Submitted URL: https://mobi.billiwa.com/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be13623-1c9cb38f-da9cf...
Effective URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPN...
Submission: On November 14 via manual from IN

Summary

This website contacted 7 IPs in 6 countries across 9 domains to perform 20 HTTP transactions. The main IP is 69.162.126.230, located in Dallas, United States and belongs to LIMESTONENETWORKS - Limestone Networks, Inc., US. The main domain is lp.macutils.club.
This is the only time lp.macutils.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31.170.100.125 201942 (SOLTIA)
1 2 109.123.118.67 13213 (UK2NET-AS)
1 1 34.225.190.7 14618 (AMAZON-AES)
1 1 34.231.89.205 14618 (AMAZON-AES)
6 69.162.126.230 46475 (LIMESTONE...)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:20e... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
20 7
Domain Requested by
6 www.google-analytics.com 2 redirects lp.macutils.club
6 lp.macutils.club tr4ck.bruceleadx2.com
lp.macutils.club
5 d1cyqjn658khhc.cloudfront.net lp.macutils.club
2 stats.g.doubleclick.net lp.macutils.club
2 tr4ck.bruceleadx2.com 1 redirects
1 code.jquery.com lp.macutils.club
1 news-easy.com 1 redirects
1 power.vuer.net 1 redirects
1 mobi.billiwa.com
20 9

This site contains links to these domains. Also see Links.

Domain
dl.macutils.club
Subject Issuer Validity Valid
ads.conscier.com
Let's Encrypt Authority X3
2019-10-15 -
2020-01-13
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-10-16 -
2020-01-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-11-05 -
2020-01-28
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh

This page contains 1 frames:

Primary Page: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Frame ID: CE9261AD7E524609F9B116B3E09DBD57
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://mobi.billiwa.com/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be... Page URL
  2. http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48... Page URL
  3. http://tr4ck.bruceleadx2.com/ck_jump?id=cz0yNjE1ODM5MjIzMjIzNDI3OCZ0PTE1NzM3MjE0MTQmaD01NDUyMDkzMDc=&__if... HTTP 302
    https://power.vuer.net/gbuh4rtfgvbyehnn/bgvebuwnibuh4gehsj.php?utm_source=564&utm_campaign=10075334... HTTP 302
    https://news-easy.com/iGkmaKmZvuCFZTSMTeN_uI2fnr1-qrkL_6wY7oDmxcg?clck=20191114_c68e0ab8-06bb-11ea... HTTP 302
    http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65Ay... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

65 %
HTTPS

44 %
IPv6

9
Domains

9
Subdomains

7
IPs

6
Countries

227 kB
Transfer

377 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mobi.billiwa.com/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be13623-1c9cb38f-da9cf906-227a-1c1d/5cc1fc8f5f5f906416416069 Page URL
  2. http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48a57b0be977 Page URL
  3. http://tr4ck.bruceleadx2.com/ck_jump?id=cz0yNjE1ODM5MjIzMjIzNDI3OCZ0PTE1NzM3MjE0MTQmaD01NDUyMDkzMDc=&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid= HTTP 302
    https://power.vuer.net/gbuh4rtfgvbyehnn/bgvebuwnibuh4gehsj.php?utm_source=564&utm_campaign=10075334&sid=UzoyMzg4LFNCOjE3NzA1NixMOjE3OTk0LEM6Mjc5MzM%3D&clck=20191114_c68e0ab8-06bb-11ea-8a4a-3f246c12733a HTTP 302
    https://news-easy.com/iGkmaKmZvuCFZTSMTeN_uI2fnr1-qrkL_6wY7oDmxcg?clck=20191114_c68e0ab8-06bb-11ea-8a4a-3f246c12733a&sid=UzoyMzg4LFNCOjE3NzA1NixMOjE3OTk0LEM6Mjc5MzM=&utm_campaign=NTY4ZwSkMpxJC9HbfP8xO3PgMjE0NoKD HTTP 302
    http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 4
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=1&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=860074997&gjid=1376491840&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&_r=1&cg1=Landing%20Page%20Views&z=1498986865 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=1&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=860074997&gjid=1376491840&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&_r=1&cg1=Landing%20Page%20Views&z=1498986865 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=860074997&_gid=143101722.1573721416&gjid=1376491840&_v=j79&z=1498986865
Request Chain 10
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 12
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=&gjid=&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&cg1=Landing%20Page%20Views&z=1657542559 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=&gjid=&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&cg1=Landing%20Page%20Views&z=1657542559
Request Chain 18
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=863377167&utmhn=lp.macutils.club&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Make%20your%20Mac%20Faster&utmhid=1097558435&utmr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&utmp=%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&utmht=1573721416595&utmac=UA-96784571-1&utmcc=__utma%3D60920433.404625441.1573721416.1573721417.1573721417.1%3B%2B__utmz%3D60920433.1573721417.1.1.utmcsr%3Dmcpcns2%7Cutmccn%3Dmcpcns2%7Cutmcmd%3D(not%2520set)%3B&utmjid=1359119881&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=863377167&utmhn=lp.macutils.club&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Make%20your%20Mac%20Faster&utmhid=1097558435&utmr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&utmp=%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&utmht=1573721416595&utmac=UA-96784571-1&utmcc=__utma%3D60920433.404625441.1573721416.1573721417.1573721417.1%3B%2B__utmz%3D60920433.1573721417.1.1.utmcsr%3Dmcpcns2%7Cutmccn%3Dmcpcns2%7Cutmcmd%3D(not%2520set)%3B&utmjid=1359119881&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=1359119881&_v=5.7.2&z=863377167

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
5cc1fc8f5f5f906416416069
mobi.billiwa.com/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be13623-1c9cb38f-da9cf906-227a-1c1d/
204 B
422 B
Document
General
Full URL
https://mobi.billiwa.com/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be13623-1c9cb38f-da9cf906-227a-1c1d/5cc1fc8f5f5f906416416069
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.125 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
mobi.billiwa.com
:scheme
https
:path
/177056/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/3be13623-1c9cb38f-da9cf906-227a-1c1d/5cc1fc8f5f5f906416416069
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
date
Thu, 14 Nov 2019 08:50:14 GMT
content-type
text/html; charset=UTF-8
content-length
175
access-control-allow-origin
*
access-control-allow-headers
Content-Type
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding
Cookie set ck.php
tr4ck.bruceleadx2.com/
1 KB
2 KB
Document
General
Full URL
http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48a57b0be977
Protocol
HTTP/1.1
Server
109.123.118.67 Ilford, United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
118-67.topstaffsolutions.com
Software
SpirooxPerformance-Server-1.0 /
Resource Hash
ef8c785bdeb07bc1f5da8fced3538464086d263f8006146758a0b746d27f1752

Request headers

Host
tr4ck.bruceleadx2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 8:50:14 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Content-Length
1172
Connection
close
Content-Type
text/html; charset=utf-8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
session=20191114_c68e0ab8-06bb-11ea-8a4a-3f246c12733a%7C26158392232234278%7C2019-11-14T08%3A50%3A14%2B0000%7C2921044%7CGermany%7C17994%7C177056%7CM2019111408-3d819aa0f0437b2633ba48a57b0be977%7C3484%7C4%7C2388%7C17994%7C2%7C2402%7C0%7C12657%7C10976%7C27933%7C3097%7C0%7C0%7C3%7C1%7CMac%7C74%7C%7C%7CChrome%7CHETZNER%7CWIFI%7C144.76.109.0%2F24%7C144.76.109.30%7C0%7C177056%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7C%7C0.0%7C0.0%7C0.0%7C0.0%7C0%7C%7C1573721414808%7C%7Cfalse%7Cfalse%7C55%7C0%7C27%7C%7C0%7C0%7C%7Ctr4ck.bruceleadx2.com%7Cde%7C%7C0.0%7C; domain=tr4ck.bruceleadx2.com; path=/; expires=Fri, 13 Dec 2019 8:50:14 GMT
Primary Request Cookie set /
lp.macutils.club/mcns/1/
Redirect Chain
  • http://tr4ck.bruceleadx2.com/ck_jump?id=cz0yNjE1ODM5MjIzMjIzNDI3OCZ0PTE1NzM3MjE0MTQmaD01NDUyMDkzMDc=&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid=
  • https://power.vuer.net/gbuh4rtfgvbyehnn/bgvebuwnibuh4gehsj.php?utm_source=564&utm_campaign=10075334&sid=UzoyMzg4LFNCOjE3NzA1NixMOjE3OTk0LEM6Mjc5MzM%3D&clck=20191114_c68e0ab8-06bb-11ea-8a4a-3f246c12...
  • https://news-easy.com/iGkmaKmZvuCFZTSMTeN_uI2fnr1-qrkL_6wY7oDmxcg?clck=20191114_c68e0ab8-06bb-11ea-8a4a-3f246c12733a&sid=UzoyMzg4LFNCOjE3NzA1NixMOjE3OTk0LEM6Mjc5MzM=&utm_campaign=NTY4ZwSkMpxJC9HbfP...
  • http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6n...
20 KB
21 KB
Document
General
Full URL
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Requested by
Host: tr4ck.bruceleadx2.com
URL: http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48a57b0be977
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f4541323835de0418ee48808ce1311f4cd47c81de950f4d7ae8b746bf8f27a8b

Request headers

Host
lp.macutils.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48a57b0be977
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tr4ck.bruceleadx2.com/ck.php?line_item_id=17994&site=177056&cid=M2019111408-3d819aa0f0437b2633ba48a57b0be977

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=vljvh03qjxh5owx0oopjsai0; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Thu, 14 Nov 2019 08:50:15 GMT
Content-Length
20854

Redirect headers

Date
Thu, 14 Nov 2019 08:50:15 GMT
Content-Type
text/html
Content-Length
158
Connection
keep-alive
Location
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Set-Cookie
session=d64b89eb-0072-44ee-b685-6d5ea0db3092
Server
nginx
jquery.min.js
lp.macutils.club/js/
94 KB
33 KB
Script
General
Full URL
http://lp.macutils.club/js/jquery.min.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bdaf1a32c8a2b2218bc4b932297f4fbae4d79e145a281947cb0dd76d0d83c834

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 08:50:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Feb 2018 06:40:21 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80f8a4d695afd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
33393
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
998
date
Thu, 14 Nov 2019 08:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 14 Nov 2019 10:33:37 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=1&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=1&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkY...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=860074997&_gid=143101722.1573721416&gjid=1376491840&_v=j79&z=1498986865
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=860074997&_gid=143101722.1573721416&gjid=1376491840&_v=j79&z=1498986865
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Nov 2019 08:50:15 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Nov 2019 08:50:15 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=860074997&_gid=143101722.1573721416&gjid=1376491840&_v=j79&z=1498986865
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerbar.png
d1cyqjn658khhc.cloudfront.net/lp/92/smrtc/
3 KB
3 KB
Image
General
Full URL
https://d1cyqjn658khhc.cloudfront.net/lp/92/smrtc/headerbar.png
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:c800:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0b59077ba5911435a8abd09c9f0710cda6af14d301a3c3ced86f79f8f6e28f2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 12:55:38 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified
Fri, 01 Nov 2019 12:55:10 GMT
server
AmazonS3
age
46563
etag
"d194bd9911c93dbbb3a0d6f54f55ede3"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2929
x-amz-cf-id
NzOdhEDWCtibm0qzrsj1j3-Km9f2p3H59fM980u8nVX940f2n8KRsQ==
x-amz-meta-s3b-last-modified
20191101T125428Z
logo.png
d1cyqjn658khhc.cloudfront.net/lp/92/smrtc/
15 KB
15 KB
Image
General
Full URL
https://d1cyqjn658khhc.cloudfront.net/lp/92/smrtc/logo.png
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:c800:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ded3918c50068825f0d287dccd3a93f7ae40a7b1a8eed64625a0dfd2c03e99c6

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 12:55:38 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified
Fri, 01 Nov 2019 12:55:10 GMT
server
AmazonS3
age
51716
etag
"ec32495a1ad749d51ffd09926b651ac0"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
15430
x-amz-cf-id
wVzYD_03PItNCjIJ542ewmRv3u2VPEirYB1yL7NMNZwBIeaI5BDdKw==
x-amz-meta-s3b-last-modified
20191101T125428Z
lp92.js
lp.macutils.club/lp/lp92/
2 KB
3 KB
Script
General
Full URL
http://lp.macutils.club/lp/lp92/lp92.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
925a302be2ff72c38dbcdae8bd56399af7a1842f45cfffc30ec1c8b04f80cb28

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 08:50:16 GMT
Last-Modified
Wed, 05 Sep 2018 14:16:41 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"29c8e4102345d41:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2540
custom.js
lp.macutils.club/js/
6 KB
2 KB
Script
General
Full URL
http://lp.macutils.club/js/custom.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e837e3261a447761975e0f368f6f1beec6c759ce56f9aa3f2bd3ab97e88613ab

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 08:50:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Feb 2018 06:40:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80cb73d595afd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1747
jquery-migrate-1.0.0.js
code.jquery.com/
15 KB
6 KB
Script
General
Full URL
https://code.jquery.com/jquery-migrate-1.0.0.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d9b635248efd4b596cad402579c29a619b4379cfb553a32589350b04c07f2bfa

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 14 Nov 2019 08:50:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-3d75"
Vary
Accept-Encoding
X-HW
1573721415.dop134.fr8.t,1573721415.cds146.fr8.shn,1573721415.cds146.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5347
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6111
date
Thu, 14 Nov 2019 07:08:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Thu, 14 Nov 2019 09:08:25 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
999
date
Thu, 14 Nov 2019 08:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 14 Nov 2019 10:33:37 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65...
  • https://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV6...
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=&gjid=&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&cg1=Landing%20Page%20Views&z=1657542559
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Oct 2019 18:34:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1260968
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j79&a=1097558435&t=pageview&_s=2&dl=http%3A%2F%2Flp.macutils.club%2Fmcns%2F1%2F%3Fx-context%3DRhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ%26utm_source%3Dmcpcns2%26utm_campaign%3Dmcpcns2%26pxl%3DMCP4014_MCP3930_RUNT%26utm_pubid%3Dspx_t1new_push%26x-at%3DXXXXX%26override%3D1%26rn%3Dmaccleaner.pkg&dr=http%3A%2F%2Ftr4ck.bruceleadx2.com%2Fck.php%3Fline_item_id%3D17994%26site%3D177056%26cid%3DM2019111408-3d819aa0f0437b2633ba48a57b0be977&ul=en-us&de=UTF-8&dt=Make%20your%20Mac%20Faster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=&gjid=&cid=404625441.1573721416&tid=UA-96784571-1&_gid=143101722.1573721416&cg1=Landing%20Page%20Views&z=1657542559
Non-Authoritative-Reason
HSTS
en.json
lp.macutils.club/lang/lp92/
746 B
1000 B
XHR
General
Full URL
http://lp.macutils.club/lang/lp92/en.json
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/js/jquery.min.js
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0d47958e09dcbcb34d7a34ccafd3fdb92b5995489cad15d13b9dd3923723267d

Request headers

Accept
*/*
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Thu, 14 Nov 2019 08:50:16 GMT
Last-Modified
Wed, 05 Sep 2018 14:12:59 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"79cfc88c2245d41:0"
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
746
down_arrow.png
d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/
23 KB
23 KB
Image
General
Full URL
https://d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/down_arrow.png
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:c800:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94dfde990746c82724536d94c06e5813133502df2d8abc14dcc607afb1160965

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 22:25:47 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified
Mon, 18 Feb 2019 09:55:18 GMT
server
AmazonS3
age
36263
etag
"c41a89b2909496e9ad406e402340a807"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
23595
x-amz-cf-id
vwzHlPXsgz3SBqWQx5ClTAXRhYWuhp9aZjWCvsBGOBdE6tVqrLxyRQ==
x-amz-meta-s3b-last-modified
20190218T093051Z
top_arrow.png
d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/
11 KB
12 KB
Image
General
Full URL
https://d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/top_arrow.png
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:c800:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08a65a495aa4606ac3c9544fd39bb2cc1160bb139fb21a9036979998c4d4882e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Jun 2019 19:58:30 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified
Mon, 18 Feb 2019 09:55:19 GMT
server
AmazonS3
age
4840
etag
"8aa6ffedf301a078c1990dadc85cd6cf"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
11618
x-amz-cf-id
I7TITRJN9U5_b3LXO2pXQONIa5ORbP65ZdIu-SNgfmSTs2aDHO7l4w==
x-amz-meta-s3b-last-modified
20190218T093904Z
Safari_0.png
d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/
53 KB
53 KB
Image
General
Full URL
https://d1cyqjn658khhc.cloudfront.net/lp/m/indicator/common/Safari_0.png
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:c800:0:bb7c:6000:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eafcd219d1338f9b84be7f94fc2fc3900f7ff11e05dc07397f0d26ed67ed18e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 24 Oct 2019 22:25:47 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
last-modified
Mon, 18 Feb 2019 09:55:18 GMT
server
AmazonS3
age
36991
etag
"0137202b01fb467c263c46e56f530669"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
54029
x-amz-cf-id
bz0I7kZ2VEFb7UZqIJMsUSyC23WlbjdbyYMnw3KqerYzcuZSdO_FLw==
x-amz-meta-s3b-last-modified
20190218T080250Z
TrackLpView
lp.macutils.club/ajax/Default.aspx/
10 B
218 B
XHR
General
Full URL
http://lp.macutils.club/ajax/Default.aspx/TrackLpView
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/js/jquery.min.js
Protocol
HTTP/1.1
Server
69.162.126.230 Dallas, United States, ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US),
Reverse DNS
230-126-162-69.static.reverse.lstn.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 14 Nov 2019 08:50:16 GMT
Cache-Control
private, max-age=0
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
10
Content-Type
application/json; charset=utf-8
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=863377167&utmhn=lp.macutils.club&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Make%...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=863377167&utmhn=lp.macutils.club&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Make...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=1359119881&_v=5.7.2&z=863377167
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=1359119881&_v=5.7.2&z=863377167
Requested by
Host: lp.macutils.club
URL: http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lp.macutils.club/mcns/1/?x-context=RhR41VW_7niCmvnMatUAqSNRB_s3gizTxnFv2fmVQ39-qrieoenkYV65AyJ20BPd5DOTG7zgUjSVPNAQgcl1d4Y_vP0nDJI3elNvdqY69qkDHfVDvuBvEexeVtOrCjti7S4yWVZcQ3rFHzyqvTKVCXtf-6nt2NGxR6scQ9Xf3qgSAaVjFChlFvzrd5JFUT4X_6hUUU4bbHoH9egVhud1kZSTpkCidWyIEnrHKHlgrOxY8CsxKhg9XYaNL1GrS9NO_QDl-ps4T3Tm1UvWcX-KiQ&utm_source=mcpcns2&utm_campaign=mcpcns2&pxl=MCP4014_MCP3930_RUNT&utm_pubid=spx_t1new_push&x-at=XXXXX&override=1&rn=maccleaner.pkg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Nov 2019 08:50:16 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Nov 2019 08:50:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96784571-1&cid=404625441.1573721416&jid=1359119881&_v=5.7.2&z=863377167
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery string| DwnUrl string| ProductName string| ProductLink string| PageName string| utm_source string| OsVerName string| langCode string| langId string| ipaddress string| ipdir string| queryParams string| serverPath string| sLangContent string| x_context object| _gaq object| langs object| langJS function| translate string| QueryStrLang function| lpnetAjax function| alignment boolean| bool function| showAlert function| downloadNow function| startTimer function| checkSecond function| setCookie function| getCookie undefined| x function| TrackWithIp function| track function| onfailure function| iedownload function| detectIE number| daily_results number| start_time number| cur_time number| days number| results function| addCommas function| resultTick function| resultTickNew function| BindNoScriptOnBtnClick function| funDownloadIndicator function| funClosePoup function| get_browser function| get_browser_version function| manageZindex object| _gat

9 Cookies

Domain/Path Name / Value
.lp.macutils.club/ Name: __utmb
Value: 60920433.1.10.1573721417
.lp.macutils.club/ Name: __utmt
Value: 1
.lp.macutils.club/ Name: __utmz
Value: 60920433.1573721417.1.1.utmcsr=mcpcns2|utmccn=mcpcns2|utmcmd=(not%20set)
.lp.macutils.club/ Name: __utmc
Value: 60920433
.macutils.club/ Name: _ga
Value: GA1.2.404625441.1573721416
.macutils.club/ Name: _gid
Value: GA1.2.143101722.1573721416
.macutils.club/ Name: _gat
Value: 1
.lp.macutils.club/ Name: __utma
Value: 60920433.404625441.1573721416.1573721417.1573721417.1
lp.macutils.club/ Name: ASP.NET_SessionId
Value: vljvh03qjxh5owx0oopjsai0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d1cyqjn658khhc.cloudfront.net
lp.macutils.club
mobi.billiwa.com
news-easy.com
power.vuer.net
stats.g.doubleclick.net
tr4ck.bruceleadx2.com
www.google-analytics.com
109.123.118.67
2001:4de0:ac19::1:b:1a
2600:9000:20eb:c800:0:bb7c:6000:21
2a00:1450:4001:815::200e
2a00:1450:400c:c00::9a
31.170.100.125
34.225.190.7
34.231.89.205
69.162.126.230
08a65a495aa4606ac3c9544fd39bb2cc1160bb139fb21a9036979998c4d4882e
0d47958e09dcbcb34d7a34ccafd3fdb92b5995489cad15d13b9dd3923723267d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
6eafcd219d1338f9b84be7f94fc2fc3900f7ff11e05dc07397f0d26ed67ed18e
780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
925a302be2ff72c38dbcdae8bd56399af7a1842f45cfffc30ec1c8b04f80cb28
94dfde990746c82724536d94c06e5813133502df2d8abc14dcc607afb1160965
b0b59077ba5911435a8abd09c9f0710cda6af14d301a3c3ced86f79f8f6e28f2
bdaf1a32c8a2b2218bc4b932297f4fbae4d79e145a281947cb0dd76d0d83c834
d9b635248efd4b596cad402579c29a619b4379cfb553a32589350b04c07f2bfa
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ded3918c50068825f0d287dccd3a93f7ae40a7b1a8eed64625a0dfd2c03e99c6
e837e3261a447761975e0f368f6f1beec6c759ce56f9aa3f2bd3ab97e88613ab
ef8c785bdeb07bc1f5da8fced3538464086d263f8006146758a0b746d27f1752
f4541323835de0418ee48808ce1311f4cd47c81de950f4d7ae8b746bf8f27a8b