8.8.8.8:53

18.164.52.126:443

GET /landings/libs/reset.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/reset.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 009b28dd2e1a33c65de17468676b9c46.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: Ts0zGqmMflxvuo4AKIfFvrpMLy4rDYRwBW6pvPALfRtkTL-c_4qmKA==

18.164.52.126:443

GET /landings/220.1/img/main_bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/main_bg.png
X-Cache: Miss from cloudfront
Via: 1.1 009b28dd2e1a33c65de17468676b9c46.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: GF5AFhoYNyMIl9uFt_l7fYTdFb47UUVqq0D1JAXTEplqJmr7QQKPsA==

18.164.52.126:443

GET /landings/220.1/img/tools__sprite.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/tools__sprite.png
X-Cache: Miss from cloudfront
Via: 1.1 009b28dd2e1a33c65de17468676b9c46.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: uv7GhvzVogz3gZO9guCyQSZAdtxSov_T9HMeHQIXsRvoE08JWxF_rA==

18.164.52.126:443

GET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/cookie.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 36376b65972305e899227563992d580e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: Q-p6Cpe9dY4dJFrmNf5l7_RBoclUk-F8_ATA3IqiNkDZVN3SHmSmCA==

18.164.52.126:443

GET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/jquery/jquery.min.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 72e5a7355609b0e041937da9d28c28c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: INFddFw5KKsuWP6roKZOcM-CzfZNnOgynWBZ2D_ifM80S-4Bo1jiSg==

18.164.52.126:443

GET /landings/libs/js/loclist.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/js/loclist.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: oVCjnAF6a-nOGqkXQ1XmsEuSTJRCNNGc5JOj65Fr1YMDo5ErBL1EmQ==

18.164.52.126:443

GET /landings/220.1/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/css/style.min.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 72e5a7355609b0e041937da9d28c28c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: G3MICrtjoeJqQx1fDt9wEgscc57nHAV5O7eibM_0C3dFYchOrVdnDw==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-light.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-light.otf
X-Cache: Miss from cloudfront
Via: 1.1 72e5a7355609b0e041937da9d28c28c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: Qz7qdoNWsGraINrp0wzR-OkOvlehXjCFq7mYASWj-Ya6phmQv4W9AA==

18.164.52.126:443

GET /landings/220.1/img/benefits__sprite.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/benefits__sprite.png
X-Cache: Miss from cloudfront
Via: 1.1 72e5a7355609b0e041937da9d28c28c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: l43Qt63nTDfwo1yF1vZv5v3PHdjf16LKbwrjMrNbITM4QZQw9RlrEg==

18.164.52.126:443

GET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/alert/alerts.js?mkv=4
X-Cache: Miss from cloudfront
Via: 1.1 f71cd359ec11d5faeff796184794c946.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: Df2DwImUkvFoF2HD4qmKkHdaeT48wv31PBo6eQo-9ddn--f08p8EAw==

18.164.52.126:443

GET /landings/220.1/img/mac-bg@2x.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/mac-bg@2x.png
X-Cache: Miss from cloudfront
Via: 1.1 f71cd359ec11d5faeff796184794c946.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: uNzglG64fy8OemeGWFhy8tOOTmx4LMBwgTvOEFEfHecaE4Byl0WxgQ==

18.164.52.126:443

GET /landings/220.1/img/arrow_white.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/arrow_white.png
X-Cache: Miss from cloudfront
Via: 1.1 f71cd359ec11d5faeff796184794c946.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: HIgtW7MnqZQWFZxjAG9dG-o87TopYSzzFWpi2COkDO3hML7fWiS7Zw==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-semibold.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-semibold.otf?q=2&mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 abdcba0f82eaef3d3aa080fb12ca873c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: -dGsMQ2rlMRCn2bKEtCJCSdojn-hXvS4RxWQ-i3atkaxdEK-WxlA_w==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-bold.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-bold.otf?q=2&mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: VxYuedDy8gx4uljTPCKLUglsOy74BSJbuLNEU_q_AANrH_wUOTvdgg==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-light.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-light.otf?q=2&mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: mdgNGWoNEAUwXBO-zz2inGa7_ayNGKE5zJRhhy2dWO_hn0BN8zPpUQ==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-semibold.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-semibold.otf
X-Cache: Miss from cloudfront
Via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: AScyCe-tejfASGzvL3F0x7JBvDMMQkmjn8aCO9aQpzJZYMmYYnmsuw==

18.164.52.126:443

GET /landings/220.1/img/downloads.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/downloads.png
X-Cache: Miss from cloudfront
Via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: 0sjybSEg3RPrndzmBQY8WC7BV6b5lSZIgo-QE2rJ7PK0hcJ22YlyDg==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-regular.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-regular.otf?q=2&mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 052bddbe6dac84a0b9a4036f72bff9d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: ZGU1J_EsgIULLeerisrY8dH1SKs7o4v87lGQ8DTvC50OJ09R0zYOAQ==

18.164.52.126:443

GET /landings/libs/ch-overlay/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:48 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/ch-overlay/css/style.min.css?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: LIMjeuJC_sVtyWbAdgkHoaF2-BcqJcKpUqTlT50I7fQd7O1zjFEQYw==

18.164.52.126:443

GET /landings/libs/fonts/proximanova-regular.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/libs/fonts/proximanova-regular.otf
X-Cache: Miss from cloudfront
Via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: nj_j-vBQYloy2LePlDC9u4Zrz1papO-oD2qmT2QOzhjguqrbjes44w==

18.164.52.126:443

GET /landings/220.1/img/arrow_down.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/arrow_down.png
X-Cache: Miss from cloudfront
Via: 1.1 8064e48208c1dcd93ca1f9cc15dd104e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: xdtwnRby2fgYy9IzER4i3x2wt_JKwVz-61WAM09_0_jtwQbqYfJ_tA==

18.164.52.126:443

GET /landings/220.1/js/features.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:47 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/js/features.js?mkv=1
X-Cache: Miss from cloudfront
Via: 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: Ktr8XpLTwBzGvm8c-XjTBS0zJVNWELuXKnAL-90h37Ocav0AyAeK4g==

18.164.52.126:443

GET /landings/220.1/img/arrow_blue.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Server: awselb/2.0
Date: Tue, 28 May 2024 05:32:49 GMT
Location: https://mackeeperapp.mackeeper.com:443/landings/220.1/img/arrow_blue.png
X-Cache: Miss from cloudfront
Via: 1.1 a13e42093f0d6dc965236581ea51a662.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P4
X-Amz-Cf-Id: _zNZcdd6dPVHAMBAQPuwVV1JcaXRecQs9qid-k4cxyKSaql9Y4fgzw==

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 3ebbe9acf1a1455083ed9b89077979dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: clYhDbZEeXarikeUUCTULuYukLC7T1HPs1ShRrNFiz8kAbMFPDh6KQ==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 3ebbe9acf1a1455083ed9b89077979dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: z8wqQjwFcvMYOxibtZhclICK3DCr7xD6MUeJC6h1HF7j05jIefAW-g==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 549d5003213e897b51ff26b051fb8c78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: TWLBoJkV2LwVLWO9-oKxB8xC921RtdBzCmfnfah4VDETyhsRh8SUpQ==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 549d5003213e897b51ff26b051fb8c78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: CwJJ3PT23AOc2IcWDOQha0wf1A8CN1HDmgn8Wta8NZykbrNg63_25w==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 0f03de5c911def3510d9e3ffa72c0a70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: KCIPApTCZLlkZZpoWkGQqAn9kElNwL6HfcE-WLP25BsE6i9tDU35Cw==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 0f03de5c911def3510d9e3ffa72c0a70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: jaT9p6Q3Q_6-UlzEVjKaidIv89hKm4qVw4VlXt_pekQk3VBXaVBZiA==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: qfyENQXVeulDe9Ha4GzPCFQ2qBx06CRQusC24t06k554xFQ-66Vzrw==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Cache-Control: max-age = 7200
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Tue, 28 May 2024 04:56:54 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 304 Not Modified
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 6ba053394697fd4bb07f440f20c7fb02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: 9_vfvNtWMEDOm5N_5Q09afrV62Y5OZoPi8ntMP5Wvo0WIIMxRMMEgQ==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 b3237e588b65b7f4c33165c859977c8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: uPShOe9DnxtcJTqD59rofemXCcysLqM2WpYN5ky37PGLFPZ6-uTtfw==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 b3237e588b65b7f4c33165c859977c8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: WCxz6hMV9DelP3goD91CK39YPfIPfDTFuQjtYOcVq8W2TdktUdsbig==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 160ce2ce8507efffaa52f52bc83dba58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: k3y-ain9TU-xPb1uBgMIDd8xFXak7ETterD2LCmD-pEThaSFXjHh1Q==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEAz6hC7AMlmqFEXsYDF%2BXWQ%3D HTTP/1.1
Cache-Control: max-age = 7200
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Tue, 28 May 2024 04:56:54 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 304 Not Modified
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 04:56:54 GMT
Last-Modified: Tue, 28 May 2024 04:56:54 GMT
Server: ECAcc (frc/4C8D)
X-Cache: Hit from cloudfront
Via: 1.1 160ce2ce8507efffaa52f52bc83dba58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: YXwJWoSjgqN4-xiupbFMmGDhfjcDt8IEJKzOfHiRUbqHqFNL1G-e9A==
Age: 2154

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 44849808df37ecbde0b3891640783c20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: w0kEXthLM6ZiZBpA-e3oQP3iocRYE39rV6YJdfwAR1sS3ijfNnYYhg==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 5a012a43a727d36b7bf1976d7c8817dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: Iz7wMp3LD01RdAgpzQ4cLDHgqMbyRkz962Ayoz-8b7SUT1HQWajldg==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 b76ab09d3ce4fcd767d0eab0ed23eaec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: uxZCWDVmDwQ00J_-c2_egDdbIO2WN9TY8z5ZYd-nc2upwd5v7sBgUA==
Age: 6449

3.162.33.170:80

GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1xYWA9lG5HL4t%2FML%2B2wx4%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: ocsp.r2m03.amazontrust.com

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 May 2024 03:45:19 GMT
Last-Modified: Tue, 28 May 2024 03:45:19 GMT
Server: ECAcc (frc/4CAB)
X-Cache: Hit from cloudfront
Via: 1.1 160ce2ce8507efffaa52f52bc83dba58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P6
X-Amz-Cf-Id: _B4_PvzDda1Xb4NQe5z73P1GMFSWtjfketJ5udZgLTc7EOs-G3xFlg==
Age: 6449

8.8.8.8:53

3.225.22.167:443

GET /landings/libs/fonts/proximanova-bold.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/octet-stream
Content-Length: 171108
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-29c64"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/fonts/proximanova-light.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: mackeeperapp.mackeeper.com

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: application/octet-stream
Content-Length: 166980
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-28c44"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/fonts/proximanova-regular.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/octet-stream
Content-Length: 166328
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-289b8"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/mac-bg@2x.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 509840
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 09 Nov 2020 17:13:22 GMT
ETag: "5fa978b2-7c790"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/jquery/jquery.min.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Vary: Accept-Encoding
ETag: W/"57164f85-1762a"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/libs/ch-overlay/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 03 May 2018 14:57:36 GMT
Vary: Accept-Encoding
ETag: W/"5aeb2360-4e49"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/220.1/js/features.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 20 Sep 2018 14:33:11 GMT
Vary: Accept-Encoding
ETag: W/"5ba3afa7-17e"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/220.1/img/main_bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 18085
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-46a5"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/fonts/proximanova-semibold.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/octet-stream
Content-Length: 170160
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-298b0"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/fonts/proximanova-semibold.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: mackeeperapp.mackeeper.com

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: application/octet-stream
Content-Length: 170160
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-298b0"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/arrow_down.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 262
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-106"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/benefits__sprite.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-b0d"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/js/cookie.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
Vary: Accept-Encoding
ETag: W/"5ae70052-270"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/libs/reset.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:58 GMT
Vary: Accept-Encoding
ETag: W/"5ae70052-33d"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/libs/fonts/proximanova-light.otf?q=2&mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/octet-stream
Content-Length: 166980
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-28c44"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/fonts/proximanova-regular.otf HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: mackeeperapp.mackeeper.com

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: application/octet-stream
Content-Length: 166328
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
ETag: "57164f85-289b8"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/arrow_white.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 135
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-87"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/tools__sprite.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 5145
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-1419"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/220.1/img/downloads.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 3060
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-bf4"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

3.225.22.167:443

GET /landings/libs/alert/alerts.js?mkv=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 04 Oct 2018 13:30:26 GMT
Vary: Accept-Encoding
ETag: W/"5bb615f2-dbe8"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/220.1/css/style.min.css?mkv=1 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 24 Nov 2020 10:39:52 GMT
Vary: Accept-Encoding
ETag: W/"5fbce2f8-57ae"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/libs/js/loclist.js?mkv=1 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 19 Apr 2016 15:32:21 GMT
Vary: Accept-Encoding
ETag: W/"57164f85-26c"
Expires: Thu, 27 Jun 2024 05:32:48 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Content-Encoding: gzip

3.225.22.167:443

GET /landings/220.1/img/arrow_blue.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mackeeperapp.mackeeper.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Date: Tue, 28 May 2024 05:32:49 GMT
Content-Type: image/png
Content-Length: 179
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Apr 2018 11:38:57 GMT
ETag: "5ae70051-b3"
Expires: Thu, 27 Jun 2024 05:32:49 GMT
Cache-Control: max-age=2592000
Cache-Control: must-revalidate
Vary: Origin
Accept-Ranges: bytes

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

87.250.251.119:443

GET /metrika/tag.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive

HTTP/1.1 200 OK
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 81060
Content-Type: application/javascript
Date: Tue, 28 May 2024 05:32:50 GMT
ETag: "66544f4c-13ca4"
Expires: Tue, 28 May 2024 06:32:50 GMT
Last-Modified: Mon, 27 May 2024 09:15:56 GMT
Set-Cookie: _yasc=zhtvjYv8Z5zEXmCBRDnN3wgR11Eu+fVxxMM/JifnouDsKmg2qZGTfK78RdP8DYhIdg==; domain=.yandex.ru; path=/; expires=Fri, 26 May 2034 05:32:50 GMT; secure
Set-Cookie: i=1MhuTkXj4hEAaxThc1117RjAF7zPkoP1hyGON/b2lvp5/4EXMvbBkOCdQD06a05YM1NAQscDIvArS529z32xXz72EUc=; Expires=Thu, 28-May-2026 05:32:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
Set-Cookie: yandexuid=2451459391716874370; Expires=Thu, 28-May-2026 05:32:50 GMT; Domain=.yandex.ru; Path=/; Secure
Set-Cookie: yashr=5908271471716874370; Path=/; Domain=.yandex.ru; Expires=Wed, 28 May 2025 05:32:50 GMT; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *

87.250.251.119:443

GET /sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10383.86pnVjf2LfDpYqF8KjBQJe6q3_WEIr53Zh_ko9OCAw17ZetfoKzhwut-hytOHXFZ.Tpli6FGYEC1EFWVS3BYwIml2YJA%2C HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
Cookie: _yasc=zhtvjYv8Z5zEXmCBRDnN3wgR11Eu+fVxxMM/JifnouDsKmg2qZGTfK78RdP8DYhIdg==; i=1MhuTkXj4hEAaxThc1117RjAF7zPkoP1hyGON/b2lvp5/4EXMvbBkOCdQD06a05YM1NAQscDIvArS529z32xXz72EUc=; yandexuid=2451459391716874370; yashr=5908271471716874370

HTTP/1.1 302 Moved temporarily
Date: Tue, 28 May 2024 05:32:51 GMT
Location: https://mc.yandex.com/sync_cookie_image_decide?token=10383.YCJDTZDiSHbc-JLEtfCol7_dHf7RbEfj8yAvC5jzmfPoWWXKiapII8vqiOscOZVqIm7ig2BTXCp5eifzj6S_ZlJDSuTetzqMDecHgcqM0ioU6XwiVb4NNUBTEGb3ECj7_L8Lo9l6-C5CMuaqOls8ifL8rkC9yDRwS31xmv3GMNZ9rKThtXUopDoor9agns-RNB5pAlfIEVOCGetFTNUGXdpiTaPrrp8vLeSXYWQxkxY%2C._xdxMlZwhpMf11IeAnfb5frh_j4%2C
Set-Cookie: sync_cookie_csrf=1816982799fake; Expires=Tue, 28-May-2024 05:42:51 GMT; Domain=.mc.yandex.ru; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

163.70.151.21:443

GET /en_US/fbevents.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
Pragma: public
Cache-Control: public, max-age=1200
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-FB-Debug: yBMrTlCYOfL3+865LiQBHQFuy1XBsZf9ygYvT3n67HAPkWi2Sf8a3n0ERbba9x1umPgrZH+yMya3ddkKhFrLig==
Date: Tue, 28 May 2024 05:32:50 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=40, rtx=1, c=14, mss=1357, tbw=3220, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 57845

18.245.175.22:443

GET /monitor/stat.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.clickcease.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Sep 2023 09:05:15 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 28 May 2024 05:32:44 GMT
ETag: W/"e112b8bf96f23bc2970347a3c98e37fc"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e53cac505b9e6fe0cb7c5e1c9c4f50b2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG55-P1
X-Amz-Cf-Id: Je8BMtcb-fdxxJKcf6xGuxTt7B2OtF_CPCLgaBg1xWV2zuiR0OgNRQ==
Age: 9
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Permissions-Policy: microphone 'none'; camera 'none';
Vary: Origin

8.8.8.8:53

142.250.75.230:443

GET /activityi;src=6102726;type=landi0;cat=index0;u1=zzb_9437;u2=US;u3=mk_default_tid_9437;%7Bcampaign.id%7D;5d31f737646e980001cc9e6f;u4=220.1;u12=16e53c80-aa48-11e9-8c6b-cfcb24938b01-zzb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=482469571848.95135? HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 6102726.fls.doubleclick.net
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:49 GMT
Expires: Tue, 28 May 2024 05:32:49 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 28-May-2024 05:47:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

8.8.8.8:53

216.58.215.34:443

GET /pagead/viewthroughconversion/803067473/?random=1716874368945&cv=11&fst=1716874368945&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
Cookie: test_cookie=CheckForPermission

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
Set-Cookie: IDE=AHWqTUl3-KnNLZllFcAkw9F3_elGxJE30f4edE44iGGu8E26MuJ1GesD6__gj1J7; expires=Thu, 28-May-2026 05:32:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

216.58.215.34:443

GET /pagead/viewthroughconversion/983482265/?random=1716874368645&cv=11&fst=1716874368645&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 28-May-2024 05:47:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

216.58.215.34:443

GET /pagead/viewthroughconversion/957119846/?random=1716874369042&cv=11&fst=1716874369042&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
Cookie: test_cookie=CheckForPermission

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
Set-Cookie: IDE=AHWqTUlOu0M33zhUdgPTBz832H_JBa33QVdmGz_w9pHjt3Gc3fXqrjNBOb04cBpS; expires=Thu, 28-May-2026 05:32:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

216.58.215.34:443

GET /pagead/viewthroughconversion/780563185/?random=1716874369002&cv=11&fst=1716874369002&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
Cookie: test_cookie=CheckForPermission

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
Set-Cookie: IDE=AHWqTUlBm8Px2XBJtDKUUofQcxYW2Zw4HV_sllnSxHS8lS0XOWc4HYFUhgkNVU2P; expires=Thu, 28-May-2026 05:32:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

216.58.215.34:443

GET /pagead/viewthroughconversion/1010020041/?random=1716874369101&cv=11&fst=1716874369101&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
Cookie: IDE=AHWqTUl3-KnNLZllFcAkw9F3_elGxJE30f4edE44iGGu8E26MuJ1GesD6__gj1J7

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

216.58.215.34:443

GET /pagead/viewthroughconversion/787486911/?random=1716874369248&cv=11&fst=1716874369248&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: googleads.g.doubleclick.net
Connection: Keep-Alive
Cookie: IDE=AHWqTUlOu0M33zhUdgPTBz832H_JBa33QVdmGz_w9pHjt3Gc3fXqrjNBOb04cBpS

HTTP/1.1 200 OK
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/javascript; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

8.8.8.8:53

172.217.20.196:443

GET /pagead/1p-user-list/983482265/?random=1716874368645&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLC6QWLzeafdjZ-VbMB7KCjspGf3ZrZg&random=283433562&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.217.20.196:443

GET /pagead/1p-user-list/803067473/?random=1716874368945&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooL0yTnXFsEYjEXVO9waQ2B5BZbRDg4q1k_nocFfyfyobwpQFbi&random=356311000&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.217.20.196:443

GET /pagead/1p-user-list/780563185/?random=1716874369002&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLY9_6o98ESbEiv6k9-LmmaxKQgbSAUnJ7ZWK4BwuNhwiaGFlO&random=4082207072&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.217.20.196:443

GET /pagead/1p-user-list/957119846/?random=1716874369042&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLfgbtK9bwf3iX-ibbYm3srgyOstlpZCzyFCSDqVk8tzRxfycu&random=3467490196&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.217.20.196:443

GET /pagead/1p-user-list/1010020041/?random=1716874369101&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLtrf18EakkdUJX4hBEjf2kDs9O7vyvrDwACRG72k0FqiR7JGU&random=1963142171&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.217.20.196:443

GET /pagead/1p-user-list/787486911/?random=1716874369248&cv=11&fst=1716872400000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9179816999&gcd=13l3l3l3l1&dma=0&u_w=1280&u_h=720&url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&hn=www.googleadservices.com&frm=0&tiba=MacKeeper&npa=0&pscdl=noapi&auid=565517105.1716874368&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLlIQ7DEyFjl_ISpBIINkcgmyWBleFD0-WsRdH80BRCaaXTjc6&random=4249312355&rmt_tld=0&ipr=y HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

HTTP/1.1 200 OK
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 28 May 2024 05:32:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

8.8.8.8:53

77.88.21.119:443

GET /metrika/advert.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.com
Connection: Keep-Alive

HTTP/1.1 200 OK
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 43
Content-Type: image/gif
Date: Tue, 28 May 2024 05:32:51 GMT
ETag: "66544f4c-2b"
Expires: Tue, 28 May 2024 06:32:51 GMT
Last-Modified: Mon, 27 May 2024 09:15:56 GMT
Set-Cookie: _yasc=bbWCUvrzZ37T56NJtaN9DYejN+1pDo+lHbAtR8y2/0pB2qVXafv8PaYA9ERNdDBRsg==; domain=.yandex.com; path=/; expires=Fri, 26 May 2034 05:32:51 GMT; secure
Set-Cookie: i=vLiNB3NhCQfnxyu/YSMvVZNa6udm8An9WBuEIPBftDdgelGksj582RHmx8i5wpRK9I8rQ+LIBzOzgHLMmOPoxJ+3IrU=; Expires=Thu, 28-May-2026 05:32:51 GMT; Domain=.yandex.com; Path=/; Secure; HttpOnly
Set-Cookie: yandexuid=3523496601716874371; Expires=Thu, 28-May-2026 05:32:51 GMT; Domain=.yandex.com; Path=/; Secure
Set-Cookie: yashr=946405471716874371; Path=/; Domain=.yandex.com; Expires=Wed, 28 May 2025 05:32:51 GMT; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *

77.88.21.119:443

GET /sync_cookie_image_decide?token=10383.YCJDTZDiSHbc-JLEtfCol7_dHf7RbEfj8yAvC5jzmfPoWWXKiapII8vqiOscOZVqIm7ig2BTXCp5eifzj6S_ZlJDSuTetzqMDecHgcqM0ioU6XwiVb4NNUBTEGb3ECj7_L8Lo9l6-C5CMuaqOls8ifL8rkC9yDRwS31xmv3GMNZ9rKThtXUopDoor9agns-RNB5pAlfIEVOCGetFTNUGXdpiTaPrrp8vLeSXYWQxkxY%2C._xdxMlZwhpMf11IeAnfb5frh_j4%2C HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: sync_cookie_csrf=1794787630fake; _yasc=bbWCUvrzZ37T56NJtaN9DYejN+1pDo+lHbAtR8y2/0pB2qVXafv8PaYA9ERNdDBRsg==; i=vLiNB3NhCQfnxyu/YSMvVZNa6udm8An9WBuEIPBftDdgelGksj582RHmx8i5wpRK9I8rQ+LIBzOzgHLMmOPoxJ+3IrU=; yandexuid=3523496601716874371; yashr=946405471716874371
Connection: Keep-Alive
Host: mc.yandex.com

HTTP/1.1 200 Ok
Content-Length: 43
Content-Type: image/gif
Date: Tue, 28 May 2024 05:32:51 GMT
Set-Cookie: yandexuid=2451459391716874370; Expires=Fri, 26-May-2034 05:32:51 GMT; Domain=.yandex.com; Path=/
Set-Cookie: i=1MhuTkXj4hEAaxThc1117RjAF7zPkoP1hyGON/b2lvp5/4EXMvbBkOCdQD06a05YM1NAQscDIvArS529z32xXz72EUc=; Expires=Fri, 26-May-2034 05:32:51 GMT; Domain=.yandex.com; Path=/
Set-Cookie: yp=1716960771.yu.3523496601716874371; Expires=Fri, 26-May-2034 05:32:51 GMT; Domain=.yandex.com; Path=/
Set-Cookie: ymex=1719466371.oyu.3523496601716874371; Expires=Wed, 28-May-2025 05:32:51 GMT; Domain=.yandex.com; Path=/
Set-Cookie: sync_cookie_ok=synced; Expires=Wed, 29-May-2024 05:32:51 GMT; Domain=.mc.yandex.com; Path=/
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block

77.88.21.119:443

GET /watch/50559844?wmode=7&page-url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqwnfzu763lnwkqrexyqp4e3mj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1350%3Acn%3A1%3Adp%3A0%3Als%3A785059639331%3Ahid%3A475210087%3Az%3A0%3Ai%3A20240528053250%3Aet%3A1716874370%3Ac%3A1%3Arn%3A220023330%3Au%3A1716874370898418282%3Aw%3A1263x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C0%2C0%2C0%2C%2C3818%2C22%2C%2C%2C%2C3818%3Aco%3A0%3Ans%3A1716874364581%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716874371%3At%3AMacKeeper&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(0)cdl(na)eco(21037572)ti(2) HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: mc.yandex.com
Connection: Keep-Alive
Cookie: sync_cookie_csrf=1794787630fake; sync_cookie_ok=synced; _yasc=bbWCUvrzZ37T56NJtaN9DYejN+1pDo+lHbAtR8y2/0pB2qVXafv8PaYA9ERNdDBRsg==; i=1MhuTkXj4hEAaxThc1117RjAF7zPkoP1hyGON/b2lvp5/4EXMvbBkOCdQD06a05YM1NAQscDIvArS529z32xXz72EUc=; yandexuid=2451459391716874370; yashr=946405471716874371; yp=1716960771.yu.3523496601716874371; ymex=1719466371.oyu.3523496601716874371

HTTP/1.1 302 Moved temporarily
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Date: Tue, 28 May 2024 05:32:51 GMT
Expires: Tue, 28-May-2024 05:32:51 GMT
Last-Modified: Tue, 28-May-2024 05:32:51 GMT
Location: /watch/50559844/1?wmode=7&page-url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqwnfzu763lnwkqrexyqp4e3mj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1350%3Acn%3A1%3Adp%3A0%3Als%3A785059639331%3Ahid%3A475210087%3Az%3A0%3Ai%3A20240528053250%3Aet%3A1716874370%3Ac%3A1%3Arn%3A220023330%3Au%3A1716874370898418282%3Aw%3A1263x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C0%2C0%2C0%2C%2C3818%2C22%2C%2C%2C%2C3818%3Aco%3A0%3Ans%3A1716874364581%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716874371%3At%3AMacKeeper&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29cdl%28na%29eco%2821037572%29ti%282%29
Pragma: no-cache
Set-Cookie: yabs-sid=675202511716874371; Path=/
Set-Cookie: yandexuid=2451459391716874370; Expires=Wed, 28-May-2025 05:32:51 GMT; Domain=.yandex.com; Path=/
Set-Cookie: ymex=1719466371.oyu.3523496601716874371#1748410371.yrts.1716874371; Expires=Wed, 28-May-2025 05:32:51 GMT; Domain=.yandex.com; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

77.88.21.119:443

GET /watch/50559844/1?wmode=7&page-url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F7bde56ae34eeb0fe6db85c5b5e674adf_JaffaCakes118.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqwnfzu763lnwkqrexyqp4e3mj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1350%3Acn%3A1%3Adp%3A0%3Als%3A785059639331%3Ahid%3A475210087%3Az%3A0%3Ai%3A20240528053250%3Aet%3A1716874370%3Ac%3A1%3Arn%3A220023330%3Au%3A1716874370898418282%3Aw%3A1263x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C0%2C0%2C0%2C%2C3818%2C22%2C%2C%2C%2C3818%3Aco%3A0%3Ans%3A1716874364581%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716874371%3At%3AMacKeeper&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%280%29cdl%28na%29eco%2821037572%29ti%282%29 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: mc.yandex.com
Connection: Keep-Alive
Cookie: sync_cookie_csrf=1794787630fake; sync_cookie_ok=synced; yabs-sid=675202511716874371; _yasc=bbWCUvrzZ37T56NJtaN9DYejN+1pDo+lHbAtR8y2/0pB2qVXafv8PaYA9ERNdDBRsg==; i=1MhuTkXj4hEAaxThc1117RjAF7zPkoP1hyGON/b2lvp5/4EXMvbBkOCdQD06a05YM1NAQscDIvArS529z32xXz72EUc=; yandexuid=2451459391716874370; yashr=946405471716874371; yp=1716960771.yu.3523496601716874371; ymex=1719466371.oyu.3523496601716874371#1748410371.yrts.1716874371

HTTP/1.1 200 Ok
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 459
Content-Type: application/json; charset=utf-8
Date: Tue, 28 May 2024 05:32:51 GMT
Expires: Tue, 28-May-2024 05:32:51 GMT
Last-Modified: Tue, 28-May-2024 05:32:51 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

77.88.21.119:443

GET /sync_cookie_image_check HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.com
Connection: Keep-Alive

HTTP/1.1 302 Moved temporarily
Date: Tue, 28 May 2024 05:32:51 GMT
Location: https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10383.86pnVjf2LfDpYqF8KjBQJe6q3_WEIr53Zh_ko9OCAw17ZetfoKzhwut-hytOHXFZ.Tpli6FGYEC1EFWVS3BYwIml2YJA%2C
Set-Cookie: sync_cookie_csrf=1794787630fake; Expires=Tue, 28-May-2024 05:42:51 GMT; Domain=.mc.yandex.com; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

8.8.8.8:53

8.8.8.8:53