8vpXDNQkSQGqMXXA== expires Thu, 20 Jun 2019 15:31:14 GMT
GET H2	200	pixel.gif load77.exelator.com/ Redirect Chain https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0 https://loadus.exelator.com/load/?p=1050&g=1&cat=[mackeeper]&j=0&xl8blockcheck=1 https://load77.exelator.com/pixel.gif	43 B 273 B	110ms 6ms	Image image/gif	195.181.174.2 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://load77.exelator.com/pixel.gif Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.174.2 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-1.cdn77.com Software CDN77-Turbo / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT last-modified Wed, 25 Oct 2017 17:03:56 GMT server CDN77-Turbo access-control-allow-origin * x-edge-location frankfurtDE etag "59f0c3fc-2b" x-cache HIT content-type image/gif status 200 x-edge-ip 195.181.174.1 x-age 1013453 accept-ranges bytes content-length 43 Redirect headers date Fri, 31 May 2019 09:56:15 GMT server nginx/1.14.0 x-powered-by Undertow/1 location https://load77.exelator.com/pixel.gif p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA status 302 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H2	200	pae assets.kromtech.net/	43 B 146 B	101ms 99ms	Image image/gif	54.145.140.43 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://assets.kromtech.net/pae?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&productId=29&advertisingType=mzb_4146&tid=mk_mymed_cpm_ww;edaadf27;185.151.58.117&geo=DE&name=View&lid=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.145.140.43 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-145-140-43.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Fri, 31 May 2019 09:56:15 GMT server nginx content-length 43 access-control-allow-methods GET content-type image/gif
GET H2	200	css fonts.googleapis.com/	5 KB 714 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:819::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 8a5c9a820e5660585a358240bc90962a9c252a0968912889cffd2637c2661ca7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Fri, 31 May 2019 09:56:15 GMT server ESF access-control-allow-origin * date Fri, 31 May 2019 09:56:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 0 expires Fri, 31 May 2019 09:56:15 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	244 KB 34 KB	41ms 33ms	Script application/javascript	2a00:1450:4001:81f::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash 063a8ca394e534fb06c2a0db9609a70a6e19f8ea30ed661dc5667133eaaa2be5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding br last-modified Thu, 30 May 2019 16:41:01 GMT server Google Tag Manager (scaffolding) access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 34720 x-xss-protection 0 expires Fri, 31 May 2019 09:56:15 GMT
GET H2	200	hotjar-190484.js Show response static.hotjar.com/c/	39 KB 5 KB	228ms 40ms	Script application/javascript	147.75.32.173 Packet Host
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-190484.js?sv=6 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US), Reverse DNS pkt-ams-k1-27 Software openresty / Resource Hash 831577646bb3983bf92415db56794a36fa668709ab8d64fc89cc430ecd27aafc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript section-io-tag hotjar age 7 status 200 access-control-max-age 600 section-io-cache Hit content-length 4910 x-cache-hit 1 server openresty x-frame-options SAMEORIGIN etag W/fe75be9f146d9eacae7f574c98accf7f vary Accept-Encoding section-io-origin-status 304 access-control-allow-origin * cache-control max-age=60 section-io-origin-time-seconds 0.071 accept-ranges bytes section-io-id 3eb9e6d65aac8b0f30e30f00d95038a9
GET H/1.1	200 OK	tag.js Show response mc.yandex.ru/metrika/	332 KB 86 KB	228ms 44ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash b40168390afd721c2c0effd9b3b132b6d5334aff57106389b1aafa37a0a7af33 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:15 GMT Content-Encoding br Last-Modified Wed, 29 May 2019 14:42:12 GMT Server nginx/1.12.2 ETag "5cee9a44-1555e" Strict-Transport-Security max-age=31536000 Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Content-Length 87390 Expires Fri, 31 May 2019 10:56:15 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/	3 KB 1 KB	27ms 22ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1559296575479&cv=9&fst=1559296575479&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 619c6ca25cb08f592766d720c6fe004baadb8e5065f464667c7f7af5e6cdcdff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:15 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1179 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	23 KB 7 KB	233ms 51ms	Script application/javascript	2620:1ec:c11::200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash 134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding gzip last-modified Tue, 28 May 2019 20:50:22 GMT x-msedge-ref Ref A: E93B59945AB148C89F9847EEFD412959 Ref B: VIEEDGE0722 Ref C: 2019-05-31T09:56:15Z access-control-allow-origin * etag "03b90f79615d51:0" vary Accept-Encoding content-type application/javascript status 200 cache-control private,max-age=1800 accept-ranges bytes content-length 7104
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	53 KB 16 KB	23ms 19ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/ Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding content-length 15397 x-xss-protection 0 pragma public x-fb-debug vmP7hNoNN/7wkuMyJfJf/XqtkuHOJn3aVUoqbuqw9oR6J644mmxRBsWG9j9kz9enoUsizmYFHhF9AXUsr+B9cw== date Fri, 31 May 2019 09:56:15 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp/reporting/ expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc... 6102726.fls.doubleclick.net/ Frame 1E4F Redirect Chain https://6102726.fls.doubleclick.net/activityi;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;... https://6102726.fls.doubleclick.net/activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb30...	0 0	79ms 69ms	Document text/html	216.58.208.38 Google LLC
General Check archive.org Show headers Download Go to Full URL https://6102726.fls.doubleclick.net/activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5154206050925.974? Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6102726.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5154206050925.974? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= accept-encoding gzip, deflate, br cookie IDE=AHWqTUm_FBNmdzRVdGB8Ni1ANED-vNsgoBVwNSFitryqY4OhszA4BS8SQWlTIl84 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Fri, 31 May 2019 09:56:15 GMT expires Fri, 31 May 2019 09:56:15 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 407 x-xss-protection 0 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" Redirect headers status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * date Fri, 31 May 2019 09:56:15 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://6102726.fls.doubleclick.net/activityi;dc_pre=CJLR_LPAxeICFUS_dwod0xwNsw;src=6102726;type=landi0;cat=index0;u1=mzb_4146;u2=DE;u3=mk_mymed_cpm_ww;edaadf27;185.151.58.117;u4=197.10;u12=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5154206050925.974? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 set-cookie IDE=AHWqTUm_FBNmdzRVdGB8Ni1ANED-vNsgoBVwNSFitryqY4OhszA4BS8SQWlTIl84; expires=Wed, 24-Jun-2020 09:56:15 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT alt-svc quic=":443"; ma=2592000; v="46,44,43,39"
GET DATA	200 OK	truncated /	9 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6c6bf7b18059ebd4a4bce2fd2b809f28cab9e23d4ba1a5b0c2f8fab0330b6e44 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	logo.png static.mackeeper.com/landings/197.10/img/	1 KB 1 KB	39ms 16ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/logo.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash e7bfd14c1e5ca18ae420544966e3c61bca2acecbb4f2283bed54606c8875274d Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:11 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843904 etag "5ae70051-436" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1078 x-amz-cf-id 0TWR-gfeoScieHcGeZ1kEuu09Rts5XMH2aUYraEaXX6hn0-XaH0w8A== expires Thu, 20 Jun 2019 15:31:11 GMT
GET H2	200	mac__pink.png static.mackeeper.com/landings/197.10/img/	10 KB 10 KB	41ms 18ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/mac__pink.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 2ac47132b6c3aeb7ba9074c0c5643833ab677f4ac0bd886323b05e0bb3189381 Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:07 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843908 etag "5ae70051-2756" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 10070 x-amz-cf-id pTAA2Rz9BLQuJoQAoQ8xeF-afwGXf_rF_OgK3m0yokDaVW1g4NE7QA== expires Thu, 20 Jun 2019 15:31:07 GMT
GET H2	200	btn-arrow.png static.mackeeper.com/landings/197.10/img/	2 KB 2 KB	31ms 20ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/btn-arrow.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 285d345de8083848a3108363f76747a5d93982f619a14fb246395afbd78c979b Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:07 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843908 etag "5ae70051-73c" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1852 x-amz-cf-id rtlOB5S95QygtvhabEPdJkgqT87XWSCFGalwH2CCgL72dHR99N2dYA== expires Thu, 20 Jun 2019 15:31:07 GMT
GET H2	200	stars.png static.mackeeper.com/landings/197.10/img/	2 KB 2 KB	32ms 22ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/stars.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 63229f6a14bbe4aebe109afa0cdf0d46123ac03d150aced22edc5ce6c3eace7c Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:05 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843910 etag "5ae70051-67f" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1663 x-amz-cf-id RfvoanpXJMpEr6QOz0eQuw-oPYlMJU9qHlVhJETgw-ZKfgxvkItTQQ== expires Thu, 20 Jun 2019 15:31:05 GMT
GET H2	200	mac__mint.png static.mackeeper.com/landings/197.10/img/	9 KB 9 KB	33ms 23ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/mac__mint.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash bdf82bc70aca5f83bdcd5ec5f2c668c460a9777df489e621c6214bc8fee04f30 Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:05 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843910 etag "5ae70051-22d7" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 8919 x-amz-cf-id 8kpMpxUrAeruXn02pSbWweYaEym9umOE7FAwdowWW8xTvg3D3OJe8w== expires Thu, 20 Jun 2019 15:31:05 GMT
GET H2	200	sprite__step-icon.png static.mackeeper.com/landings/197.10/img/	2 KB 2 KB	32ms 24ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/sprite__step-icon.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 337b857b9e7ebd6fb3e0630fc96831260ebab97e6c6b2105785e97e156a7b0d2 Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:30:54 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843921 etag "5ae70051-743" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1859 x-amz-cf-id UK_1U_9sitqypekPkv-0WPLtsxsxOo49q98eDfVM5CTXRnhaXat5ag== expires Thu, 20 Jun 2019 15:30:54 GMT
GET H2	200	step-arrow.png static.mackeeper.com/landings/197.10/img/	445 B 811 B	116ms 109ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/197.10/img/step-arrow.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 538da36a373827459e4883502403c5300252c08210a6bd1876d31c27b638f223 Request headers Referer https://static.mackeeper.com/landings/197.10/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:07 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Mon, 30 Apr 2018 11:38:57 GMT server nginx age 843908 etag "5ae70051-1bd" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 445 x-amz-cf-id 5QU0UKp7zNHVmPaLvluMkomwvFJGMhL_oAB8cFt5ZWe_HU4snWZc7A== expires Thu, 20 Jun 2019 15:31:07 GMT
GET H2	200	i.png static.mackeeper.com/landings/libs/adBlockRequestPopup/img/	1 KB 2 KB	32ms 25ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/adBlockRequestPopup/img/i.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash d6e32667cdd39707c4f305fe54b9db929a353c4deb44e7c1627d34e92882e9db Request headers Referer https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:15 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Wed, 30 May 2018 14:28:05 GMT server nginx age 843900 etag "5b0eb4f5-586" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1414 x-amz-cf-id yuEFo9EOSm_FWUFj0huhuPW1TOW1dqqwduyd3cAj9ppKirIGXuGoQA== expires Thu, 20 Jun 2019 15:31:15 GMT
GET H2	200	x.png static.mackeeper.com/landings/libs/adBlockRequestPopup/img/	1 KB 2 KB	116ms 110ms	Image image/png	13.35.253.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://static.mackeeper.com/landings/libs/adBlockRequestPopup/img/x.png Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-27.fra6.r.cloudfront.net Software nginx / Resource Hash 03cf4dc4c261e12d1053f15edffc3cd5340751508cde5456e1481bd5d15f74b8 Request headers Referer https://static.mackeeper.com/landings/libs/adBlockRequestPopup/css/style.min.css?mkv=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 21 May 2019 15:31:15 GMT via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) last-modified Wed, 30 May 2018 14:28:05 GMT server nginx age 843900 etag "5b0eb4f5-5e0" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000, must-revalidate accept-ranges bytes content-length 1504 x-amz-cf-id mZQGBK69BQuSyI2MrLzsGTDiqnmrab1NvOSgPNtNR9PBu16KxnUedQ== expires Thu, 20 Jun 2019 15:31:15 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v12/	13 KB 13 KB	30ms 10ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v12/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext Origin https://app7.kromtech.net Response headers date Mon, 25 Mar 2019 20:19:32 GMT x-content-type-options nosniff last-modified Mon, 25 Mar 2019 20:11:07 GMT server sffe age 5751403 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13324 x-xss-protection 1; mode=block expires Tue, 24 Mar 2020 20:19:32 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 fonts.gstatic.com/s/sourcesanspro/v12/	13 KB 13 KB	42ms 22ms	Font font/woff2	2a00:1450:4001:808::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v12/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext Origin https://app7.kromtech.net Response headers date Mon, 25 Mar 2019 20:19:33 GMT x-content-type-options nosniff last-modified Mon, 25 Mar 2019 20:10:34 GMT server sffe age 5751402 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,44,43,39" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13108 x-xss-protection 1; mode=block expires Tue, 24 Mar 2020 20:19:33 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	23 KB 9 KB	19ms 19ms	Script text/javascript	216.58.210.2 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-854379023 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s07-in-f2.1e100.net Software cafe / Resource Hash f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:15 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 8912 x-xss-protection 0 server cafe etag 11386026576561889187 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 31 May 2019 09:56:15 GMT
GET H2	200	1593188040964422 Show response connect.facebook.net/signals/config/	208 KB 55 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1593188040964422?v=2.8.47&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 0884f46f37f35702df40a200f607a0d86b1327d605c5978e0eb15f565284fd6b Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding content-length 56280 x-xss-protection 0 pragma public x-fb-debug iYPoBVuubgbmCADAXrWAGwaEt8PPi1+XxdXqWAez2f/nAdFjmC0rRuc/BwiDS9IR8ss2VypBRuJghYDHjA72pg== date Fri, 31 May 2019 09:56:15 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/854379023/	42 B 109 B	28ms 27ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/854379023/?random=1559296575479&cv=9&fst=1559293200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&fmt=3&cdct=2&is_vtc=1&random=2668128414&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/854379023/	0 0
GET H/1.1	200 OK	img.gif my.rtmark.net/	43 B 684 B	17ms 16ms	Image image/gif	188.42.160.79 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://my.rtmark.net/img.gif?f=sync&partner=0380892b6877e49c4870a8960240ea326155479f7123d3d8f75569e3e6302e1c&ttl=&rurl=http://ps.popcash.net/go/216668/462082 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:16 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 43
GET H2	200	event.php event.mackeeper.com/ Frame E8B3	0 0	308ms 99ms	Document application/json	34.225.31.41 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&uniqid=f4f0056585d9b39556120822bb60cd27&affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&bundleid=29_45121156&prodid=29&response=json&payload=%7B%22partner%22%3A%22mzb_4146%22%2C%22landing_name%22%3A%22197.10%22%7D&session=tq8c66j2qop7e3cn1capkc7op6&time=1559296576076 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.31.41 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-225-31-41.compute-1.amazonaws.com Software / Resource Hash Request headers :method GET :authority event.mackeeper.com :scheme https :path /event.php?step=Landing_Loaded&substep=Hit&uniqid=f4f0056585d9b39556120822bb60cd27&affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&bundleid=29_45121156&prodid=29&response=json&payload=%7B%22partner%22%3A%22mzb_4146%22%2C%22landing_name%22%3A%22197.10%22%7D&session=tq8c66j2qop7e3cn1capkc7op6&time=1559296576076 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Response headers status 200 date Fri, 31 May 2019 09:56:16 GMT content-type application/json; charset=utf-8 content-length 58
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a520b55a223a4a0d55bd7842f1dbb6075a31926b3f52ea3c5f2490cd37c0ed34 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	modules.1bf1f193a8df8a7fcd1b.js Show response script.hotjar.com/	423 KB 88 KB	107ms 27ms	Script application/javascript	147.75.80.178 Packet Host
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.1bf1f193a8df8a7fcd1b.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-190484.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.80.178 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US), Reverse DNS pkt-ams-k1-25 Software / Resource Hash aaec4ecd34c79b1864879096d6480a528729de461d87511f4f2f174440883f38 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 31 May 2019 08:45:09 GMT access-control-allow-origin * etag W/"6278b678f16e13a90908032626a03bec" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 section-io-origin-time-seconds 0.053 section-io-origin-status 200 accept-ranges bytes section-io-id f6921e61f6256b89aab58f5f6fd07d0a content-length 89972
GET H2	204	0 bat.bing.com/action/	0 172 B	48ms 48ms	Image text/plain	2620:1ec:c11::200 Microsoft Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4019963&Ver=2&mid=d392552b-2b8d-7c30-ccb0-27d75542959c&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MacKeeper&p=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&r=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&lt=7136&evt=pageLoad&msclkid=N&rn=205889 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 pragma no-cache date Fri, 31 May 2019 09:56:16 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 769AC9C273CF4FBC8C03CE328471F639 Ref B: VIEEDGE0722 Ref C: 2019-05-31T09:56:16Z access-control-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/	3 KB 1 KB	47ms 45ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854379023/?random=1559296576147&cv=9&fst=1559296576147&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash dfb66a5d333c929072a19dc1e708c886627adfc2f8eb21da66bb58097b7f5f76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1217 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/	3 KB 1 KB	50ms 49ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983482265/?random=1559296576149&cv=9&fst=1559296576149&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash de99389d8dda53ca1749302ae3be6f9b7c52fc302757530702da9aad885c00a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1216 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/	3 KB 1 KB	66ms 63ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1010020041/?random=1559296576150&cv=9&fst=1559296576150&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 1c87276047fd7deaadc6adbc8685e987f1f94b17d27c234105648897a5740380 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1223 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/787486911/	3 KB 1 KB	68ms 66ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787486911/?random=1559296576164&cv=9&fst=1559296576164&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash bedc795c62bd04fb3b02f148f7ff22ab79ff924847cee04f24c70f85991bb1c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1220 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/803067473/	3 KB 1 KB	66ms 64ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803067473/?random=1559296576166&cv=9&fst=1559296576166&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 1d3b2ccffdedb216adc69f90be8bca818c154512419d8d10ee786d4a4055b288 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1221 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/	3 KB 1 KB	64ms 62ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957119846/?random=1559296576168&cv=9&fst=1559296576168&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash c42946f8e6b26bd423a66b485f2bb2df97e23195cd8f0f2daaa40631688660d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1218 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/780563185/	3 KB 1 KB	223ms 220ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/780563185/?random=1559296576169&cv=9&fst=1559296576169&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash d5ef1aec3dc5ccf174b35a5f0e21b9a36ab8127f130984f5efea40571c1ae60b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 1220 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-90f3a29ef7448451db5af955688970d7.html vars.hotjar.com/ Frame 770E	0 0	1100ms 32ms	Document text/html	147.75.205.49 Packet Host
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-190484.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.205.49 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US), Reverse DNS pkt-ams-k1-26 Software / Resource Hash Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-90f3a29ef7448451db5af955688970d7.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Response headers status 200 date Fri, 31 May 2019 09:56:17 GMT content-type text/html content-length 967 cache-control max-age=31536000 last-modified Tue, 30 Apr 2019 14:57:42 GMT section-io-origin-status 200 section-io-origin-time-seconds 0.042 etag W/"90f3a29ef7448451db5af955688970d7" content-encoding gzip vary Accept-Encoding accept-ranges bytes section-io-id e60e8845874ac4c929931e40e3dd3ed4
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:814::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSH3PK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 21 May 2019 23:53:44 GMT server Golfe2 age 1423 date Fri, 31 May 2019 09:32:33 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 17595 expires Fri, 31 May 2019 11:32:33 GMT
GET H2	200	inferredEvents.js Show response connect.facebook.net/signals/plugins/	1 KB 921 B	7ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding content-length 772 x-xss-protection 0 pragma public x-fb-debug 7jgjq6UDBZJbE9ukn4j+pqXtsJJB+5/NDnpHkn5A9jReIRIQnUBpkTLUlHPjWxjri5WN0b2gJx8CgbJffWJh6A== date Fri, 31 May 2019 09:56:16 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/854379023/	42 B 109 B	32ms 32ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/854379023/?random=1559296576147&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=370624109&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/854379023/	0 0
GET H2	200	/ www.google.com/pagead/1p-user-list/983482265/	42 B 109 B	25ms 24ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/983482265/?random=1559296576149&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=248642505&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/983482265/	0 0
GET H/1.1	302 Found	1 Show response mc.yandex.ru/watch/50559844/ Redirect Chain https://mc.yandex.ru/watch/50559844?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-... https://mc.yandex.ru/watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e...	0 -1 B	22ms 21ms	XHR	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 31 May 2019 09:56:16 GMT Last-Modified Fri, 31-May-2019 09:56:16 GMT Server nginx/1.12.2 Location /watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper Strict-Transport-Security max-age=31536000 Access-Control-Allow-Origin https://app7.kromtech.net Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block Expires Fri, 31-May-2019 09:56:16 GMT Redirect headers Pragma no-cache Date Fri, 31 May 2019 09:56:16 GMT Last-Modified Fri, 31-May-2019 09:56:16 GMT Server nginx/1.12.2 Access-Control-Allow-Origin https://app7.kromtech.net Strict-Transport-Security max-age=31536000 Location /watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block Expires Fri, 31-May-2019 09:56:16 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/957119846/	42 B 109 B	25ms 23ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/957119846/?random=1559296576168&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=74882258&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/957119846/	0 0
GET H2	200	/ www.google.com/pagead/1p-user-list/1010020041/	42 B 109 B	26ms 25ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1010020041/?random=1559296576150&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=2258827900&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/1010020041/	0 0
GET H2	200	/ www.google.com/pagead/1p-user-list/803067473/	42 B 109 B	24ms 24ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/803067473/?random=1559296576166&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=3147045352&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/803067473/	0 0
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 106 B	15ms 13ms	XHR text/plain	2a00:1450:4001:814::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACMABBAAAAC~&jid=1962084930&gjid=2084447120&cid=16550230.1559296576&tid=UA-56634126-6&_gid=579128436.1559296576&_r=1&gtm=2wg5m0KSH3PK&z=1305586545 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Origin https://app7.kromtech.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://app7.kromtech.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		ga-audiences www.google.com/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epay... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_gid=579128436.1559296576&gjid=1083742176&_v=j76&z=66673756 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_v=j76&z=66673756	0 0
GET		ga-audiences www.google.com/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&dp=... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_gid=579128436.1559296576&gjid=62917065&_v=j76&z=1935007892 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_v=j76&z=1935007892	0 0
GET H2	200	collect google-analytics.bi.owox.com/	30 B 30 B	1302ms 15ms	Image image/gif	35.186.228.179 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://google-analytics.bi.owox.com/collect?v=1&_v=j76&a=629718800&t=pageview&_s=1&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F&dr=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&dp=%2Flandings%2F197.10%2F&ul=en-us&de=UTF-8&dt=MacKeeper&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGHACMABBAAAAC~&jid=654724523&gjid=62917065&cid=16550230.1559296576&tid=UA-56634126-22&_gid=579128436.1559296576&_r=1&gtm=2wg5m0KSH3PK&cd5=16550230.1559296576_1559296576423&z=1935007892 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.186.228.179 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 179.228.186.35.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:17 GMT via 1.1 google server openresty access-control-allow-origin * content-type image/gif status 200 owoxcode 403 alt-svc quic=":443"; ma=2592000; v="46,44,43,39"
GET H2	200	/ www.google.com/pagead/1p-user-list/787486911/	42 B 109 B	28ms 27ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/787486911/?random=1559296576164&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=866385438&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/787486911/	0 0
GET H/1.1	200 OK	advert.gif mc.yandex.ru/metrika/	43 B 445 B	26ms 21ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 31 May 2019 09:56:16 GMT Content-Encoding gzip Last-Modified Mon, 12 Oct 2015 13:09:09 GMT Server nginx/1.12.2 ETag "561bb0f5-3d" Strict-Transport-Security max-age=31536000 Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Content-Length 61 Expires Fri, 31 May 2019 10:56:16 GMT
GET H/1.1	200 OK	1 Show response mc.yandex.ru/watch/50559844/	152 B 705 B	75ms 52ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/50559844/1?wmode=7&page-ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&page-url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559296568946%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190531095616%3Aet%3A1559296576%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A483638390%3Ahid%3A154809344%3Ads%3A23%2C199%2C283%2C2%2C5665%2C0%2C0%2C863%2C83%2C%2C%2C%2C7053%3Afp%3A6772%3Awn%3A43951%3Ahl%3A50%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1559296576%3Au%3A1559296576782006340%3At%3AMacKeeper Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash 2acc7e0d3c3a57167b115db0e5fa29f42a96c66ce9b288c80f2959bd4a2222f2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Origin https://app7.kromtech.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Fri, 31 May 2019 09:56:16 GMT X-Content-Type-Options nosniff Last-Modified Fri, 31-May-2019 09:56:16 GMT Server nginx/1.12.2 Strict-Transport-Security max-age=31536000 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://app7.kromtech.net Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 152 X-XSS-Protection 1; mode=block Expires Fri, 31-May-2019 09:56:16 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 313 B	7ms 7ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1593188040964422&ev=PageView&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D%23pc224398&rl=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&if=false&ts=1559296576489&sw=1600&sh=1200&v=2.8.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1559296576486.552801288&it=1559296575974&coo=false&rqm=GET Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 31 May 2019 09:56:16 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Fri, 31 May 2019 09:56:16 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 128 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c06::9c Google LLC
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-56634126-6&cid=16550230.1559296576&jid=1962084930&gjid=2084447120&_gid=579128436.1559296576&_u=YGDACMABBAAAAC~&z=844382325 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Origin https://app7.kromtech.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 31 May 2019 09:56:16 GMT status 200 content-type text/plain access-control-allow-origin https://app7.kromtech.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/780563185/	42 B 109 B	25ms 24ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/780563185/?random=1559296576169&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=1683732632&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ www.google.de/pagead/1p-user-list/780563185/	0 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 109 B	31ms 19ms	Image image/gif	2a00:1450:4001:81d::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j76&tid=UA-56634126-6&cid=16550230.1559296576&jid=1962084930&_u=YGDACMABBAAAAC~&z=1083888157 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Fri, 31 May 2019 09:56:16 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		ga-audiences www.google.de/ads/	0 0
GET		ga-audiences www.google.de/ads/	0 0
GET		ga-audiences www.google.de/ads/	0 0
GET H2	200	event.php event.mackeeper.com/ Frame 0A31	0 0	100ms 99ms	Document application/json	34.225.31.41 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&uniqid=73ba5296e80f1514a98efa21384cdb0d&affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&bundleid=29_45121156&prodid=29&response=json&session=tq8c66j2qop7e3cn1capkc7op6&time=1559296577731 Requested by Host: app7.kromtech.net URL: https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.31.41 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-225-31-41.compute-1.amazonaws.com Software / Resource Hash Request headers :method GET :authority event.mackeeper.com :scheme https :path /event.php?step=Landing_Loaded&substep=View&uniqid=73ba5296e80f1514a98efa21384cdb0d&affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&bundleid=29_45121156&prodid=29&response=json&session=tq8c66j2qop7e3cn1capkc7op6&time=1559296577731 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= Response headers status 200 date Fri, 31 May 2019 09:56:17 GMT content-type application/json; charset=utf-8 content-length 58
GET H2	200	/ cx.atdmt.com/ Redirect Chain https://www.facebook.com/tr/?id=1593188040964422&ev=Microdata&dl=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53a... https://cx.atdmt.com/?c=17014117200457772116&f=AYwFMIkQsEwi4M_vSBxDcNARL7M1Au_r1yoDXqT21SkV4QlFAoMG7aRvbv3RjF9s0d3bNQN9hmL0DybTer91Y0yc&id=1593188040964422&l=3&v=0	42 B 404 B	73ms 38ms	Image image/gif	2a03:2880:f02d:5:face:b00c:0:8c Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=17014117200457772116&f=AYwFMIkQsEwi4M_vSBxDcNARL7M1Au_r1yoDXqT21SkV4QlFAoMG7aRvbv3RjF9s0d3bNQN9hmL0DybTer91Y0yc&id=1593188040964422&l=3&v=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Request headers Referer https://app7.kromtech.net/landings/197.10/?affid=536eb300-838a-11e9-b6b6-c0c902ce6700-mzb&epayId=29&guid=53acd008-838a-11e9-bfed-0e44482e0016&landId=2346&reqid=Root=1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba&tid_ext=edaadf27;185.151.58.117&trt=29_45121156&userDefiner=mzb_4146&utm_campaign=mk_mymed_cpm_ww&utm_content=&utm_medium=&utm_source=&utm_term= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Fri, 31 May 2019 09:56:18 GMT p3p CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC" content-length 42 content-type image/gif Redirect headers pragma no-cache date Fri, 31 May 2019 09:56:17 GMT server proxygen-bolt location https://cx.atdmt.com/?c=17014117200457772116&f=AYwFMIkQsEwi4M_vSBxDcNARL7M1Au_r1yoDXqT21SkV4QlFAoMG7aRvbv3RjF9s0d3bNQN9hmL0DybTer91Y0yc&id=1593188040964422&l=3&v=0 content-type text/plain status 302 cache-control no-cache, no-store, must-revalidate content-length 0 expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

popcash.net

URL

http://popcash.net/world/go/216668/462082?

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/854379023/?random=1559296575479&cv=9&fst=1559293200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&fmt=3&cdct=2&is_vtc=1&random=2668128414&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/854379023/?random=1559296576147&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=370624109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/983482265/?random=1559296576149&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=248642505&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/957119846/?random=1559296576168&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=74882258&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/1010020041/?random=1559296576150&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=2258827900&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/803067473/?random=1559296576166&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=3147045352&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.com

URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_v=j76&z=66673756

Domain

www.google.com

URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_v=j76&z=1935007892

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/787486911/?random=1559296576164&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=866385438&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/pagead/1p-user-list/780563185/?random=1559296576169&cv=9&fst=1559293200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=50&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp7.kromtech.net%2Flandings%2F197.10%2F%3Faffid%3D536eb300-838a-11e9-b6b6-c0c902ce6700-mzb%26epayId%3D29%26guid%3D53acd008-838a-11e9-bfed-0e44482e0016%26landId%3D2346%26reqid%3DRoot%3D1-5cf0fa3e-a79f5d7ef044be4cdd2bb8ba%26tid_ext%3Dedaadf27%3B185.151.58.117%26trt%3D29_45121156%26userDefiner%3Dmzb_4146%26utm_campaign%3Dmk_mymed_cpm_ww%26utm_content%3D%26utm_medium%3D%26utm_source%3D%26utm_term%3D&ref=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tiba=MacKeeper&async=1&fmt=3&cdct=2&is_vtc=1&random=1683732632&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain

www.google.de

URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j76&tid=UA-56634126-6&cid=16550230.1559296576&jid=1962084930&_u=YGDACMABBAAAAC~&z=1083888157

Domain

www.google.de

URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-22&cid=16550230.1559296576&jid=654724523&_v=j76&z=1935007892&slf_rd=1&random=388857884

Domain

www.google.de

URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-56634126-2&cid=16550230.1559296576&jid=357765169&_v=j76&z=66673756&slf_rd=1&random=973964954