Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 13:36 UTC

General

  • Target

    2f5fc4db056b3ab51e15422968721e56_JaffaCakes118.html

  • Size

    19KB

  • MD5

    2f5fc4db056b3ab51e15422968721e56

  • SHA1

    cf15e7340936e8f528c9487822edf4cfbe98fdca

  • SHA256

    e585777264a08a2adab50265d83bbfc688adaa180d84fbc064f8dcfe56ee790f

  • SHA512

    4cf2ad2843b48c7a82cf700c8bd259283f325c1d686de798a48728420da8d6a07dc95ac17196816e9a7e00df0154b2254eeb2d630a9fe2c4bbda1003b3f77808

  • SSDEEP

    192:9K/ypUhTViqEWULTgE9d3djsvzMMSjQRf8hbvrMlUx9V6cxjb79DX+OunCiFqiSg:4/yoTViLLXfWwQRM3p55OOunCi8in

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f5fc4db056b3ab51e15422968721e56_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2188

Network

  • flag-us
    DNS
    static.mackeeper.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.mackeeper.com
    IN A
    Response
    static.mackeeper.com
    IN CNAME
    d211q1i6v7lwo2.cloudfront.net
    d211q1i6v7lwo2.cloudfront.net
    IN A
    18.164.52.20
    d211q1i6v7lwo2.cloudfront.net
    IN A
    18.164.52.69
    d211q1i6v7lwo2.cloudfront.net
    IN A
    18.164.52.126
    d211q1i6v7lwo2.cloudfront.net
    IN A
    18.164.52.22
  • flag-us
    DNS
    loadus.exelator.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    loadus.exelator.com
    IN A
    Response
    loadus.exelator.com
    IN CNAME
    loadus.tm.ssl.exelator.com
    loadus.tm.ssl.exelator.com
    IN CNAME
    eu-west.load.exelator.com
    eu-west.load.exelator.com
    IN CNAME
    load-euw1.exelator.com
    load-euw1.exelator.com
    IN A
    34.254.143.3
  • flag-ie
    GET
    http://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0
    IEXPLORE.EXE
    Remote address:
    34.254.143.3:80
    Request
    GET /load/?p=1050&g=2&cat=[popunder]&j=0 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: loadus.exelator.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301
    server: nginx
    date: Fri, 10 May 2024 13:36:59 GMT
    content-type: text/html
    content-length: 162
    location: https://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0
    access-control-allow-credentials: true
    p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/js/loclist.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/loclist.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: RZKwrsnA5S05-q9gw2p_U89UuVOgapKS8XfpR6ohmr6lst9ylm7t3g==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: tzkuO8N4fpvFDkalx_EqxIHEaooNjB6sNtlIhKIskfhpxor4RbCrxw==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/stars.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/stars.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:02 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/stars.png
    X-Cache: Miss from cloudfront
    Via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: gVMUYnNbjezxOIeBJepQ3_TmEnm2hfqxoAAUmC7C_qlTR_uhTHjFhA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/cookie.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 03e404344c9f165c7468cdb109674f3a.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: 8W3L4jJUxECuugbfla4EXAMSbIGUiEoBASTR6pvP5ZuRIW4lHAdmMA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/Pixels/js/1604.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/1604.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 03e404344c9f165c7468cdb109674f3a.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: eRueXlWOAd8Bnumf7m9G-v5DeHaR-TNA4Of4PW35ShQGTHqmDSa12Q==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/pin.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/pin.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:02 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/pin.png
    X-Cache: Miss from cloudfront
    Via: 1.1 03e404344c9f165c7468cdb109674f3a.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: 6_Z0A4AU6qUrp4M5rPsKHFs0Iie48YjS4mch1Pez4ILwgrLki8_EAA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/css/style.min.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/css/style.min.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/css/style.min.css?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 0df1e08a236a7f5d1f4f9f78bdb4bb82.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: wGOBK_aGaMtarmJW4WO2iYjpMND4nvfeKmwoNriI2wlHjn6xUysxmg==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/Pixels/js/859.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/859.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 0df1e08a236a7f5d1f4f9f78bdb4bb82.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: -uQFbDOD6WkSZCFQ_7YFvDmzV6R1dFuJtvWdwaoVc76Ax3DdMLMzgw==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/arrow_animation2.gif?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:00 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow_animation2.gif?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 0df1e08a236a7f5d1f4f9f78bdb4bb82.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: A6xURIJRtpvCW_xWtiVICG8pbFXwHLuCq77Udo2NEpKsuW3u_aP_uQ==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/main-img.jpg
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/main-img.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:01 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/main-img.jpg
    X-Cache: Miss from cloudfront
    Via: 1.1 0df1e08a236a7f5d1f4f9f78bdb4bb82.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: adoJax20FV_rpnjSfgwyceLNBqbzR2TeRtel4bmukIWu2ez6od74QQ==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/steps-arrow.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/steps-arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:02 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/steps-arrow.png
    X-Cache: Miss from cloudfront
    Via: 1.1 0df1e08a236a7f5d1f4f9f78bdb4bb82.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: PFJITgQhLoHrXJ4RKabIvKjv35dCm8Pmf0Gq1Mk8R3FbgXGm16kTBA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/reset.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/reset.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/reset.css?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: gGXU42d-kcpZJ-HxBmxvP9vc6zlas8mraAX5y3T8Tn4svFWjxNiULg==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/overlay/overlay.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/overlay/overlay.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: LYYIx6y7ST5qhMdpfLwOELlubAm45o2PIg0lusVXLtlNHjPK7wxzPA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/arrow_animation.gif?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:00 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow_animation.gif?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: blGNF64lSCl7k7nCI2WOLS_dOh6pnYdzNQyp9JwSXVRXxDfcLEbBHg==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/arrow.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:01 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow.png
    X-Cache: Miss from cloudfront
    Via: 1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: 2Y4Xo8bqp8BVs7dvfyNOfhvOLLkqZjUO3lXZOv1UV4A4hZbA_0XEJg==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/alert/alerts.js?mkv=4
    X-Cache: Miss from cloudfront
    Via: 1.1 a384caf780263a78fbc93ca2ad4cc5a4.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: H3h2hpLMO9r0ufheBHgyifi0Aqt52Ff4e_WFZ8caLa09hHaeeiOGlA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/Pixels/js/1282.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/1282.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 a384caf780263a78fbc93ca2ad4cc5a4.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: _NSNWWS_LjRgD3gZP_2hQiVTiik9s3TvGyFLWlwNCpCbaKkMlKqzPw==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/sprite-ready-icon.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/sprite-ready-icon.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:01 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/sprite-ready-icon.png
    X-Cache: Miss from cloudfront
    Via: 1.1 a384caf780263a78fbc93ca2ad4cc5a4.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: f1u2LVwopw6TMBrjhjefPLgWC_6X9cX0F1OxSV63NiOQwPT0Xe9Zhw==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:36:59 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/jquery/jquery.min.js?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: xJK-Uorz09AaLHHSBT1HsCZerrvmLLwJst9_AK8fn_F_xZqwvzFYfQ==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/discounts/css/styles.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:00 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/discounts/css/styles.css?mkv=1
    X-Cache: Miss from cloudfront
    Via: 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: kA9TTvdStw8PR_hXJVYFpSMpRWoUUTIMhf7qjaO47wxK7572pzSFDA==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/libs/discounts/img/back.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/libs/discounts/img/back.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:01 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/libs/discounts/img/back.png
    X-Cache: Miss from cloudfront
    Via: 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: mY3amYLWszgZRyrdLQiQctAR3AoWzwynnXJgJLva816RJDjwENSqlQ==
  • flag-fr
    GET
    http://static.mackeeper.com/landings/123.1/img/sprite-icons.png
    IEXPLORE.EXE
    Remote address:
    18.164.52.20:80
    Request
    GET /landings/123.1/img/sprite-icons.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 134
    Connection: keep-alive
    Server: awselb/2.0
    Date: Fri, 10 May 2024 13:37:02 GMT
    Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/sprite-icons.png
    X-Cache: Miss from cloudfront
    Via: 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P4
    X-Amz-Cf-Id: RKjlfhph8C88uroTWLPJn84A9YRRftkw5p0eY3VfOnjjLoDSDCEi7Q==
  • flag-ie
    DNS
    IEXPLORE.EXE
    Remote address:
    34.254.143.3:80
    Response
    HTTP/1.1 408 Request Time-out
    content-length: 110
    cache-control: no-cache
    content-type: text/html
    connection: close
  • flag-ie
    DNS
    IEXPLORE.EXE
    Remote address:
    34.254.143.3:443
    Response
    HTTP/1.1 400 Bad request
    content-length: 90
    cache-control: no-cache
    content-type: text/html
    connection: close
  • flag-us
    DNS
    mackeeperapp.mackeeper.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    mackeeperapp.mackeeper.com
    IN A
    Response
    mackeeperapp.mackeeper.com
    IN A
    3.217.201.163
    mackeeperapp.mackeeper.com
    IN A
    34.200.74.132
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
    Vary: Accept-Encoding
    ETag: W/"57164f85-1762a"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-ready-icon.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/sprite-ready-icon.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 2412
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-96c"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/steps-arrow.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/steps-arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 434
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-1b2"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/reset.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/reset.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
    Vary: Accept-Encoding
    ETag: W/"5ae70052-33d"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/css/style.min.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/css/style.min.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 24 Nov 2020 10:39:52 GMT
    Vary: Accept-Encoding
    ETag: W/"5fbce2f8-4362"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/alert/alerts.js?mkv=4
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 04 Oct 2018 13:30:26 GMT
    Vary: Accept-Encoding
    ETag: W/"5bb615f2-dbe8"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Vary: Accept-Encoding
    Content-Security-Policy: default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com; frame-ancestors 'none'; frame-src 'self' 'unsafe-inline' *.a.disquscdn.com https://widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com/ *.cdn.onesignal.com/ *.onesignal.com/ *.criteo.com https://www.zenaps.com/; child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.lporirxe.com blob: *.cdn.onesignal.com/ *.onesignal.com/ *.liadm.com; form-action 'self' *.mackeeper.com *.facebook.com; img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru cx.atdmt.com *.baidu.com/ *.gstatstrk.com *.assets.kromtech.net *.cdn.onesignal.com/ *.onesignal.com/ *.rtmark.net/ *.taboola.com *.zoomsupport.com *.cloudmccloud.com *.linkconnector.com *.linkedin.com *.linkconnector.com linkconnector.com https://www.zenaps.com https://www.awin1.com *.clarity.ms *.lfeeder.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net/metrika/watch_ua.js *.yimg.jp http://addtocalendar.com https://addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com/ *.baidu.com/ *.cdn.onesignal.com/ *.onesignal.com/ *.rtmark.net/ *.taboola.com/ *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com/pixel/pixel_keeper.js cdnjs.cloudflare.com *.clickcease.com *.criteo.net *.criteo.com https://snap.licdn.com *.linkconnector.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com https://the.sciencebehindecommerce.com *.clarity.ms *.adcell.com *.lfeeder.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.mackeeperblog.disqus.com *.referrer.disqus.com *.google.com *.google.com.ua http://addtocalendar.com https://addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com/ *.addtocalendar.com *.googletagmanager.com *.liadm.com; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com *.static.mackeeper.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.pagead2.googlesyndication.com *.liadm.com; connect-src 'self' *.mackeeper.co *.mackeeper.com https://mackeeper.com http://mackeeper.com https://rp.liadm.com http://rp.liadm.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net http://lcidc.liadm.com https://lcidc.liadm.com *.assets.kromtech.net *.assets.kromtech.net *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com/ *.pushdata.onesignal.com:* *.onesignal.com/ *.onesignal.com/ *.taboola.com/ *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com https://idtg.account.mackeeper.com https://the.sciencebehindecommerce.com *.liadm.com *.liadm.com *.adcell.com *.clarity.ms *.lfeeder.com;
    Set-Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; expires=Sat, 11-May-2024 13:37:01 GMT; Max-Age=86400; path=/; samesite=lax; secure
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Set-Cookie: PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4; path=/
    Request-ID: 8d84a91b206ea9b78a14d61ba066589f
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/discounts/img/back.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/discounts/img/back.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 150912
    Connection: keep-alive
    Server: nginx
    Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
    ETag: "5ae70052-24d80"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/js/cookie.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
    Vary: Accept-Encoding
    ETag: W/"5ae70052-270"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/arrow_animation.gif?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: image/gif
    Content-Length: 7944
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-1f08"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/arrow.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 926
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-39e"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-icons.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/sprite-icons.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 6724
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-1a44"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/js/loclist.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/js/loclist.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
    Vary: Accept-Encoding
    ETag: W/"57164f85-26c"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/arrow_animation2.gif?mkv=1 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: image/gif
    Content-Length: 7948
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-1f0c"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/main-img.jpg
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/main-img.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/jpeg
    Content-Length: 38349
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-95cd"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/discounts/css/styles.css?mkv=1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 24 May 2016 12:45:39 GMT
    Vary: Accept-Encoding
    ETag: W/"57444cf3-425"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/overlay/overlay.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
    Vary: Accept-Encoding
    ETag: W/"57164f85-569"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/Pixels/js/1604.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
    Vary: Accept-Encoding
    ETag: W/"57164f85-189"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/pin.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/pin.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 749
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-2ed"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-ie
    DNS
    IEXPLORE.EXE
    Remote address:
    34.254.143.3:443
    Response
    HTTP/1.1 400 Bad request
    content-length: 90
    cache-control: no-cache
    content-type: text/html
    connection: close
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/Pixels/js/1282.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Fri, 01 Jul 2016 11:50:23 GMT
    Vary: Accept-Encoding
    ETag: W/"577658ff-15c"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/libs/Pixels/js/859.js?mkv=1 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:01 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx
    Last-Modified: Tue, 24 May 2016 10:01:52 GMT
    Vary: Accept-Encoding
    ETag: W/"57442690-1d2"
    Expires: Sun, 09 Jun 2024 13:37:01 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Content-Encoding: gzip
  • flag-us
    GET
    https://mackeeperapp.mackeeper.com/landings/123.1/img/stars.png
    IEXPLORE.EXE
    Remote address:
    3.217.201.163:443
    Request
    GET /landings/123.1/img/stars.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mackeeperapp.mackeeper.com
    Connection: Keep-Alive
    Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=tt0rod4qbs90rqeb61v5mdkin4
    Response
    HTTP/1.1 200 OK
    Date: Fri, 10 May 2024 13:37:02 GMT
    Content-Type: image/png
    Content-Length: 1893
    Connection: keep-alive
    Server: nginx
    Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
    ETag: "5d7a07e4-765"
    Expires: Sun, 09 Jun 2024 13:37:02 GMT
    Cache-Control: max-age=2592000
    Cache-Control: must-revalidate
    Vary: Origin
    Accept-Ranges: bytes
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    3.162.33.170
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: P49XHGCpGEmyxLcAB2C_aStRZ-2A2f9jFfBz4Zhu-ft-Klb7OosVgQ==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 549d5003213e897b51ff26b051fb8c78.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: cW_FTdR8i_CwC_sg8pFig0FP4Al-2wSK88n6mXeaWJNLmzHiQK-I2w==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 c7deb8fcb33ecb1e5a3a6d85b3f06e68.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: BK7wiMsrfO6C-cEnyFEhozV8LV1hdhHKbBVwNhkM6ga0g741_N89Mg==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 c08a0ab3127361278a0f4d97c34cd682.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: wkBgFa2SEr17TmGb9pGcUrgAwUkkKA6FZrfJakiRXXEKC9mSBqDOBQ==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 8ef3b122b1955c9b50019a917f1a6a58.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: GGDLkRa1wc7rjbI_HRjjCvupA9waiXWaycgP2ti_DWdlZOotYEtMHg==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 0f03de5c911def3510d9e3ffa72c0a70.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: Su987Zufgkz71VSRu3hkTBQmphNvjcUoaHQeNR5GP97abAIu8bqluA==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 3ebbe9acf1a1455083ed9b89077979dc.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: P62sQ5YkTLX463_p5bodHmjnz3eCoiaZflp2jSIjsssB_sHWRG5tyA==
    Age: 1019
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    IEXPLORE.EXE
    Remote address:
    3.162.33.170:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Fri, 10 May 2024 13:20:02 GMT
    Last-Modified: Fri, 10 May 2024 13:20:02 GMT
    Server: ECAcc (frc/4C8D)
    X-Cache: Hit from cloudfront
    Via: 1.1 5a012a43a727d36b7bf1976d7c8817dc.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P6
    X-Amz-Cf-Id: EFTrB4atQ-Pa8n-PeQ6OCJ42zuPcJwZ2kMMn5euVpJRkq1wpuYBvjg==
    Age: 1019
  • flag-us
    DNS
    assets.kromtech.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    assets.kromtech.net
    IN A
    Response
  • flag-gb
    GET
    http://fonts.googleapis.com/css?family=Roboto:400,600,700
    IEXPLORE.EXE
    Remote address:
    216.58.204.74:80
    Request
    GET /css?family=Roboto:400,600,700 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css; charset=utf-8
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Expires: Fri, 10 May 2024 13:37:01 GMT
    Date: Fri, 10 May 2024 13:37:01 GMT
    Cache-Control: private, max-age=86400
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-gb
    GET
    http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
    IEXPLORE.EXE
    Remote address:
    216.58.204.74:80
    Request
    GET /css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css; charset=utf-8
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Expires: Fri, 10 May 2024 13:37:01 GMT
    Date: Fri, 10 May 2024 13:37:01 GMT
    Cache-Control: private, max-age=86400
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-gb
    GET
    http://fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
    IEXPLORE.EXE
    Remote address:
    216.58.204.74:80
    Request
    GET /css?family=Open+Sans:300,600&subset=latin,latin-ext HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css; charset=utf-8
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Expires: Fri, 10 May 2024 13:37:01 GMT
    Date: Fri, 10 May 2024 13:37:01 GMT
    Cache-Control: private, max-age=86400
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-us
    DNS
    event.mackeeper.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    event.mackeeper.com
    IN A
    Response
    event.mackeeper.com
    IN A
    52.222.149.61
    event.mackeeper.com
    IN A
    52.222.149.81
    event.mackeeper.com
    IN A
    52.222.149.36
    event.mackeeper.com
    IN A
    52.222.149.107
  • flag-gb
    GET
    http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woff
    IEXPLORE.EXE
    Remote address:
    216.58.212.195:80
    Request
    GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: fonts.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
    Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
    Timing-Allow-Origin: *
    Content-Length: 31144
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 May 2024 13:19:49 GMT
    Expires: Sun, 04 May 2025 13:19:49 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 14 Dec 2023 02:01:28 GMT
    Content-Type: font/woff
    Age: 519432
  • flag-gb
    GET
    http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woff
    IEXPLORE.EXE
    Remote address:
    216.58.212.195:80
    Request
    GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: fonts.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
    Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
    Timing-Allow-Origin: *
    Content-Length: 31332
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 May 2024 20:12:50 GMT
    Expires: Sun, 04 May 2025 20:12:50 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 14 Dec 2023 02:01:29 GMT
    Content-Type: font/woff
    Age: 494651
  • flag-gb
    GET
    http://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff
    IEXPLORE.EXE
    Remote address:
    216.58.212.195:80
    Request
    GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: fonts.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
    Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
    Timing-Allow-Origin: *
    Content-Length: 36956
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 May 2024 08:25:47 GMT
    Expires: Sun, 04 May 2025 08:25:47 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 01 Jun 2023 22:52:59 GMT
    Content-Type: font/woff
    Age: 537074
  • flag-gb
    GET
    http://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff
    IEXPLORE.EXE
    Remote address:
    216.58.212.195:80
    Request
    GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: fonts.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
    Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
    Timing-Allow-Origin: *
    Content-Length: 36788
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 May 2024 17:27:26 GMT
    Expires: Sun, 04 May 2025 17:27:26 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 01 Jun 2023 22:52:58 GMT
    Content-Type: font/woff
    Age: 504575
  • flag-fr
    GET
    https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json
    IEXPLORE.EXE
    Remote address:
    52.222.149.61:443
    Request
    GET /event.php?step=Landing_Loaded&substep=Hit&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: event.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=utf-8
    Content-Length: 62
    Connection: keep-alive
    Date: Fri, 10 May 2024 13:37:02 GMT
    X-Cache: Miss from cloudfront
    Via: 1.1 5c0a9fbe4f8b2e7835a09c41c52efb12.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P1
    X-Amz-Cf-Id: SzhxkR7eL_E7QOJTGWKFaYb5bZtxaYVotC1vN5CfI1WNKOQnhwobKg==
  • flag-fr
    GET
    https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json
    IEXPLORE.EXE
    Remote address:
    52.222.149.61:443
    Request
    GET /event.php?step=Landing_Loaded&substep=View&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: event.mackeeper.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=utf-8
    Content-Length: 62
    Connection: keep-alive
    Date: Fri, 10 May 2024 13:37:03 GMT
    X-Cache: Miss from cloudfront
    Via: 1.1 5c0a9fbe4f8b2e7835a09c41c52efb12.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P1
    X-Amz-Cf-Id: swuwkMglLCKfGqJeLikO2exqNwutfuB49cRJEDxNou8PBFSwptPEAw==
  • 34.254.143.3:80
    http://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0
    http
    IEXPLORE.EXE
    854 B
    626 B
    12
    3

    HTTP Request

    GET http://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/stars.png
    http
    IEXPLORE.EXE
    1.4kB
    3.3kB
    11
    10

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/stars.png

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/pin.png
    http
    IEXPLORE.EXE
    1.3kB
    2.7kB
    10
    9

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/pin.png

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/steps-arrow.png
    http
    IEXPLORE.EXE
    2.1kB
    4.6kB
    13
    14

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/css/style.min.css?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/main-img.jpg

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/steps-arrow.png

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/arrow.png
    http
    IEXPLORE.EXE
    1.7kB
    3.3kB
    11
    11

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/reset.css?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/arrow.png

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/sprite-ready-icon.png
    http
    IEXPLORE.EXE
    1.3kB
    3.3kB
    10
    10

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/sprite-ready-icon.png

    HTTP Response

    301
  • 18.164.52.20:80
    http://static.mackeeper.com/landings/123.1/img/sprite-icons.png
    http
    IEXPLORE.EXE
    1.7kB
    3.4kB
    11
    11

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/libs/discounts/img/back.png

    HTTP Response

    301

    HTTP Request

    GET http://static.mackeeper.com/landings/123.1/img/sprite-icons.png

    HTTP Response

    301
  • 34.254.143.3:80
    loadus.exelator.com
    http
    IEXPLORE.EXE
    236 B
    365 B
    5
    3

    HTTP Response

    408
  • 34.254.143.3:443
    loadus.exelator.com
    tls, http
    IEXPLORE.EXE
    836 B
    4.3kB
    11
    9

    HTTP Response

    400
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/img/steps-arrow.png
    tls, http
    IEXPLORE.EXE
    2.9kB
    45.0kB
    28
    40

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-ready-icon.png

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/steps-arrow.png

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/libs/reset.css?mkv=1
    tls, http
    IEXPLORE.EXE
    1.2kB
    7.0kB
    11
    11

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/reset.css?mkv=1

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/css/style.min.css?mkv=1
    tls, http
    IEXPLORE.EXE
    1.3kB
    10.6kB
    13
    15

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/css/style.min.css?mkv=1

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/libs/discounts/img/back.png
    tls, http
    IEXPLORE.EXE
    5.4kB
    199.5kB
    84
    153

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/alert/alerts.js?mkv=4

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/discounts/img/back.png

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-icons.png
    tls, http
    IEXPLORE.EXE
    3.0kB
    24.3kB
    22
    26

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/js/cookie.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow.png

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-icons.png

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/img/main-img.jpg
    tls, http
    IEXPLORE.EXE
    3.1kB
    55.7kB
    34
    49

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/js/loclist.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/main-img.jpg

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1
    tls, http
    IEXPLORE.EXE
    997 B
    1.5kB
    8
    8

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/img/pin.png
    tls, http
    IEXPLORE.EXE
    2.0kB
    4.8kB
    13
    12

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/pin.png

    HTTP Response

    200
  • 34.254.143.3:443
    loadus.exelator.com
    tls, http
    IEXPLORE.EXE
    655 B
    759 B
    8
    6

    HTTP Response

    400
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1
    tls, http
    IEXPLORE.EXE
    1.0kB
    1.3kB
    8
    8

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1

    HTTP Response

    200
  • 3.217.201.163:443
    https://mackeeperapp.mackeeper.com/landings/123.1/img/stars.png
    tls, http
    IEXPLORE.EXE
    1.6kB
    3.8kB
    10
    10

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1

    HTTP Response

    200

    HTTP Request

    GET https://mackeeperapp.mackeeper.com/landings/123.1/img/stars.png

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 3.162.33.170:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D
    http
    IEXPLORE.EXE
    476 B
    1.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D

    HTTP Response

    200
  • 216.58.204.74:80
    http://fonts.googleapis.com/css?family=Roboto:400,600,700
    http
    IEXPLORE.EXE
    536 B
    897 B
    6
    5

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Roboto:400,600,700

    HTTP Response

    200
  • 216.58.204.74:80
    http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext
    http
    IEXPLORE.EXE
    564 B
    916 B
    6
    5

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext

    HTTP Response

    200
  • 216.58.204.74:80
    http://fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
    http
    IEXPLORE.EXE
    558 B
    938 B
    6
    5

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext

    HTTP Response

    200
  • 216.58.212.195:80
    http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woff
    http
    IEXPLORE.EXE
    1.2kB
    33.7kB
    19
    28

    HTTP Request

    GET http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woff

    HTTP Response

    200
  • 216.58.212.195:80
    http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woff
    http
    IEXPLORE.EXE
    1.1kB
    33.2kB
    17
    27

    HTTP Request

    GET http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woff

    HTTP Response

    200
  • 216.58.212.195:80
    http://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff
    http
    IEXPLORE.EXE
    1.2kB
    39.0kB
    20
    31

    HTTP Request

    GET http://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff

    HTTP Response

    200
  • 216.58.212.195:80
    http://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff
    http
    IEXPLORE.EXE
    1.2kB
    38.8kB
    19
    31

    HTTP Request

    GET http://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff

    HTTP Response

    200
  • 52.222.149.61:443
    https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json
    tls, http
    IEXPLORE.EXE
    1.7kB
    8.5kB
    11
    15

    HTTP Request

    GET https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json

    HTTP Response

    200

    HTTP Request

    GET https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_255.13053633.1516512846.28.mzb&bundleid=29_342451156&prodid=29&response=json

    HTTP Response

    200
  • 52.222.149.61:443
    event.mackeeper.com
    tls
    IEXPLORE.EXE
    796 B
    6.6kB
    10
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.6kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.7kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
    7.7kB
    10
    13
  • 8.8.8.8:53
    static.mackeeper.com
    dns
    IEXPLORE.EXE
    66 B
    173 B
    1
    1

    DNS Request

    static.mackeeper.com

    DNS Response

    18.164.52.20
    18.164.52.69
    18.164.52.126
    18.164.52.22

  • 8.8.8.8:53
    loadus.exelator.com
    dns
    IEXPLORE.EXE
    65 B
    160 B
    1
    1

    DNS Request

    loadus.exelator.com

    DNS Response

    34.254.143.3

  • 8.8.8.8:53
    mackeeperapp.mackeeper.com
    dns
    IEXPLORE.EXE
    72 B
    104 B
    1
    1

    DNS Request

    mackeeperapp.mackeeper.com

    DNS Response

    3.217.201.163
    34.200.74.132

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    3.162.33.170

  • 8.8.8.8:53
    assets.kromtech.net
    dns
    IEXPLORE.EXE
    65 B
    146 B
    1
    1

    DNS Request

    assets.kromtech.net

  • 8.8.8.8:53
    event.mackeeper.com
    dns
    IEXPLORE.EXE
    65 B
    129 B
    1
    1

    DNS Request

    event.mackeeper.com

    DNS Response

    52.222.149.61
    52.222.149.81
    52.222.149.36
    52.222.149.107

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517

    Filesize

    1KB

    MD5

    4efc7dc16ae499f76c5c8f975d30b872

    SHA1

    1acc8709267e57b286b072d047c0a16160851d1d

    SHA256

    61672d1c3b53b5c0f714773c6335f2d62cd37920e5e338a42ef4f199a3ca3027

    SHA512

    e7289691ed6fc70973a0cb0f934a8cb627c157df2434e795bcbd65034e88b0bbce1b468fb8281e3d172963be691b13689c2e634afe07551f24f54e6f2b9b0789

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D

    Filesize

    471B

    MD5

    5b55243f3ee19dc5e8c1fba849985285

    SHA1

    1b651354ce1cd45bdbd359f7d15ea7d561633091

    SHA256

    2e4ae0f83716d984c3ede8b6f981cd8bcf84e83c9504c04e37a9699230379e30

    SHA512

    98ca6865bcd2e49ee387d18d11ea231b102087a0d612644d755855f9170b35af5928fa5bd0a1ca7f77e55b139ab054cf3f247f21ebeb0ec5ca1b367998ca176d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

    Filesize

    2KB

    MD5

    4966252285e49249ec522f5dbd5fb3ef

    SHA1

    f6180baa9af59fd96b666818097ce4678d5a5c43

    SHA256

    d38e3275bc4d86028315e15a5f6f6b6e8ad9364128639a5f0437aad868f1d321

    SHA512

    dc1e92328c4d75f072dc01dda31cd9741d5ce237a0266cc0ab206075a85d85f8656eaf3a5e99077e92c314ffa8aceac17aa492e11f29178d4f053e1bd34396e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

    Filesize

    1KB

    MD5

    079bcbc687d1b9013a4f742ba24febda

    SHA1

    f6c3f0b6dc488010d8209ac0e8afec1ea5536df2

    SHA256

    ca019449d3f045c75fd71c4a4977054efe70d364298e198fd7df6e20299fa976

    SHA512

    1245414d58ae73cca12e065c264703da2bc97e51b14d3e70717384bc1d895707968afc756e692ffc5844acf5db7765cd629d8525edb8475f1f4d6b46bd57e775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    911dc8247bd7c5ccdef069b6b7e77fd8

    SHA1

    419274f3c6e82603f0b6f2efa7a7c8b36f20319e

    SHA256

    381b7c62dcf7fcdad62694e4915adbb8154580c553a7a3dab150db8e933646b1

    SHA512

    59b4a0a3c7670b2963de90bb02312bcc0d1ce593762d02f16acd735d954bcaa1e456a50bb6986eded973afce05085f4c4178579ee86b1a8f89c8854dcc4234eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\83D863F495E7D991917B3ABB3E1EB382_4D506EBD8371D43E19D08592A41A426D

    Filesize

    426B

    MD5

    4ac09d92a74ace8080bd2d62195e313e

    SHA1

    c39c261ed1991aaf5bd9263dd8f17e4750f7b004

    SHA256

    6ece8918167e4ab106754085f85ec52537d4e3e8fc4a588897192042c731a8b9

    SHA512

    44e569845a1f304c9ef1d8628065f39d9e1f066695345b197deaeb82faec877591fcafabdc45075279504ad54d2ec5a98d58b6790b0779c3bcc1f7eb20666915

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1189fbd63398ae0a5403a3eb1adf00e0

    SHA1

    ae56f30a28dcfb2ad005f3c2c37300c9cb7e6ad2

    SHA256

    a5c70c1a6b17a0c7dfe9faa429bdbbe40ec4891f29a0ae631e12473406fe0027

    SHA512

    1e79fd7e50de01e500dcb07f2c550c48f01e72741c44ba836296583f56b086fe2ed4a7e29a10cef06ea1f5a868bfd3afb0b50f9118d65b6eb790e6e580536a1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    055fa501f245bf40f90af4133d0b812d

    SHA1

    357622c9163d531eb5301f8e3cf057fa33a31958

    SHA256

    bd5a31c5f3ef81950b68bc9b30764ad1fbf1a637394331670d3573b3f53132b2

    SHA512

    bf0ef8aa505af1aacf77ffcede542f87e5923b57a937f34df5ecf94289e79630c26b51384313de752fc409f82d77fe07615fb34ad6f8538db74639b7d43c2e3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c928c57a56838ec0d6afc44b36526b97

    SHA1

    a1984ada39e6a022f69f8f8e0ce80d4d96dff04a

    SHA256

    fdfad432e49dce0299dea14c5da820e02deec2b78d194c95632291e7d44d7f76

    SHA512

    552e4fb7a1dcac04b5f7726e0955e31ebff76d2cb6af0665dd597cd78d70f5d9668bd0dd622972280128c316ccad0b1b11d07b3a4f502001e1008c6a2f7684a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2421ece338f2cc328c768c47ecfa2737

    SHA1

    641462efc874ba53fce4436f1c288c1ea3e236fa

    SHA256

    22bd0e6c3f50d2600256a0109f8bc18ee5739ac2d6f435e7950c0064bfa797fc

    SHA512

    61e2346bdadebe275905984774811aaab7d9cf7390905edfa0a30d11ba65dcfb7b64cb2b0450e1862d7a238e1607e44395c1023fcced36ffce519d24177fc532

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41e00443f58e54ca30ba8d425f2195df

    SHA1

    c28d41db1b955b48894ed23ee709b08575b07622

    SHA256

    fbc8e82419b1e37652d78d7a599aeecc2f459f4252d5bac0314aee48ae050528

    SHA512

    07d3b833a4df128f9d6acbd79e4abd67dad3d36920baf43145d258d95d0bfb62a73343035af2c66e03742099ef709f7d47744cd16186fec2276044c847be45a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e87a596d80275a94858376703bc1f1ab

    SHA1

    72dfe5492ea99fb12a8b71878c4856d1dd786cf4

    SHA256

    44f496f946cea0b33d52f36b396bf35ac381ed4db4d3b6b8bef04e31e71c0266

    SHA512

    c6cabc4c042ac080ed75f7d2ade54a10d3796e7504599797f8f3a1fc0c950f6b0fbde1522359cf1bf3c66841b08f7fea2509de15bce13dee79623f66d89a6976

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    94eda2316e8b11742e357e3fd65b7d13

    SHA1

    b5f75a2ffe07a6036685a3b8854ab265531348b6

    SHA256

    f69ee4129bc5015c83aed80ca12d1e709ddd0d15b1741cc5e8afd585b0a23ee7

    SHA512

    65a40535a9250b1377103e6dba55ffaac97dddd12568b3e49d1766c2c3ec9e83031009c7feee68ea5a41a1f8cac909d1d347ce2fcdd8cfcba9b29c054d0837f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6645df564f82a84f3bacbf5b5139d61a

    SHA1

    4ff23ed62fd5866760dfb9d7a7820b8d6eb07f81

    SHA256

    f882fed56fe3ff161d13cd002e1ea0da8fcd358778c9bc540a31c9a70825fe09

    SHA512

    20bfb61a2d3bfe54b8f49b79fe7da417221be89b452e5c2b8abf66aa4bd8351e2b21de4f65e3548245b1f8882279b2c40e2300e0b8064b2b08da8d62271fe595

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f0b3b862a4a1c9c26e2800bca206782f

    SHA1

    efa222016c8bf36accef26255daf3fba89520d3f

    SHA256

    abcde627d9d5c6252bbcab99d98d8f6cd455b8ab0cd7f5cd0fa32b829eae9e84

    SHA512

    c343ce117e779ac36d7ac77e935d48a8e5e41be481c6e4bb570f0a37153d2e3b56ffc04c115271cb273e3b8116427cfdd2176b316fb7729e6ea066ebd26dca13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6de2b0fce5d2590caaddfff42c3ecb35

    SHA1

    65ac6343b25d6040e5cc003a61effdb073bfa8d0

    SHA256

    e2fe9909bbf8ba2882f1765496e6b3a12dbe533fe3ccacae84c8b64e2e0004c5

    SHA512

    e558ab2b72253063fb8b803e998ad96bbf94ee23f5af4771caaee21f7635721379958dcc8918ae8eafe8fd39e2015c63cfda0305028915c7c6e73f669097ab8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b78e86086a41078c4e3604b8be800fec

    SHA1

    6bd61039a4703f3a4811b2cb5faed7a29a1dabea

    SHA256

    982f68af9fed3ac910326ea3d931a24e791cdf54f57003bb29823e29fe31f052

    SHA512

    ae9982eb82c61c470b1f4ecbc107c7c7da07cac56b93b8a1b153386be465007d4582ba76afc77883c3588552b405a2e1e781c4f28761dfa3460a9d48a8b1c817

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    513e47cd7dfeb88351f31febd12fa49d

    SHA1

    d017f0d5e2eb326ede87650f5621cd38b53d53c9

    SHA256

    f872e33b755b6436ffde8e4a2e633d46397e87c0e0dbbd5a8afd4800d09aa0b7

    SHA512

    019ac83aff18b1f7a08d8f09b7f4fa29f2359c629b8d9f28777c6ee6410bb0906052a7663dd6848bafe60ff17ce06e954feaaf446e6d5f4cfb0151c324b3e261

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3398de4c6fb46a9fcd3deb9d9484097

    SHA1

    33ab4d0cb066db578374a941483b1c82f338ba42

    SHA256

    7cae5fff62fbc662404f20ca2a624861758bfbe10343369621464b6ab2a6644b

    SHA512

    4a934c84818f59855c2bee7deddd1ceb66a8d11d9fceaef35c505f62c42d07941550a2b36eacd60748bd7b8debf4e52b9071c123c4f2ed78235a2c05869b4115

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    349182878c8ec7087423c456f4700104

    SHA1

    b5571e220593df354194667737cba8569f5d7789

    SHA256

    1a7e154dcb4bca11e30b6930f3983074417bab5b4a0daccae43a5f47b1f4adec

    SHA512

    58f0810f75cdf106ab824cce50da036ec1e53b18bb9d82666b3d1fff95c0533a3e81fcd182c95deecf7bc96c8f0ae437c3554817a4bd939ec047817b260345b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0bfd753afc19f241ca59b84680e0594

    SHA1

    f6554b2202b710166ed0bf9bd4e75b244d54f467

    SHA256

    53b8c26fa0c59e567607ad69a37127af5041797083e8a29504a9c1350e279b9b

    SHA512

    6ed4e9e6f863b2a987ec15934b8bcb6d70813e3da6c8c432f0f9dc05134dac57fa6f77b6cd749a961f29f56dabb8d54a0bf0f5a1d2075306ae35d11c5f2217e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a10c046606cc5b005167bc1febc81853

    SHA1

    252e5e51ee10f093f3a1880eaa9123f8065941dd

    SHA256

    7eddb2e7c532637633b2c0daff0fa81d78d588fab5602d69beb2558204bd9ebb

    SHA512

    df19ac3703c4261eb925f87f37e2579eadc76e5e8a2ba734e74dbc3c6f2462ac38861e04b1c21da67651fc73234f3957646962dbef148fa27f4a961fbe3cde30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b57dffeea8eab5c112b1df48b2263e2e

    SHA1

    4bdf0025057b7e2ee002ea2908ff38938fc3b6cb

    SHA256

    43cab7ea6a6f8af56adb30e732371400589f730f7889a9a111a10f5fdead4f30

    SHA512

    4f30f14e825c72751540d2271e584ee72516454548732deae69b106831a9935f7e38ab0ad41ed43757b2a39547925b688219bbc2027c8097acd10c3b5c19cffe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    90b8a3a334e07646093a791464d29622

    SHA1

    1d6848e8c5602c5b5fbb6765dd2d2c08b38e3d29

    SHA256

    e54c1607ee4caab68ce32630e0c422abe0ddaf12208b8dc0f187ba9196226174

    SHA512

    d852c0e6f36b2e5878a82dc24addfe360eaebd6d5d78cd2e216bf71f481a310e757cba825723322491ffc379819882b8a96c9c7d8e901f31166ce6cfde3aeb45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    99412dd1ea0f8f60bd86bcc7efa38e70

    SHA1

    aa62724e823ba986d03bd620af114c97b07f9f60

    SHA256

    213592d1390c0edc4731b7284da6dc0b4e04847ee4c95b0fe35112f598ed6721

    SHA512

    c7ed6244c9e8751f6e9933efc9154a36eb6d5a7f88f18b50b300682e144bbe20c37dd74b186bb75fceb26b3830832aa68cc0c4999d677d86dd8f67721848b926

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    608b450830fde377c8fcc5e48e4fbf83

    SHA1

    4c8ba27cfe5b084f4219b602919e34e5f278fb2e

    SHA256

    47e2dfc6844a1c1a31b5ef64d4ba3dbca31e221f228f6ab03518eb37b0b247a2

    SHA512

    e5cbc2127970cb4709902a9bf3f970cae3c08fa1a409494cb478acd769f59a984c2bc2dc27624eaa6dfb121f3554e32b0446b9c75c6c68dac3cc108d3f70f0aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    318e919532f6bdb7689beceb0a5b6fe8

    SHA1

    09294e601d51b2a597da0ee8ef94303a8339c417

    SHA256

    11c6c9a94fc5a1d3f805f72eb5459f1bd958f7f35fdc8ffde69838463d4c39c7

    SHA512

    80f10122dcb0f5d4b12760ee9389a776e448624e5de3d7345d7ddbee7cc05351ee9b31bb8ccf80c379fd27724b74ed9985de4e6045060b893429e4a304e5a643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    780eadf07e0cea6f1de948c5c8650ba1

    SHA1

    e9e2585b4ff2e21b516098e4a01606085d2b4674

    SHA256

    cfaf888adfe8cdd5162153403a3ccb23826972af18be79e0aefca202fbb2db45

    SHA512

    eb4523b51e1342a399c15fc81ad154a4b16102ad3bc190e3bbf00618b9a9699ac2c550cfa5900f06a1cab32cf2f52201a4a91c0d5d791085c3f2a1db124f4449

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f851c5129dc2b5ecf494d7998f32d3f

    SHA1

    0cb4d1c63209e7f8945715c7bcbb3e01365efe46

    SHA256

    c5424e86e6f9b55a7adffacaa58de765d4cbc450d5988e224584106298f569c8

    SHA512

    ddb4913733120be89d91bbcd89f034085622c7227670aff03b7183b72acf3f76273af6d6b7ebdc9ef26c2149335edcfce0f7cfe62ad97753f189d39c864e6a9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    054f35cd5d44e4a8e64827f8ae897273

    SHA1

    8d32ed83f42e4362c7542fe208a0f1bc7acda8e7

    SHA256

    1a9634e7929c520d074081781c73145c252d67101fd6799845bf1329540a252b

    SHA512

    de8a772eb081713159be9e9dbb5b4b06cd3c73523eafe5634d03e5945565f648f408cf0cbfdcf8d15937065bbc7f37143ea0dd98ac43304bfbacbb1875874415

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    896500e8b381bf2f92ccd1f460fd4497

    SHA1

    6c92832f856369a640997c91bd1f7a19bc08c061

    SHA256

    ec1c02acc97f0cdc11bc9647aead978700a759c500856edade903864b6125121

    SHA512

    4d19ede753ecd9c1410f6993451ee5b0580927c3ad2508b6e3489649e5d7e2a6f654bcf731e8ae09b1e580087328462bb62cad79c38a72972e19e9c55dd33e8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    731ac9aec12163175be91f40e424a314

    SHA1

    f0fc84f9e7856ee642e80ef69d7fde6a34cdaa7a

    SHA256

    7adef238e1ffe1504f50f782b64c3261d5da7ffb528cf2cb199e6640d6c3bc89

    SHA512

    eef5f046aca69d2df0c7b1abe0636efcabece437f0c0c3c1c20ee6407b6d4f4c748e09e41b2da69533c48e20e3378aaac885480be7dd5dc2bfb3bf92ba66cecd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fbc5c42bf15e921509cd00e61d4f02fc

    SHA1

    fc9b2f410abaeecbb4cfd87de1edfd2469841c9b

    SHA256

    9ccc47e34f602987c7910491ed146595740b04edaccb17a183179f522b89b92f

    SHA512

    b79b0ca547acb51bd30b7e91dc338ad9897b9811a0072806fc699879f329685643954987d22db6d69c84c7e865082dc83db6701fb762e31cacbb7c622f6d95b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac433318e7d1dea0b9b42fbb8e72c4b9

    SHA1

    d839b4c46d9b148ce7408167b0f6c02c07c11c83

    SHA256

    25791935eda631855003b00f25607be4115924ab303b3e22b7dfd0a66e2aafec

    SHA512

    e60d5450852991bf8b95046149ee4c865e1712091e8b9792bd6ba025a50ba9485dc14a28cabe0eb7bc93bc87f1b6a593e21b2f796566d3542f7445063a698bad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

    Filesize

    458B

    MD5

    f6720df4da0ad103936c4a189302318d

    SHA1

    4b7802e3ff72c1c8d035a97cbcb755132c3ab585

    SHA256

    b7eb93e8ce95d5c661467cf0eb1eb532eb13ed164e0bfe1ed0934d7324a0632c

    SHA512

    2587b8842aff3cc75e3e2686de7e42617f03709d11066f17dc96c1fe21ddadf86715b6ca8d34708dfcf31c2d03ef6e9ae2b6d2d98f7e08d7feaaaa170632d82f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

    Filesize

    432B

    MD5

    36f75fcb00951f234f097b9a7fd849b5

    SHA1

    181907fe7ab0af52820b7a01ef06c2e823dcc77d

    SHA256

    7f64735cc493c1ffe7de2835b285dbb388aa3f16b53008198377d9b1bd540283

    SHA512

    4a75516a95dd7e96e64e1322a4f7619b6a91b36a2949cd35aff440d7edbb17224d894a6f4d909255501581f3f625f9ae7d87f63f025e20994c862f582d04c8e1

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G17BROQF\cookie[1].htm

    Filesize

    134B

    MD5

    4aa7a432bb447f094408f1bd6229c605

    SHA1

    1965c4952cc8c082a6307ed67061a57aab6632fa

    SHA256

    34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

    SHA512

    497ba6d8ec6bf2267fe6133a432f0e9ab12b982c06bb23e3de6e5a94d036509d2556ba822e3989d8cd7e240d9bae8096fc5be8a948e3e29fe29cab1fea1fe31c

  • C:\Users\Admin\AppData\Local\Temp\Cab3536.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3558.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.