Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
143s -
max time network
145s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
23/05/2024, 16:40 UTC
Static task
static1
Behavioral task
behavioral1
Sample
6b96096c063229cca1e95e3993bfcca2_JaffaCakes118.html
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6b96096c063229cca1e95e3993bfcca2_JaffaCakes118.html
Resource
win10v2004-20240508-en
General
-
Target
6b96096c063229cca1e95e3993bfcca2_JaffaCakes118.html
-
Size
19KB
-
MD5
6b96096c063229cca1e95e3993bfcca2
-
SHA1
fd50f116c8f27e21c19f0e333e311b1819fb42a4
-
SHA256
4a6b9ce46937f2a1480b9bb9de122cbbd5a42d675c508e780c6f526d67247f99
-
SHA512
a615977b113e1b8003607451b6f723dd81c2cf411496be8048c8790217aa2979193092c7926c6f02bd65681c8b1a44296f9c5fd93fa46e7cc45d708ee37583ab
-
SSDEEP
192:9K/ypUhT8iqEWwLTgE9d3lOhx4MfljQB2ghJxOMlUx9V6cxjb79DX+OunNiFliSg:4/yoT8iTLXfFEQBdMp55OOunNiXin
Malware Config
Signatures
-
Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PhishingFilter iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 002a69fe2fadda01 iexplore.exe -
description ioc Process Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0e93a1130adda01 iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{2D251F21-1923-11EF-931A-4205ACB4EED4} = "0" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000005659ca5cb4760f4354a84cbf29c7a0fee73efb779fc63dc3206c9c72873888de000000000e8000000002000020000000555da6236db0bb05754968e181e754e031177e29923bd7ab93f1853d63a724ba20000000782e6e51aed53ac320df397ab8d51dc5f37b636019c9074554577b10c47c6fe44000000060eaf646d70c903c0a20d33089da83564134617c2cb8486e0425476da7d4c9db9e32f6c6a98520ac7f50fbf5819ed82129635035175ecba0faa8733607afa0f4 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Set value (data) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a23000000000200000000001066000000010000200000000839dae9f47aca815d522014d1ec94c12a77a852713b33484252165e625bba60000000000e80000000020000200000000a2f9e77ff1ed75a59eb58f3c3ba67ae4233c24e06cf9eba01535c8f5f5fccbb900000003aafaa1b8f82d0375dac5c4535bffa507a13aed088b5c6507d96df1f0bf3c13aee08252600c183c6e767be33c4afa5ec3f72987088d110c0259233d00797c6dffc53bfe39b8ace31727a419d99e3db93b37dc2e667728c8ac6cca8ac5810a35f7d52f6dee7ec1a5bcc2f7e95992ca149c5f4cf533adfa7852ff985ada5e475cde13e253125149f2c81c9b4bfa8fd83b74000000045375842f72401ea903813ab916af17b3f3f0d5ac08966c35e154009ac417c2874fa81e1f059be0ee96188d77bcfe40fe85971a54b4fef0438597cb7e309d331 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422644301" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1600 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 1600 iexplore.exe 1600 iexplore.exe 1908 IEXPLORE.EXE 1908 IEXPLORE.EXE 1908 IEXPLORE.EXE 1908 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1600 wrote to memory of 1908 1600 iexplore.exe 28 PID 1600 wrote to memory of 1908 1600 iexplore.exe 28 PID 1600 wrote to memory of 1908 1600 iexplore.exe 28 PID 1600 wrote to memory of 1908 1600 iexplore.exe 28
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6b96096c063229cca1e95e3993bfcca2_JaffaCakes118.html1⤵
- Modifies Internet Explorer Phishing Filter
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1600 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1600 CREDAT:275457 /prefetch:22⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1908
-
Network
-
Remote address:8.8.8.8:53Requeststatic.mackeeper.comIN AResponsestatic.mackeeper.comIN CNAMEd211q1i6v7lwo2.cloudfront.netd211q1i6v7lwo2.cloudfront.netIN A13.225.10.120d211q1i6v7lwo2.cloudfront.netIN A13.225.10.3d211q1i6v7lwo2.cloudfront.netIN A13.225.10.80d211q1i6v7lwo2.cloudfront.netIN A13.225.10.38
-
Remote address:8.8.8.8:53Requeststatic.mackeeper.comIN A
-
Remote address:8.8.8.8:53Requestloadus.exelator.comIN AResponseloadus.exelator.comIN CNAMEloadus.tm.ssl.exelator.comloadus.tm.ssl.exelator.comIN CNAMEeu-west.load.exelator.comeu-west.load.exelator.comIN CNAMEload-euw1.exelator.comload-euw1.exelator.comIN A34.254.143.3
-
Remote address:8.8.8.8:53Requestloadus.exelator.comIN A
-
Remote address:13.225.10.120:80RequestGET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/cookie.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 014ab67808a44ee3c7c29c81742ee5fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: metSsAmCYnpCimOMvRVoIXSMdGYW9txI23EXAJwU3a2iRnh32nKGyA==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/sprite-ready-icon.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/sprite-ready-icon.png
X-Cache: Miss from cloudfront
Via: 1.1 014ab67808a44ee3c7c29c81742ee5fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: uAw5DGyySdbDfHdlDTnLI-tqnyV5PJb9x_s9MJJDJzk38p23EZULYA==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/css/style.min.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 2c10dcf9c9dce806048d7878d8a850dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: 5k7mFHYZ5_WD--jxyiDuCNwkyQrJHa_fGYqEQWDKNmucWROzEKYhUQ==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/Pixels/js/1604.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:38 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/1604.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 2c10dcf9c9dce806048d7878d8a850dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: WMtdmKTR6pePktEBnUvKSM2pmX9Hoevk58XIRwcJZeXMqD9waNof-A==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/main-img.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/main-img.jpg
X-Cache: Miss from cloudfront
Via: 1.1 2c10dcf9c9dce806048d7878d8a850dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: Mr4y1KSHblqEtmT8-smskPcXEh-QmwfBWgRNLswi_LVgphYnpeL3fw==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/jquery/jquery.min.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 014ab67808a44ee3c7c29c81742ee5fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: HfYwu50n-TSAKeYMVQdW3fJ6GF3XFjldqzEF9WjqJqz7C5Xjbi4xkQ==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/arrow_animation2.gif?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow_animation2.gif?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 014ab67808a44ee3c7c29c81742ee5fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: e1wFfcE-Xa-H6TAjZLGkWhV5kDOgisJGw6jzxoBosYJnTiLkghqLFQ==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/pin.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/pin.png
X-Cache: Miss from cloudfront
Via: 1.1 014ab67808a44ee3c7c29c81742ee5fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: IE2KGoWL1YvdIv1EJ2t0XYTq8YtwzbTubPEe3AGJ6O7DesVPULcx5A==
-
Remote address:34.254.143.3:80RequestGET /load/?p=1050&g=2&cat=[popunder]&j=0 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: loadus.exelator.com
Connection: Keep-Alive
ResponseHTTP/1.1 301
date: Thu, 23 May 2024 16:40:37 GMT
content-type: text/html
content-length: 162
location: https://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
-
Remote address:34.254.143.3:80ResponseHTTP/1.1 408 Request Time-out
cache-control: no-cache
content-type: text/html
connection: close
-
Remote address:13.225.10.120:80RequestGET /landings/libs/js/loclist.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/loclist.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 52bc27d24f50f7935e430abc56300f7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: OEbKoGwrekKtDB5azoj4gi3QCUeDesaRPQ-Pxw1hqpO-msNjunQvZA==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:38 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 52bc27d24f50f7935e430abc56300f7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: IFaE3gvCE1HLg7U6LqbEe3XPFUZ_BWSPaXRUrkMhb9ZMAKnKlpwd_g==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/discounts/img/back.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/discounts/img/back.png
X-Cache: Miss from cloudfront
Via: 1.1 52bc27d24f50f7935e430abc56300f7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: _XPF4B-sWBWeT_nUOot-cPYaNiiv--SOojO-HLBYpVUBfI2uoRpm5Q==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/alert/alerts.js?mkv=4
X-Cache: Miss from cloudfront
Via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: 28kQ4Ck5WSDF7lU3leLE4ekIDBApZCMir41EQYN0WBYHU-VgkgfVwg==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/reset.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/reset.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 8c82def71be6f7f1f6c2d1f6c8b83b0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: XvLHFeUbxdgz5cRnWbsdOKarfoPEWLhGRYWnLk9N5aDjdz38Cyac4A==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/overlay/overlay.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/overlay/overlay.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 590ad044183138a492a9344ba0b0a7ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: jjBCZkrUPFGelRGL3cGk8_zqg1xAmM8FsElkYDb5Q-F8YZ4yKdZjww==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/stars.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/stars.png
X-Cache: Miss from cloudfront
Via: 1.1 590ad044183138a492a9344ba0b0a7ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: mMV3Oiz0iSVLEjc3_4Mg-XkbJ3TNxi2S9rVtM1jiV2mYnvXljKKlDQ==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/sprite-icons.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/sprite-icons.png
X-Cache: Miss from cloudfront
Via: 1.1 590ad044183138a492a9344ba0b0a7ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: 7521I0qimrX4uEWjOgPr0ZGKb_08IwvbjfSN_mOMkEnl8DgjsW6jjA==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/discounts/css/styles.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/discounts/css/styles.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: y6D001BFJGu1ljIH0jwIs6v0dj_HpU4apf8bQ9cLv1sZ4O6I7Y3NzA==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/arrow_animation.gif?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:38 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow_animation.gif?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: krnMT-BdG_B_GDQler1Obp0KfDWKr-sjDMr8eUSNehP4DMgJh-OcoA==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/arrow.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/arrow.png
X-Cache: Miss from cloudfront
Via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: wY3rBuniOsPax1KyE7IxycA_uClKDNiP8g0ZiRX9Y0PZgkKfUNrs2w==
-
Remote address:13.225.10.120:80RequestGET /landings/123.1/img/steps-arrow.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:41:00 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/123.1/img/steps-arrow.png
X-Cache: Miss from cloudfront
Via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: Obs14bxZXqFUcpxNywDSKIUcBoWzPTPuN25jcMZl5mJntl25gtXWnw==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/Pixels/js/859.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/859.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 89695f3a4a3f2f2d6df76a407130856e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: mxe2pmhshPRctsJ7bw4HtNKb00F1fJIZ5J98GUG910wYGA_8IhreJQ==
-
Remote address:13.225.10.120:80RequestGET /landings/libs/Pixels/js/1282.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Thu, 23 May 2024 16:40:37 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/Pixels/js/1282.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 d9ebcca3f9f33c28ea30019abcbd7da8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: 6VSxC1pTBYbHR3YEQOYEspsmKu_8_lsHhe0nyj21SnJl_Q0r0sQijQ==
-
Remote address:34.254.143.3:443ResponseHTTP/1.1 400 Bad request
cache-control: no-cache
content-type: text/html
connection: close
-
Remote address:8.8.8.8:53Requestmackeeperapp.mackeeper.comIN AResponsemackeeperapp.mackeeper.comIN A54.237.18.11mackeeperapp.mackeeper.comIN A3.225.22.167
-
Remote address:54.237.18.11:443RequestGET /landings/libs/discounts/img/back.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 150912
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
ETag: "5ae70052-24d80"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/main-img.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 38349
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-95cd"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com; frame-ancestors 'none'; frame-src 'self' 'unsafe-inline' *.a.disquscdn.com https://widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.surveygizmo.com *.liadm.com *.typeform.com mc.yandex.ru *.js.ad-score.com/ *.cdn.onesignal.com/ *.onesignal.com/ *.criteo.com https://www.zenaps.com/; child-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com *.lporirxe.com *.lporirxe.com blob: *.cdn.onesignal.com/ *.onesignal.com/ *.liadm.com; form-action 'self' *.mackeeper.com *.facebook.com; img-src 'self' 'unsafe-inline' *.a.disquscdn.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gp *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.nf *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tk *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com *.s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com data: *.2mdn.net *.pagead2.googlesyndication.com *.glotgrx.com *.lporirxe.com *.exelator.com *.owox.com *.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.yahoo.co.jp *.apimzb-adserver.cloudmccloud.com *.3lift.com *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru cx.atdmt.com *.baidu.com/ *.gstatstrk.com *.assets.kromtech.net *.cdn.onesignal.com/ *.onesignal.com/ *.rtmark.net/ *.taboola.com *.zoomsupport.com *.cloudmccloud.com *.linkconnector.com *.linkedin.com *.linkconnector.com linkconnector.com https://www.zenaps.com https://www.awin1.com *.clarity.ms *.lfeeder.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.a.disquscdn.com widget.trustpilot.com *.adsage.com *.adsitrx.com *.analytics.yahoo.com *.b2c.com *.bing.com disqus.com *.disqus.com *.doubleclick.net *.facebook.com *.facebook.net *.flowplayer.org *.fqtag.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googletagservices.com *.gstatic.com *.hotjar.com *.i.ytimg.com *.images.dmca.com *.intljs.rmtag.com *.kromtech.com *.kromtech.net *.linksynergy.com *.mackeeper.co *.mackeeper.com *.mackeeperblog.disqus.com *.mpnrs.com *.msn.com *.optimizely.com *.yabidos.com s.yimg.com *.secure.ace-tag.advertising.com *.secure.leadback.advertising.com *.shopperapproved.com *.tagmanager.google.com *.tribalfusion.com *.twimg.com *.twitter.com ws://*.hotjar.com wss://*.hotjar.com *.www1.mpnrs.com *.youtube.com l2.io *.inspectlet.com *.googlesyndication.com *.sagetrc.com *.glotgrx.com *.lporirxe.com b-code.liadm.com *.outbrain.com *.visualwebsiteoptimizer.com *.cloudfront.net/metrika/watch_ua.js *.yimg.jp http://addtocalendar.com https://addtocalendar.com *.yahoo.co.jp blob: *.surveygizmo.com *.surveygizmolibrary.s3.amazonaws.com *.s.ytimg.com *.typeform.com *.calendly.com *.linkconnector.com *.linkconnector.com mc.yandex.ru *.js.ad-score.com/ *.baidu.com/ *.cdn.onesignal.com/ *.onesignal.com/ *.rtmark.net/ *.taboola.com/ *.engine.4dsply.com *.engine.spotscenered.info *.engine.3dspk.com *.we3red.com *.engine.asadap.com *.engine.nictelroalps.com *.engine.liondigitalserving.com *.engine.addroplet.com *.beritapria.com/pixel/pixel_keeper.js cdnjs.cloudflare.com *.clickcease.com *.criteo.net *.criteo.com https://snap.licdn.com *.linkconnector.com linkconnector.com *.dwin1.com *.awin1.com *.zenaps.com https://the.sciencebehindecommerce.com *.clarity.ms *.adcell.com *.lfeeder.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com *.a.disquscdn.com *.disqus.com *.googleapis.com *.fonts.gstatic.com *.mackeeperblog.disqus.com *.referrer.disqus.com *.google.com *.google.com.ua http://addtocalendar.com https://addtocalendar.com *.surveygizmo.com *.cdn.onesignal.com *.onesignal.com/ *.addtocalendar.com *.googletagmanager.com *.liadm.com; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com *.surveygizmo.com *.static.mackeeper.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com *.pagead2.googlesyndication.com *.pagead2.googlesyndication.com *.liadm.com; connect-src 'self' *.mackeeper.co *.mackeeper.com https://mackeeper.com http://mackeeper.com https://rp.liadm.com http://rp.liadm.com *.hotjar.com ws://*.hotjar.com wss://*.hotjar.com *.g.doubleclick.net http://lcidc.liadm.com https://lcidc.liadm.com *.assets.kromtech.net *.assets.kromtech.net *.google-analytics.com *.api.ipify.org *.mc.yandex.ru mc.yandex.ru *.data.ad-score.com *.baidu.com/ *.pushdata.onesignal.com:* *.onesignal.com/ *.onesignal.com/ *.taboola.com/ *.hotjar.io *.clickcease.com s.yimg.com *.facebook.com *.google.com bat.bing.com https://idtg.account.mackeeper.com https://the.sciencebehindecommerce.com *.liadm.com *.liadm.com *.adcell.com *.clarity.ms *.lfeeder.com;
Set-Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; expires=Fri, 24-May-2024 16:40:44 GMT; Max-Age=86400; path=/; samesite=lax; secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6; path=/
Request-ID: 114ff7e3ab3e7e4f1cb44a4cbb040c83
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 04 Oct 2018 13:30:26 GMT
Vary: Accept-Encoding
ETag: W/"5bb615f2-dbe8"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/discounts/css/styles.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 24 May 2016 12:45:39 GMT
Vary: Accept-Encoding
ETag: W/"57444cf3-425"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/overlay/overlay.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Vary: Accept-Encoding
ETag: W/"57164f85-569"
Expires: Sat, 22 Jun 2024 16:40:51 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/sprite-ready-icon.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 2412
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-96c"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/steps-arrow.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 434
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-1b2"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
Vary: Accept-Encoding
ETag: W/"5ae70052-270"
Expires: Sat, 22 Jun 2024 16:40:45 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/Pixels/js/1604.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Vary: Accept-Encoding
ETag: W/"57164f85-189"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 24 Nov 2020 10:39:52 GMT
Vary: Accept-Encoding
ETag: W/"5fbce2f8-4362"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/Pixels/js/1282.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Fri, 01 Jul 2016 11:50:23 GMT
Vary: Accept-Encoding
ETag: W/"577658ff-15c"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/libs/Pixels/js/859.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 24 May 2016 10:01:52 GMT
Vary: Accept-Encoding
ETag: W/"57442690-1d2"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/arrow_animation.gif?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 7944
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-1f08"
Expires: Sat, 22 Jun 2024 16:40:44 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/arrow_animation2.gif?mkv=1 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 7948
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-1f0c"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Vary: Accept-Encoding
ETag: W/"57164f85-1762a"
Expires: Sat, 22 Jun 2024 16:40:43 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/pin.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 749
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-2ed"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:54.237.18.11:443RequestGET /landings/123.1/img/sprite-icons.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6724
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-1a44"
Expires: Sat, 22 Jun 2024 16:41:01 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:8.8.8.8:53Requestocsp.r2m03.amazontrust.comIN AResponseocsp.r2m03.amazontrust.comIN A13.225.9.161
-
Remote address:8.8.8.8:53Requestocsp.r2m03.amazontrust.comIN A
-
Remote address:34.254.143.3:443ResponseHTTP/1.1 400 Bad request
cache-control: no-cache
content-type: text/html
connection: close
-
Remote address:8.8.8.8:53Requestocsp.r2m03.amazontrust.comIN AResponseocsp.r2m03.amazontrust.comIN A13.225.9.161
-
Remote address:8.8.8.8:53Requestocsp.r2m03.amazontrust.comIN A
-
Remote address:8.8.8.8:53Requestocsp.r2m03.amazontrust.comIN AResponseocsp.r2m03.amazontrust.comIN A13.225.9.161
-
GEThttp://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DIEXPLORE.EXERemote address:13.225.9.161:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 23 May 2024 15:12:30 GMT
Last-Modified: Thu, 23 May 2024 15:12:30 GMT
Server: ECAcc (lhd/3585)
X-Cache: Hit from cloudfront
Via: 1.1 89695f3a4a3f2f2d6df76a407130856e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: SKhk0BHlJu13N9-Psnd56lqq87Rq50DprvLoz5fX4hhKeddkb0cBCQ==
Age: 5293
-
GEThttp://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DIEXPLORE.EXERemote address:13.225.9.161:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 23 May 2024 15:12:30 GMT
Last-Modified: Thu, 23 May 2024 15:12:30 GMT
Server: ECAcc (lhd/3585)
X-Cache: Hit from cloudfront
Via: 1.1 84e82c8a6f436c18da1182c07f463906.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: fFQjGJMLa8mQfjTPnw19upSSnf56xxVwbemXpoya6YJRep6RwSvl3g==
Age: 5293
-
GEThttp://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DIEXPLORE.EXERemote address:13.225.9.161:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 23 May 2024 15:12:30 GMT
Last-Modified: Thu, 23 May 2024 15:12:30 GMT
Server: ECAcc (lhd/3585)
X-Cache: Hit from cloudfront
Via: 1.1 da1f6d03da0e6ca0243f47b48ec7ed16.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: 752EAeRZdspgmfYO0ZgBdV_O5xB0s7a8JTs-74NmKbzcMyu1fJS2EA==
Age: 5293
-
GEThttp://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DIEXPLORE.EXERemote address:13.225.9.161:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 23 May 2024 15:12:30 GMT
Last-Modified: Thu, 23 May 2024 15:12:30 GMT
Server: ECAcc (lhd/3585)
X-Cache: Hit from cloudfront
Via: 1.1 7980824cba87aa390d64c8693d060524.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LIS50-C1
X-Amz-Cf-Id: nCuy1Onbp0SLBAnrg4OMzdS6Mptf5JU2vhMjECO1lY12TbDDveufUA==
Age: 5294
-
Remote address:8.8.8.8:53Requestassets.kromtech.netIN AResponse
-
Remote address:3.225.22.167:443RequestGET /landings/libs/reset.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
Vary: Accept-Encoding
ETag: W/"5ae70052-33d"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip
-
Remote address:3.225.22.167:443RequestGET /landings/123.1/img/arrow.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive
Cookie: get_params_landings=%7B%22mkv%22%3A%221%22%7D; PHPSESSID=edqnpi9nlupcs48bhqqhpabeq6
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 926
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 12 Sep 2019 08:55:00 GMT
ETag: "5d7a07e4-39e"
Expires: Sat, 22 Jun 2024 16:41:00 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes
-
Remote address:216.58.204.74:80RequestGET /css?family=Open+Sans:300,600&subset=latin,latin-ext HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 23 May 2024 16:41:00 GMT
Date: Thu, 23 May 2024 16:41:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
GEThttp://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-extIEXPLORE.EXERemote address:216.58.204.74:80RequestGET /css?family=Source+Sans+Pro:400,600&subset=latin,latin-ext HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 23 May 2024 16:41:00 GMT
Date: Thu, 23 May 2024 16:41:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
Remote address:216.58.204.74:80RequestGET /css?family=Roboto:400,600,700 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 23 May 2024 16:41:00 GMT
Date: Thu, 23 May 2024 16:41:00 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
Remote address:8.8.8.8:53Requestevent.mackeeper.comIN AResponseevent.mackeeper.comIN A18.172.89.116event.mackeeper.comIN A18.172.89.90event.mackeeper.comIN A18.172.89.107event.mackeeper.comIN A18.172.89.113
-
GEThttp://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woffIEXPLORE.EXERemote address:216.58.201.99:80RequestGET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 31144
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 18 May 2024 12:01:15 GMT
Expires: Sun, 18 May 2025 12:01:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 14 Dec 2023 02:01:28 GMT
Content-Type: font/woff
Age: 448785
-
GEThttp://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woffIEXPLORE.EXERemote address:216.58.201.99:80RequestGET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 31332
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 18 May 2024 12:31:12 GMT
Expires: Sun, 18 May 2025 12:31:12 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 14 Dec 2023 02:01:29 GMT
Content-Type: font/woff
Age: 446988
-
GEThttp://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woffIEXPLORE.EXERemote address:216.58.201.99:80RequestGET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36788
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 19 May 2024 00:40:25 GMT
Expires: Mon, 19 May 2025 00:40:25 GMT
Cache-Control: public, max-age=31536000
Age: 403235
Last-Modified: Thu, 01 Jun 2023 22:52:58 GMT
Content-Type: font/woff
-
Remote address:216.58.201.99:80RequestGET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36956
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 18 May 2024 12:13:08 GMT
Expires: Sun, 18 May 2025 12:13:08 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 01 Jun 2023 22:52:59 GMT
Content-Type: font/woff
Age: 448072
-
GEThttps://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=jsonIEXPLORE.EXERemote address:18.172.89.116:443RequestGET /event.php?step=Landing_Loaded&substep=Hit&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=json HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: event.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 62
Connection: keep-alive
Date: Thu, 23 May 2024 16:41:00 GMT
X-Cache: Miss from cloudfront
Via: 1.1 802b22fb82cbd19ab6347f222b45a3fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN51-P1
X-Amz-Cf-Id: 3Lqs7sEsgtl_FKfuXy3pSNJmJ7IQzrlMUlTJYUfLNBmbiR5s_IqchQ==
-
GEThttps://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=jsonIEXPLORE.EXERemote address:18.172.89.116:443RequestGET /event.php?step=Landing_Loaded&substep=View&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=json HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: event.mackeeper.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 62
Connection: keep-alive
Date: Thu, 23 May 2024 16:41:02 GMT
X-Cache: Miss from cloudfront
Via: 1.1 802b22fb82cbd19ab6347f222b45a3fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAN51-P1
X-Amz-Cf-Id: c7f8sQp7TY7Y4-gKuKi1EgNj9lR1r2S1Tv8-kKLWCb_Uj549W-ZWZg==
-
13.225.10.120:80http://static.mackeeper.com/landings/123.1/img/sprite-ready-icon.pnghttpIEXPLORE.EXE953 B 1.4kB 8 6
HTTP Request
GET http://static.mackeeper.com/landings/libs/js/cookie.js?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/sprite-ready-icon.pngHTTP Response
301 -
1.7kB 3.3kB 12 10
HTTP Request
GET http://static.mackeeper.com/landings/123.1/css/style.min.css?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/main-img.jpgHTTP Response
301 -
1.7kB 2.7kB 11 9
HTTP Request
GET http://static.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/pin.pngHTTP Response
301 -
906 B 1.2kB 13 4
HTTP Request
GET http://loadus.exelator.com/load/?p=1050&g=2&cat=[popunder]&j=0HTTP Response
301 -
236 B 365 B 5 3
HTTP Response
408 -
1.7kB 2.7kB 11 9
HTTP Request
GET http://static.mackeeper.com/landings/libs/js/loclist.js?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/libs/discounts/img/back.pngHTTP Response
301 -
614 B 1.4kB 7 5
HTTP Request
GET http://static.mackeeper.com/landings/libs/alert/alerts.js?mkv=4HTTP Response
301 -
582 B 836 B 7 6
HTTP Request
GET http://static.mackeeper.com/landings/libs/reset.css?mkv=1HTTP Response
301 -
1.3kB 2.1kB 9 8
HTTP Request
GET http://static.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/stars.pngHTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/sprite-icons.pngHTTP Response
301 -
2.1kB 4.6kB 14 13
HTTP Request
GET http://static.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1HTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/arrow.pngHTTP Response
301HTTP Request
GET http://static.mackeeper.com/landings/123.1/img/steps-arrow.pngHTTP Response
301 -
517 B 751 B 5 4
HTTP Request
GET http://static.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1HTTP Response
301 -
13.225.10.120:80http://static.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1httpIEXPLORE.EXE518 B 752 B 5 4
HTTP Request
GET http://static.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1HTTP Response
301 -
836 B 4.2kB 11 8
HTTP Response
400 -
2.2kB 4.2kB 14 11
-
849 B 6.0kB 11 10
-
797 B 5.9kB 10 9
-
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/libs/discounts/img/back.pngtls, httpIEXPLORE.EXE4.2kB 157.4kB 72 120
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/discounts/img/back.pngHTTP Response
200 -
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/123.1/img/main-img.jpgtls, httpIEXPLORE.EXE2.1kB 46.2kB 28 40
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/main-img.jpgHTTP Response
200 -
1.6kB 29.6kB 20 29
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/?mkv=1HTTP Response
200 -
152 B 3
-
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1tls, httpIEXPLORE.EXE2.2kB 16.2kB 18 19
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/alert/alerts.js?mkv=4HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/discounts/css/styles.css?mkv=1HTTP Response
200 -
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/123.1/img/steps-arrow.pngtls, httpIEXPLORE.EXE3.1kB 5.7kB 18 15
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/overlay/overlay.js?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-ready-icon.pngHTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/steps-arrow.pngHTTP Response
200 -
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/libs/js/cookie.js?mkv=1tls, httpIEXPLORE.EXE2.4kB 1.7kB 14 10
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/js/cookie.js?mkv=1HTTP Response
200 -
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1tls, httpIEXPLORE.EXE3.2kB 16.4kB 20 24
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1604.js?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/css/style.min.css?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/1282.js?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/Pixels/js/859.js?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation.gif?mkv=1HTTP Response
200 -
54.237.18.11:443https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-icons.pngtls, httpIEXPLORE.EXE3.9kB 53.1kB 37 47
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow_animation2.gif?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/jquery/jquery.min.js?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/pin.pngHTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/sprite-icons.pngHTTP Response
200 -
897 B 751 B 9 6
HTTP Response
400 -
13.225.9.161:80http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DhttpIEXPLORE.EXE476 B 1.1kB 5 4
HTTP Request
GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DHTTP Response
200 -
13.225.9.161:80http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DhttpIEXPLORE.EXE476 B 1.1kB 5 4
HTTP Request
GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DHTTP Response
200 -
13.225.9.161:80http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DhttpIEXPLORE.EXE476 B 1.1kB 5 4
HTTP Request
GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DHTTP Response
200 -
13.225.9.161:80http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DhttpIEXPLORE.EXE476 B 1.1kB 5 4
HTTP Request
GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3DHTTP Response
200 -
3.225.22.167:443https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow.pngtls, httpIEXPLORE.EXE1.7kB 9.7kB 13 13
HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/libs/reset.css?mkv=1HTTP Response
200HTTP Request
GET https://mackeeperapp.mackeeper.com/landings/123.1/img/arrow.pngHTTP Response
200 -
216.58.204.74:80http://fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-exthttpIEXPLORE.EXE558 B 938 B 6 5
HTTP Request
GET http://fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-extHTTP Response
200 -
216.58.204.74:80http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-exthttpIEXPLORE.EXE564 B 916 B 6 5
HTTP Request
GET http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600&subset=latin,latin-extHTTP Response
200 -
536 B 897 B 6 5
HTTP Request
GET http://fonts.googleapis.com/css?family=Roboto:400,600,700HTTP Response
200 -
216.58.201.99:80http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woffhttpIEXPLORE.EXE1.1kB 33.0kB 18 27
HTTP Request
GET http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVQ.woffHTTP Response
200 -
216.58.201.99:80http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woffhttpIEXPLORE.EXE1.1kB 33.2kB 18 27
HTTP Request
GET http://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVQ.woffHTTP Response
200 -
216.58.201.99:80http://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woffhttpIEXPLORE.EXE1.2kB 38.8kB 20 31
HTTP Request
GET http://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRdo.woffHTTP Response
200 -
216.58.201.99:80http://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woffhttpIEXPLORE.EXE1.7kB 39.0kB 28 31
HTTP Request
GET http://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7j.woffHTTP Response
200 -
18.172.89.116:443https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=jsontls, httpIEXPLORE.EXE1.7kB 8.0kB 11 14
HTTP Request
GET https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=Hit&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=jsonHTTP Response
200HTTP Request
GET https://event.mackeeper.com/event.php?step=Landing_Loaded&substep=View&affid=mzb_253.10083525.1516523142.28.mzb&bundleid=29_21724511&prodid=29&response=jsonHTTP Response
200 -
750 B 6.6kB 9 12
-
799 B 7.7kB 10 13
-
799 B 7.7kB 10 13
-
779 B 7.6kB 9 12
-
132 B 173 B 2 1
DNS Request
static.mackeeper.com
DNS Request
static.mackeeper.com
DNS Response
13.225.10.12013.225.10.313.225.10.8013.225.10.38
-
130 B 160 B 2 1
DNS Request
loadus.exelator.com
DNS Request
loadus.exelator.com
DNS Response
34.254.143.3
-
72 B 104 B 1 1
DNS Request
mackeeperapp.mackeeper.com
DNS Response
54.237.18.113.225.22.167
-
144 B 88 B 2 1
DNS Request
ocsp.r2m03.amazontrust.com
DNS Request
ocsp.r2m03.amazontrust.com
DNS Response
13.225.9.161
-
144 B 88 B 2 1
DNS Request
ocsp.r2m03.amazontrust.com
DNS Request
ocsp.r2m03.amazontrust.com
DNS Response
13.225.9.161
-
72 B 88 B 1 1
DNS Request
ocsp.r2m03.amazontrust.com
DNS Response
13.225.9.161
-
65 B 146 B 1 1
DNS Request
assets.kromtech.net
-
65 B 129 B 1 1
DNS Request
event.mackeeper.com
DNS Response
18.172.89.11618.172.89.9018.172.89.10718.172.89.113
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD555540a230bdab55187a841cfe1aa1545
SHA1363e4734f757bdeb89868efe94907774a327695e
SHA256d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894
Filesize1KB
MD51142a4a2b96b712b2fccb3802b50d01b
SHA12283883c128ff11adec068619dae1345bf5fdd50
SHA25693e98c83f8ac00dd60d71be7278005a4841c7992ce95503f1b56aec89df807f6
SHA51263d1756c7fdc3e1883e9b0f0d8ca9ca2489d6ad866c0577fcda9fd9b50ab24a3993acd836de524203fbcdb2d09e910e902f6d8b040b7d2951f11d3930451f50b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
Filesize230B
MD5b008694037d69cf6085849531add5dbf
SHA16e66b82dcd93596e3ba1250d72f08e6853db86ae
SHA2569150c5665787e0a631753e769c5c57c54b48ba10a9d14441e94fc11ddcb20d78
SHA512364d235568a0578a9ced7c34f04ff4c1951de123a35d51012384b4341de783e305c86fc8c9e75ebd9fabdcbbe2023d38d7ec9c9a80febc16fd2604acc7cda84e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD50b27ad62a8d9b9da4f2342b6c152110f
SHA1f95d009cdea828097fd8d71b04a0c060ab08e7c6
SHA2569d2b32e571f6c8aa969fbc8037660ad621253ae12c7b4bdfe3ea0151e6853004
SHA512a082bf3fe526affa324439c59ded5283f783de05cd35735887da65e6389f985ba432a6fbaef1651cb7c3a14077b85243ee4353ceef29bf1d48119fae6cdfaed2
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD50e9a9d2fa9f32a3772f73ea8811d637f
SHA10da8f66cc54a97cafe930604714939317b863f84
SHA256e9944facb0c33f26bb78865927d7efcd8f395a9a4b78798337c7518dd9c13f18
SHA512d98d807f486937e7d807101725d1020462db33c8c79a6ac49bb9d76902dbea56436f67c7308237f7c322137e6758f34ca2863d414b125991845b6412064da9cf
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5ab7f8b14b6e37b693f1dd6559465a40c
SHA13e8252135d1f4a30681900d0191a212e6828b8f4
SHA256363ff9945896d613c741ad3fc06c33f27a2f4ca8a85356567e374625aa2cbac7
SHA51299b09539e7ff4d606e2e23902da779c080fbc1f8bed6531967aebc9cecebb564c6d2dec98d7afa84e4fabfdad88a96130a99ac017588c35a314a39a69962fc5d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5648867fa4cb50d6dce6f139d2783311c
SHA121b5f37946ff85d91cc87facbd7d87d106ac96ef
SHA256a69b7612d6f4a616c80b341a36da4dbc7100e42edcf3d5bb9caa50168a9706a0
SHA5126946d1d92e69305d5355197c5906b6712e113d59c487f56ea210d337983b3b5aa0e68f3a635a00ca91493cae355678cd963a9c33b9b7267acbb57270cbab0f13
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD55b75d5b429327f6bab34eb1be36d5937
SHA198f1c0b9dee26fa93b362dd59878c36e56730378
SHA2564fbbada3c5d8b846b973368d1d988da09aef4333f889e1e81e46cfdf0355ce9c
SHA512c724b0f628347a830ec437fda0d3e64f87bf969db2ed3d7a40c33f6addfb1314f17d62b2b0c8e4c5c0fc7b70cda4ed02b866c3c8f25077554ce808f2369378a1
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD58fcde73ff8b84791d5e6fba4d861f448
SHA1a3dd28d9897d69b05928eeffaf8a9613724b5a87
SHA2560493b18fe09c0a774ea7e23cdfdd0b69b8ec792e82ad348041b1c34286bc1942
SHA512cf6730060b8c4548dfd18d291cdbfea87ced9c0e22db744d6d857f8b7bcc56de8c767b9231fd5e3e32c6b9c21452ae9649f9d43853428527fb9685bb8d61a881
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5e9cf29fb533eb8abffa2efbdd1713ed4
SHA163c191e0b6fa08c9458aae19935c75f0d41c9640
SHA256856c3b3ba5ae0de303665f4751e95ecdf2eb6a71c2a431dbce3c79e0c470550d
SHA51241d815d7815c656389048508d569b88b74b3b045f3dc79d7f4aabaf03884abbfa59b7c843347480e207bf4a4594c08698e7a890881e787ebaa604b5cacb3bf4b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD53e12b387c55aa00071604333e05e2257
SHA1214be66db6f3d100439e902305b6c6345b6fb278
SHA2568a5ee9503b185f4a820dc961e5889ddf35bc53230b27ea9c6449c195115ddead
SHA512d34a9e4cf8297d0feec79dacace745f4500430aa98c37fbb9a56af146602172ecbf9734bc869bf09020a428a3626aee7d67c0075cf7ff707e071c93d010acb56
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5e2085499067d403906267334225f1720
SHA1597884af5f1f80d907f006cee9a5944a09997039
SHA2564d08f877f60c5d7ec5d8350f8db65f355ad6aa7dd43bbbb5388b05644a6af3af
SHA51284084b4c8de345a7dc19d27773daf3000261c5252fe2d99c4259f55d45a04f9d61d6c33be6240645dc7ffc9cd4fd087dac316cb217cb60932b02b3805b67d24b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5e5e14661dca808757170880acdb01c7a
SHA1b43e1343d6c9d1516074849bbaa39ec5e7d593c7
SHA256f601681491d1ef4c84ba23316f75d8aea5597bc4bae898916366bcc0b3e53037
SHA512d5a16d193fb91d050a3ee34456d71581d4f467bcaee2ab16239fc1c6a8faf0f7a6832b6ad98fa76827c6d8cf46952a834f5db308553bc12b384711e2c2efb13f
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5a5b86254927e9ce139ba8843f9299bbb
SHA136afa3e161f4ed797aaac046eb8a96073e94e169
SHA2564c47845bb0a5b46275c69c2e7ad0dcadb68de0100d8199858426a17d8b317998
SHA512f92989b66faaa1db68c3eae0d4023047756c017a047793d8ab965f7c05dee8120b7b186e5f96b0ca179184c437b4e3cc187a0b92b1adf343a9cd57c8821a9bfd
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5cb3e22e127d19d55d5990fcbb3704467
SHA172ef47d1f78d5eb7adcdfd522c199f9223cd6114
SHA256ca04f93e8dc837f42ef38849480377559fcb606e37b7467d246ac7709ba65dea
SHA512f5f4863a67703fc0f1e42047ef28597d415ade63226793860ac6eb5496ba4bfadd1be29ff6cf7f13d8e289e46c6f5cdbcd38f6ac644e586647d772531932b997
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5b8b00df1777ad8a8d7fd307bd05bb79b
SHA14f7ff8b0bc7900cc0908b567d5bea4d2241827d1
SHA256b456abb2bcee008cc9361adb9eaa548d60bfd2a1992f2e65ea5d40e277b7f050
SHA5128634a79c9262beb1a94dbac298ce7510dd98caef8db33b5db52ac36aaba8980937a184c62cf44ce5e4dce1b716f3f64f2723a71feaf3b48871c32a5472360e2b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD59c8faa2cf3370a3c70b5afe150c03834
SHA165817a1ae8fa166a12ea6e9c2796b51cef416894
SHA256bb29a65b096355ceca7d04139e7f72f05e0b9a3b45e293ee61c13661b48fff16
SHA512b4531bec0588086bac532ef191d202ede75ff90a639d363a812d289aa411d44bbe6a6e5ff88b04d83a37538d84397b7714d0292afed8a79c20edee475c93f8a9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5aec30ffec64adcfc79dd11e36e91a512
SHA19dec6d26c7abbfc30400a78951e0e57ae453cea3
SHA2566a1da9b088e644721a4801ab2c72e322ff4c4063cdcdce0fa05a4ed9d4bf96b3
SHA512883b463075ec5eb0553fa8fa6544cbcf10042273feeed77739e654c71b5fa1d5bbb6abf803aa18f9b61c115b8038c55f15cea69712038f5ba446a92713037392
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5d697d77e56ed2693b2de137f087bb969
SHA1a762942501b573728df328bf61bb64a3c46ac10b
SHA2564edf96a92495e2960d9301c59f09c282a17693dd9d1bcbf3ce3c7f7e23007cd3
SHA51246543e71d57de88b4c98d2bf713d0451862560b31e0967675882086949b9485087974f3f9af7481e12b22b06d7dad0dff970cf7c5f6167b8271c4ced56bf355c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5b6efdc65aa5246f512e16dc3c98bebdd
SHA1398e45ac1b6b9b0883e68f8968b08037a78fedfc
SHA256b678f0868044821f0ca5fd2c31c41cb21bb08f6970f960d4e468aef44f50d830
SHA512dfbcfd467205054925cae5333954ba888783bd3ede3d3bdaa4cd713114d31dbde30837523e52df23ef129233aa65862da4b95889f3d5755a2b290eee32f0e82c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5aa0cb37aef7e803b6735d795b3b3a043
SHA1e541c650a86d79993d00dd03a37881c5eee462a0
SHA25666bb52b28649886488dfea98fb0e210708ba6f8bd072e31240cd61d7c6817a24
SHA5124faa16803aa9b868b0a33c1ec3bf6996f47bdf1b8c45e188c257fd1109f05d152dddebdd4ea80ba341268d701f7dd8a9db0f95cef32b583404b8e8f1f2ff0c83
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD542c467f44ddc7171a309ede89d6274c5
SHA1221326d1e2841e48fbc9b7a68c2542a725ca6e7d
SHA25662634a48c8916506d3248f1f73645bd0f2aae17f9dfc8b540e8b34071076a612
SHA512e4fa63c56ad8a945181c204277d44bf016dd5df1f4c044fa4f8199767fd7f922d78163392ae40894fd4715068b9183ca68295dc8cc277b97c9ac3a3030fd9daa
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD55d52ae52f5883435830aa66329fb1e6b
SHA162388c51455ba6bbb23615dc4c97271e4abfa14e
SHA2560b9ba1ebf22aa925f376a0cc72f27a8f019e03952b3bf612828111ec4da25425
SHA51281e0d10499a2712ca6db658c6609fabe9d8e20088175e6f3a4dd1302a4b5a88b486fdc9f2199f4751552ace02bbccfd0fc1ef5a0322d313dd586209952e04f82
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD548168c51b0f058a8d3fdb2a0271f3f7c
SHA1e141357260d048d29c59c68ca7472d597da7b33d
SHA2565780768a989ea254007a20d30317dd47aa722cd8061e56f54a9b2a7e89ca426e
SHA51202b7cdb8f90aa51a77641b0d2f1c3ee21bd307aa2934c575148fc61ebed01e688de6b894cf723d67807809dc13cf72d597b12ca5b9337f5a6a9862e96d11aef7
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5589650c2e0db013b840ae9401c891d8c
SHA148126c8bb6df6dcbe61b1f881aea22485ef6267e
SHA256fd81ae3d36a06fd0825513a549a9613918d71290ffc339ae5cb1b89786a6fbf1
SHA512f04714ab69e2b02fdd97415881d7c003b66fd93b9f52c76f982d3d73214e5cee15cecb0e668e62cbdfa5855d57e87546fbd81fb4fc6eebcebd3960d25c967cfa
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD51ce93bfd6e28b831246d3b20cd82cf98
SHA138cb441af63f4d0caeda6d8b639c7074182945f1
SHA2564e0835b5bbfeb8f96e9368a4d20bc7ed058da7e20764749bad7d0c5e83ed25ee
SHA51262f1fca580e4c6e9944cdb742d723332939be111fe3a4078f04a271a8a6bfd293de7d7cfe0da1197626870abfcf0b4835708b6a6d660983e89d03384d51bbe26
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD5815bdfa692ef7012c27c6ea23b61de85
SHA15855065c74e5ec239f97de0f3c315df9145a3750
SHA256fab3d27f7da07e4f4b9f1156cb5e5232d9c2b691e74ada7149c15b44838eb6d9
SHA512a207f05f727e2e22bf495c00237dc8349f33f2280386aa92786585b76a46560f529fe8e9c5c0c9bf6c9a900217161e211c314cc8f4b847c16b31101cdca4c5d1
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD53b9b3cf0431f7962ab8fca9825307a8c
SHA1af542c9885e93c7faddac9934690d92bb960d929
SHA2562841349090d4f0aeaf695b5b2b2cfec1d3ff52af00d2e2cb1974b642ccbe5c74
SHA5129126a618fa47393b2ee9e162a354df33ddf81f9ef4722e616201c8edc2282bee9f2f546794b14e94fb9719b9b48aa181d3ea707789fe712de14957e2dfd8efe6
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize344B
MD50a6c11cc52b4a870b094788e86847959
SHA1519b879adfd721e5ea64933652d8a8a15784d4c0
SHA25603d05b3245ed0bcc7ec02dbe11f869854162a9834da72da5faff42b46937487f
SHA51205144c139ab74f9a2ac50226b5c2432844a3bb25cd3851447e17f3aceab90ba71dc86af1a8940d80a684c0b0badfb2d966b4339c8a0cd957ba4fb526a5d740c9
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVDR4C1U\1282[1].htm
Filesize134B
MD54aa7a432bb447f094408f1bd6229c605
SHA11965c4952cc8c082a6307ed67061a57aab6632fa
SHA25634ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
SHA512497ba6d8ec6bf2267fe6133a432f0e9ab12b982c06bb23e3de6e5a94d036509d2556ba822e3989d8cd7e240d9bae8096fc5be8a948e3e29fe29cab1fea1fe31c
-
Filesize
68KB
MD529f65ba8e88c063813cc50a4ea544e93
SHA105a7040d5c127e68c25d81cc51271ffb8bef3568
SHA2561ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa
-
Filesize
177KB
MD5435a9ac180383f9fa094131b173a2f7b
SHA176944ea657a9db94f9a4bef38f88c46ed4166983
SHA25667dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA5121a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a