urlscan.io logo urlscan.io
SecurityTrails logo

aptitude.themainplacesetnowcontentsnewsets.date Open in urlscan Pro
51.15.157.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://apptips.net/
Effective URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&ci...
Submission: On August 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 15 HTTP transactions. The main IP is 51.15.157.194, located in France and belongs to AS12876, FR. The main domain is aptitude.themainplacesetnowcontentsnewsets.date.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 5th 2018. Valid for: 3 months.
This is the only time aptitude.themainplacesetnowcontentsnewsets.date was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple Software Update (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 37.97.184.219 20857 (TRANSIP-A...)
1 52.17.198.110 16509 (AMAZON-02)
1 2 109.123.118.67 13213 (UK2NET-AS)
1 212.32.250.1 60781 (LEASEWEB-...)
1 1 34.236.254.103 14618 (AMAZON-AES)
1 1 54.172.2.149 14618 (AMAZON-AES)
1 51.15.157.194 12876 (AS12876)
11 13.32.99.80 16509 (AMAZON-02)
15 5
1    37.97.184.219 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: vps.pithserver.nl
apptips.net
1    52.17.198.110 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-198-110.eu-west-1.compute.amazonaws.com
traffic.tc-clicks.com
2    109.123.118.67 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 118-67.topstaffsolutions.com
pnr2712.brucelead.com
1    212.32.250.1 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.pluscpi.mobi
1    34.236.254.103 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-254-103.compute-1.amazonaws.com
vip.adpiano.com
1    54.172.2.149 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-172-2-149.compute-1.amazonaws.com
www.downloadcross.stream
1    51.15.157.194 (France)

ASN12876 (AS12876, FR)
PTR: 51-15-157-194.rev.poneytelecom.eu
aptitude.themainplacesetnowcontentsnewsets.date
11    13.32.99.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-99-80.prg50.r.cloudfront.net
d34wvoo5bu1mcn.cloudfront.net
Domain Requested by
11 d34wvoo5bu1mcn.cloudfront.net aptitude.themainplacesetnowcontentsnewsets.date
2 pnr2712.brucelead.com 1 redirects
1 aptitude.themainplacesetnowcontentsnewsets.date
1 www.downloadcross.stream 1 redirects
1 vip.adpiano.com 1 redirects
1 tracking.pluscpi.mobi pnr2712.brucelead.com
1 traffic.tc-clicks.com
1 apptips.net 1 redirects
15 8

This site contains links to these domains. Also see Links.

Domain
static.updflashcycle.win
Subject Issuer Validity Valid
*.pluscpi.mobi
RapidSSL RSA CA 2018		 2018-06-28 -
2019-06-28		 a year crt.sh
aptitude.themainplacesetnowcontentsnewsets.date
Let's Encrypt Authority X3		 2018-07-05 -
2018-10-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Frame ID: DB870BF2D3284406A77084AB68FF90EE
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://apptips.net/ HTTP 302
    http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id= Page URL
  2. http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13... Page URL
  3. http://pnr2712.brucelead.com/ck_jump?id=cz03NDE2ODA0Mjc1NTYzNTAmdD0xNTMzMTYwNjg5Jmg9MzA3NzMwOTU4&__if=0&_... HTTP 302
    https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D... Page URL
  4. https://vip.adpiano.com/pljas/msnrop/?utm_source=17256&utm_campaign=616748&clck=5b622cf19125fb0001fd... HTTP 302
    https://www.downloadcross.stream/?gea=ZLmJ6g4DY3rlfFeDQN2ED9YLPWPLefUWPUADV0HP1T4.&cid=5b622cf19125fb0001fdf5... HTTP 302
    https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzop... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • env /^head$/i

Page Statistics

15
Requests

13 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

347 kB
Transfer

413 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://apptips.net/ HTTP 302
    http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id= Page URL
  2. http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13062345,5,8742&ctrack=1533160689.4057668545 Page URL
  3. http://pnr2712.brucelead.com/ck_jump?id=cz03NDE2ODA0Mjc1NTYzNTAmdD0xNTMzMTYwNjg5Jmg9MzA3NzMwOTU4&__if=0&__type=unknown&__deviceid= HTTP 302
    https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D&sub1=20180801_fa285533-95d5-11e8-a621-d31047df9979 Page URL
  4. https://vip.adpiano.com/pljas/msnrop/?utm_source=17256&utm_campaign=616748&clck=5b622cf19125fb0001fdf597&sid=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU= HTTP 302
    https://www.downloadcross.stream/?gea=ZLmJ6g4DY3rlfFeDQN2ED9YLPWPLefUWPUADV0HP1T4.&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU= HTTP 302
    https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://apptips.net/ HTTP 302
  • http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=
Request Chain 2
  • http://pnr2712.brucelead.com/ck_jump?id=cz03NDE2ODA0Mjc1NTYzNTAmdD0xNTMzMTYwNjg5Jmg9MzA3NzMwOTU4&__if=0&__type=unknown&__deviceid= HTTP 302
  • https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D&sub1=20180801_fa285533-95d5-11e8-a621-d31047df9979

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
traffic.tc-clicks.com/
Redirect Chain
  • http://apptips.net/
  • http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=
719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=
Protocol
HTTP/1.1
Server
52.17.198.110 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-198-110.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ae5b3447d0a49f49b6bb5da23d23f2956f14c251917ee9bc3b31017b7a9e5107

Request headers

Host
traffic.tc-clicks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DB870BF2D3284406A77084AB68FF90EE

Response headers

Date
Wed, 01 Aug 2018 21:58:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Set-Cookie
traffic-back=ok; expires=Wed, 01-Aug-2018 21:58:39 GMT; Max-Age=30; path=/; domain=traffic.tc-clicks.com traffic-visited-offers=%7C%7C18902%7Cpopunder; expires=Thu, 02-Aug-2018 21:58:09 GMT; Max-Age=86400; path=/; domain=traffic.tc-clicks.com rts-trck=1; expires=Wed, 01-Aug-2018 22:08:09 GMT; Max-Age=600; path=/; domain=traffic.tc-clicks.com
Last-Modified
Wed, 1 Aug 2018 21:58:09 GMT
Expires
Wed, 1 Aug 2018 21:58:09 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip

Redirect headers

Date
Wed, 01 Aug 2018 21:58:08 GMT
Server
Apache/2
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
X-Powered-By
PHP/5.5.38
location
http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=
Vary
User-Agent
Content-Length
0
Keep-Alive
timeout=2, max=100
Content-Type
text/html
Cookie set ck.php
pnr2712.brucelead.com/ 		979 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13062345,5,8742&ctrack=1533160689.4057668545
Protocol
HTTP/1.1
Server
109.123.118.67 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
118-67.topstaffsolutions.com
Software
SpirooxPerformance-Server-1.0 /
Resource Hash
7ca89138bca02e8ce1d80fb35900f7b525640e1024eb3967571966efcf260673

Request headers

Host
pnr2712.brucelead.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DB870BF2D3284406A77084AB68FF90EE
Referer
http://traffic.tc-clicks.com/?p=8742&media_type=mainstream&pi=cloak_lp&source_type=popunder&sub_id=

Response headers

Date
Wed, 01 Aug 2018 21:58:9 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Content-Length
979
Connection
close
Content-Type
text/html; charset=utf-8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
session=20180801_fa285533-95d5-11e8-a621-d31047df9979%7C741680427556350%7C2018-08-01T21%3A58%3A09%2B0000%7C2921044%7CGermany%7C4245%7C8742%7Cbmal1ufg8oowokcso00w8wkww%2C13062345%2C5%2C8742%7C2712%7C4%7C1837%7C4245%7C2%7C2402%7C0%7C12657%7C10976%7C21975%7C6997%7C0%7C0%7C3%7C1%7CMac%7C67%7C%7C%7CChrome%7CHETZNER%7CWIFI%7C148.251.45.0%2F24%7C148.251.45.254%7C0%7C8742%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7C%7C0.0%7C0.0%7C0.0%7C0.0%7C0%7Ctraffic.tc-clicks.com%7C1533160689232%7C%7Cfalse%7Cfalse%7C52%7C0%7C27%7C%7C0%7C0%7C%7Cpnr2712.brucelead.com%7Cde%7C; domain=pnr2712.brucelead.com; path=/
Cookie set click
tracking.pluscpi.mobi/
Redirect Chain
  • http://pnr2712.brucelead.com/ck_jump?id=cz03NDE2ODA0Mjc1NTYzNTAmdD0xNTMzMTYwNjg5Jmg9MzA3NzMwOTU4&__if=0&__type=unknown&__deviceid=
  • https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D&sub1=20180801_fa285533-95d5-11e8-a621-d31047df9979
271 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D&sub1=20180801_fa285533-95d5-11e8-a621-d31047df9979
Requested by
Host: pnr2712.brucelead.com
URL: http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13062345,5,8742&ctrack=1533160689.4057668545
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e215a52e00080bcb9ebd65f2771acdd57d94edcfb4e9e9d8625fc0359237de41

Request headers

Host
tracking.pluscpi.mobi
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13062345,5,8742&ctrack=1533160689.4057668545
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DB870BF2D3284406A77084AB68FF90EE
Referer
http://pnr2712.brucelead.com/ck.php?line_item_id=4245&subid_spx=8742&tracker=bmal1ufg8oowokcso00w8wkww,13062345,5,8742&ctrack=1533160689.4057668545

Response headers

Server
nginx
Date
Wed, 01 Aug 2018 21:58:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
afclick=5b622cf19125fb0001fdf597; Expires=Thu, 01 Aug 2019 21:58:09 GMT
Content-Encoding
gzip

Redirect headers

Date
Wed, 01 Aug 2018 21:58:9 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Connection
close
Location
https://tracking.pluscpi.mobi/click?pid=1001&offer_id=7610&sub2=UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU%3D&sub1=20180801_fa285533-95d5-11e8-a621-d31047df9979
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
session=0; domain=pnr2712.brucelead.com; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT c21975=1 ; domain=pnr2712.brucelead.com; path=/; expires=Thu, 02 Aug 2018 21:58:9 GMT l4245=1 ; domain=pnr2712.brucelead.com; path=/; expires=Thu, 02 Aug 2018 21:58:9 GMT
Primary Request Cookie set /
aptitude.themainplacesetnowcontentsnewsets.date/
Redirect Chain
  • https://vip.adpiano.com/pljas/msnrop/?utm_source=17256&utm_campaign=616748&clck=5b622cf19125fb0001fdf597&sid=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=
  • https://www.downloadcross.stream/?gea=ZLmJ6g4DY3rlfFeDQN2ED9YLPWPLefUWPUADV0HP1T4.&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=
  • https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3L...
219 KB
147 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.15.157.194 , France, ASN12876 (AS12876, FR),
Reverse DNS
51-15-157-194.rev.poneytelecom.eu
Software
nginx/1.13.9 / PHP/7.0.27-0+deb9u1
Resource Hash
278688b3c4a0a0fdd514540976f278cae4bbe2d8105f94cbcfda798a16756b73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
aptitude.themainplacesetnowcontentsnewsets.date
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
DB870BF2D3284406A77084AB68FF90EE

Response headers

Server
nginx/1.13.9
Date
Wed, 01 Aug 2018 21:58:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.27-0+deb9u1
Set-Cookie
channel=plus_mac2; expires=Wed, 01-Aug-2018 22:18:10 GMT; Max-Age=1200; path=/ dist_id=2610; expires=Wed, 01-Aug-2018 22:18:10 GMT; Max-Age=1200; path=/ lp_id=2344; expires=Wed, 01-Aug-2018 22:18:10 GMT; Max-Age=1200; path=/
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip

Redirect headers

Server
nginx/1.13.9
Date
Wed, 01 Aug 2018 21:58:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.30-0+deb9u1
Location
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Strict-Transport-Security
max-age=15768000
arrow__blue.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/arrow__blue.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bbee510c3b5965532d53185cadd47753740b6445f2b9bded3849424fcd2661a

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2017-01-30T08:48:38.478Z
server
AmazonS3
age
11627
etag
"6d26faedbdd557f7dcd86e9060de347f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 30 Jan 2017 13:50:57 GMT
accept-ranges
bytes
content-length
2266
x-amz-cf-id
OCWUZ1MReKer4OvTC32ZYhJUQ5x46CdSio4TeGS9b_P9pSzrvbEi4Q==
pattern__safari1.jpg
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/pattern__safari1.jpg
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b4d70d5fb64a31f115e1e853b7272e1415ffec2234e78e00847350c23d607fe

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2017-01-31T09:32:59.097Z
server
AmazonS3
age
11627
etag
"918dfef192de7b99284e969e75d6cc29"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
last-modified
Thu, 15 Feb 2018 14:46:36 GMT
accept-ranges
bytes
content-length
25293
x-amz-cf-id
zG9t_TYDphgnM7up8RZco-gpN9O05TPbDrQnvsNF_b02i5uGy1Moug==
pattern__safari-arrow.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/pattern__safari-arrow.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c48ecdfda540af22ecb4d9638c8c0082e401cc4b45aa2df46c976ec80d38c12

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2017-01-30T12:13:47.914Z
server
AmazonS3
age
11627
etag
"496171f7f5272b0c3b8ae1d526110caf"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 30 Jan 2017 13:51:01 GMT
accept-ranges
bytes
content-length
3478
x-amz-cf-id
UJX8OUA_aK3VNF3BwBwQ7cjtBCEnyXq-ft8CExcQasgDM9zETHxeBw==
clean_k_arrow_logo.png
d34wvoo5bu1mcn.cloudfront.net/lps/new_lp_images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/new_lp_images/clean_k_arrow_logo.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1393cb32c2a95f542d995c589c955944cde6af59c2b6e09cc4f814298b376706

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 20:46:00 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jun 2018 08:50:29 GMT
server
AmazonS3
age
30934
etag
"5dff7d9a5f67c3a0bcac24c8af8802fd"
x-amz-meta-origin-date-iso8601
2018-06-27T08:50:35.000Z
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
63341
x-amz-cf-id
sOjWi9am-V4Z1JWf7lMQUj_w3VWMQyQrROuYJZlAj_M0Qdc_ES_HjA==
clean_k.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/clean_k.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9c20ab54cfdf8ae89bcbec66fbdcd3b9a1427239da5b4db7c30577dbd21b95a

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2018-04-05T13:23:03.260Z
server
AmazonS3
age
11627
etag
"0f177416ac65c697b6bee20ef2ad5da7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Thu, 05 Apr 2018 13:25:23 GMT
accept-ranges
bytes
content-length
68254
x-amz-cf-id
dPfDExq0i0SyBF8A8J0q8SQgiUuQ_DWrHf8_bUe44dMmyOLSO3S9NQ==
downloadgif.gif
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/downloadgif.gif
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d714e144f5890b10e5bfb765e0ea6c31737ee11031131a0c306cc2645ef7ba81

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:38:13.325Z
server
AmazonS3
age
11597
etag
"71d508a5a418c2eab6ac59dab52e5f53"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
last-modified
Mon, 06 Jun 2016 13:29:02 GMT
accept-ranges
bytes
content-length
11787
x-amz-cf-id
ucqnW-hRnAgnjz6ws6SkQKi3VOcaaWw6tGmc3yuTHCZWv-PyhByxrQ==
downloadactive.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/downloadactive.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85ca0e8a71da7cb9f6da2faad0b491818b83b721a03dd71a9e6c1fd23cc355fe

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:30:35.401Z
server
AmazonS3
age
11597
etag
"759894fc31058cbee5c154ddf8109da6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 06 Jun 2016 13:29:02 GMT
accept-ranges
bytes
content-length
4367
x-amz-cf-id
i0OHb61zyy8F-aAWJxXpbs2SJsBm0IohTKivZXmdaVpqHiziaO1_zQ==
ok.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ok.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bc686d0dbd4a721a5b96df034ac04067756297cf097ad6f4338b0e37c95af1

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:27:57.299Z
server
AmazonS3
age
11597
etag
"8735b3e852676168da0cb997fc397c4d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 06 Jun 2016 13:29:04 GMT
accept-ranges
bytes
content-length
3387
x-amz-cf-id
aHmWoJVlCsOkETXDwHbGa6zEKat5z2QHjsGXt9F1Swmo-_Ovsfjotw==
okactive.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/okactive.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2755c2a109a7dc442afa20ab5ea319eca18f94a8ea7c05e2dddb6e1264501e23

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:29:12.912Z
server
AmazonS3
age
11597
etag
"2b9dd1759bf55999fc392c5dbb6bb6f7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 06 Jun 2016 13:29:05 GMT
accept-ranges
bytes
content-length
3437
x-amz-cf-id
Jf95jTu8mH7QffIh9IxBzh6kPh_7besH0VxZZMQT61PmQNsgjWL0OA==
okactive@2x.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/okactive@2x.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8b80ca1f74242b77cbf0ac6ec3e8076757aa54578434944a4e4df767c9cf6ad

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:42:33.705Z
server
AmazonS3
age
11597
etag
"370305f8f631cc0642d7bf0d8d7f51e2"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 06 Jun 2016 13:29:05 GMT
accept-ranges
bytes
content-length
4484
x-amz-cf-id
FFVoG2ZSOoFxFnYIh1-imuO7S3A1FVwIH5LfPE6rI5neLu8_JGUvtg==
downloadactive@2x.png
d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d34wvoo5bu1mcn.cloudfront.net/lps/flash_mac/images/downloadactive@2x.png
Requested by
Host: aptitude.themainplacesetnowcontentsnewsets.date
URL: https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
Protocol
SPDY
Server
13.32.99.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-99-80.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
911a71457c0146a07bd5d48ef8556f7a802c9feddf63d59750453ff76a443484

Request headers

Referer
https://aptitude.themainplacesetnowcontentsnewsets.date/?gea=uDPSZ2yLVTeHkjeh-ZHgXB9r04wpIIjzkPYyIHWKHJPwKfi7xFxITxC3EK1KETIaU3OVzopF6whvgn70dBsYSQ..&cid=5b622cf19125fb0001fdf597&sub=1001_UzoxODM3LFNCOjg3NDIsTDo0MjQ1LEM6MjE5NzU=&v_id=uqVQG1eGBFiSqR1jPa6xpaBp107OlaESyZj2xuPmHzk.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 29 Jul 2018 18:38:24 GMT
via
1.1 973497bf6a39ec25b3eac8806793ebe5.cloudfront.net (CloudFront)
x-amz-meta-crossftp-original-file-date-iso8601
2015-03-09T08:39:32.396Z
server
AmazonS3
age
11597
etag
"1cd55b247bf699786c644652ea0d1973"
x-cache
Hit from cloudfront
content-type
image/png
status
200
last-modified
Mon, 06 Jun 2016 13:29:02 GMT
accept-ranges
bytes
content-length
6790
x-amz-cf-id
Yy2dkZPfHPKHkaOC-2d7E1djAoQVKVPTyerBPrSkZ9SoPZCb9LfA3A==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple Software Update (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showStep string| host string| pdi_param_1 number| pdi_param_2 number| pdi_param_3 string| pdi_start_url object| head object| css object| adVars function| goToAd function| setFilterEffect function| close_modal_ad function| showModalAd function| httpGetAsync object| dlobj

3 Cookies

Domain/Path Name / Value
aptitude.themainplacesetnowcontentsnewsets.date/ Name: lp_id
Value: 2344
aptitude.themainplacesetnowcontentsnewsets.date/ Name: dist_id
Value: 2610
aptitude.themainplacesetnowcontentsnewsets.date/ Name: channel
Value: plus_mac2