r.virscan.org Open in urlscan Pro
18.195.231.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Effective URL:
https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Submission Tags: falconsandbox
Submission: On May 12 via api (May 12th 2021, 11:20:01 am UTC) from US

Summary HTTP 186 Redirects Links 125 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 21 domains to perform 186 HTTP transactions. The main IP is 18.195.231.212, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is r.virscan.org.
TLS certificate: Issued by RapidSSL RSA CA 2018 on November 9th 2019. Valid for: 2 years.

This is the only time r.virscan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 95	18.195.231.212 18.195.231.212	16509 (AMAZON-02) (AMAZON-02)
4	121.41.82.234 121.41.82.234	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2600:9000:206... 2600:9000:206f:8a00:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	47.102.38.15 47.102.38.15	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.98.222 18.196.98.222	16509 (AMAZON-02) (AMAZON-02)
2 7	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:6239:a920:2d8:2f61	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.20 217.182.200.20	16276 (OVH) (OVH)
186	28

95 18.195.231.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com

r.virscan.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.virscan.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 121.41.82.234 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

data.choujue.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8a00:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.102.38.15 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

sc.anhuiry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.98.222 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-98-222.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.162 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:6239:a920:2d8:2f61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.20 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	virscan.org 1 redirects r.virscan.org img.virscan.org	452 KB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	234 KB
21	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	399 KB
18	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	81 KB
4	googletagservices.com www.googletagservices.com	133 KB
4	google.com 1 redirects adservice.google.com www.google.com	305 B
4	choujue.net data.choujue.net	113 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
2	baidu.com hm.baidu.com	15 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	336 B
1	innovid.com ag.innovid.com	296 B
1	agkn.com 1 redirects d.agkn.com	758 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	639 B
1	anhuiry.com sc.anhuiry.com	405 B
1	qhimg.com jspassport.ssl.qhimg.com	456 B
0	qhres.com Failed s.ssl.qhres.com Failed
186	21

	Domain	Requested by
93	img.virscan.org	r.virscan.org img.virscan.org
17	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	r.virscan.org pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	data.choujue.net	r.virscan.org data.choujue.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	r.virscan.org www.google-analytics.com
2	hm.baidu.com	r.virscan.org
2	r.virscan.org	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sc.anhuiry.com	data.choujue.net
1	jspassport.ssl.qhimg.com	r.virscan.org
0	s.ssl.qhres.com Failed	jspassport.ssl.qhimg.com
186	31

This site contains links to these domains. Also see Links.

Domain
www.virscan.org
software.virscan.org
u.virscan.org
api.virscan.org
www.dbappsecurity.com.cn
www.cpsecure.com
www.estsecurity.com
www.jiangmin.com
www.ijinshan.com
www.microsoft.com
www.norman.com
www.rising.com.cn
edr.sangfor.com.cn
www.securehunter.com
www.virusbuster.hu
m.qq.com
www.360.cn
habo.qq.com
threatbook.cn
www.hybrid-analysis.com
f.virscan.org
ftype.virscan.org
md5.virscan.org
sha1.virscan.org
sha256.virscan.org
ssdeep.virscan.org
a.virscan.org
v.virscan.org
s.click.taobao.com
download.uc.cn
www.anva.org.cn
www.centos.org
www.hrbpolice.cn
beian.miit.gov.cn
www.beian.gov.cn

Subject Issuer	Validity	Valid
*.virscan.org RapidSSL RSA CA 2018	`2019-11-09` - `2021-11-08`	2 years	crt.sh
data.choujue.net Encryption Everywhere DV TLS CA - G1	`2021-04-22` - `2022-04-22`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.ssl.qhimg.com WoTrus OV SSL CA	`2020-02-11` - `2022-05-11`	2 years	crt.sh
sc.anhuiry.com Encryption Everywhere DV TLS CA - G1	`2020-07-30` - `2021-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Frame ID: 7D1BAE83A341CF7BFAAFF708744F3D6A
Requests: 117 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: F1370A3356328B0C9B87E206CF95F9C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1620814994&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&ea=0&flash=0&pra=5&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386306&bpp=3&bdt=4485&idt=71&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6493444984970&frm=20&pv=2&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 66E6B93FD91352299F663A87F9BA1A90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112
Frame ID: 7B373E2E085358E80BEBA3F9FDE4C309
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=7430788333&adk=1236994834&adf=1961880720&pi=t.ma~as.7430788333&w=733&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=733x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386313&bpp=1&bdt=4492&idt=118&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xd2SEXyNax&p=https%3A//r.virscan.org&dtd=122
Frame ID: 0337E1B3AA2B9354693FE268D2503B9D
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8B4B354ED402C10938401BCE6140A961
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16
Frame ID: 9A3A923EDABCFDD3749839A5C62A052C
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js
Frame ID: 10ECC5BC64684A6E6A99AF5E909E1083
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 115F3D3A4F533479BA27CE82F0150CFD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CE1A0A7F1EAA2999CB904A7A62F88149
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js
Frame ID: DA53BD5B13DA3A7731E14D675E61BADF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js
Frame ID: C5ABBF0BB7F5FC48FAEEC5179D2160E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97 HTTP 301
https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97 Page URL

Page Statistics

186
Requests

99 %
HTTPS

68 %
IPv6

21
Domains

31
Subdomains

28
IPs

7
Countries

1451 kB
Transfer

2934 kB
Size

2
Cookies

125 Outgoing links

These are links going to different origins than the main page.

URL: https://www.virscan.org/language/ru/

Search URL Search Domain Scan URL

URL: https://software.virscan.org/static/app/Virscan_Uploader_Beta1.0.3.exe
Title: если ваш браузер не может загрузить файл, загрузите его на сервер Viscan Uploader.

Search URL Search Domain Scan URL

URL: https://www.virscan.org/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/reportlist
Title: Отчет

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/viruslist
Title: Вирусный отчет

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/behaviorlist
Title: Отчет о поведении

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/helpus
Title: Содействие VirSCAN

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/bug
Title: Сообщить об ошибке

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/contacts
Title: Обратная связь

Search URL Search Domain Scan URL

URL: https://u.virscan.org/urlreportlist
Title: Обнаружение URL

Search URL Search Domain Scan URL

URL: https://api.virscan.org/api/api.html?lang=ru
Title: API

Search URL Search Domain Scan URL

URL: https://www.virscan.org/download/download.php
Title: uploader for windows(test)

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/ahnlab

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/antivir

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/antiy

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/arcabit

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/avast

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/avg

Search URL Search Domain Scan URL

URL: https://www.dbappsecurity.com.cn/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/bitdefender

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/clamav

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/comodo

Search URL Search Domain Scan URL

URL: https://www.cpsecure.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/cyren

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/drweb

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/defenx

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/emsisoft

Search URL Search Domain Scan URL

URL: https://www.estsecurity.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/fprot

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/fsecure

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/tws

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/fortinet

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/gdata

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/gridinsoft

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/hauri

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/ikarus

Search URL Search Domain Scan URL

URL: https://www.jiangmin.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/kaspersky

Search URL Search Domain Scan URL

URL: https://www.ijinshan.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/k7

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/nod32

Search URL Search Domain Scan URL

URL: https://www.norman.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/nano

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/panda

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/pcc

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/quickheal

Search URL Search Domain Scan URL

URL: https://www.rising.com.cn/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/sophos

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/sunbelt

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/symantec

Search URL Search Domain Scan URL

URL: https://edr.sangfor.com.cn/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/systweak

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/tachyon

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/thehacker

Search URL Search Domain Scan URL

URL: https://www.securehunter.com/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/vba

Search URL Search Domain Scan URL

URL: https://www.virusbuster.hu/

Search URL Search Domain Scan URL

URL: https://m.qq.com/

Search URL Search Domain Scan URL

URL: https://www.360.cn/

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/xvirus

Search URL Search Domain Scan URL

URL: https://habo.qq.com/

Search URL Search Domain Scan URL

URL: https://threatbook.cn/

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/

Search URL Search Domain Scan URL

URL: https://f.virscan.org/language/ru/Patch-fpm95.exe.html
Title: Patch-fpm95.exe

Search URL Search Domain Scan URL

URL: https://ftype.virscan.org/ftype/2/PE32%20executable%20for%20MS%20Windows%20(GUI)%20Intel%2080386%2032-bit/9b269b68a697ba85216e221e6feaaa97.html
Title: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

Search URL Search Domain Scan URL

URL: https://md5.virscan.org/language/ru/67d4f6654504adf78bfb684c6edb9754.html
Title: 67d4f6654504adf78bfb684c6edb9754

Search URL Search Domain Scan URL

URL: https://sha1.virscan.org/language/ru/884477db15db7933905604f0d226213084d635c9.html
Title: 884477db15db7933905604f0d226213084d635c9

Search URL Search Domain Scan URL

URL: https://sha256.virscan.org/language/ru/508db7aa48eed56311e012989f137441e68eec6cd97884c42eafa76aa1152641.html
Title: 508db7aa48eed56311e012989f137441e68eec6cd97884c42eafa76aa1152641

Search URL Search Domain Scan URL

URL: https://ssdeep.virscan.org/language/ru/ssdeep/.html

Search URL Search Domain Scan URL

URL: https://a.virscan.org/language/ru/67d4f6654504adf78bfb684c6edb9754?sandbox=YToxOntpOjA7czo0OiJoYWJvIjt9&sid=9b269b68a697ba85216e221e6feaaa97
Title: Анализ файла Habo

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Packed/Win32.Morphine.html
Title: Packed/Win32.Morphine

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/alyac
Title: alyac

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/RiskWare[RiskTool]/Win32.Patcher.html
Title: RiskWare[RiskTool]/Win32.Patcher

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Win32:Evo-gen%20[Susp].html
Title: Win32:Evo-gen [Susp]

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/baidu
Title: baidu

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/baidusd
Title: baidusd

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Gen:Trojan.Heur.buW@!J1ERBi.html
Title: Gen:Trojan.Heur.buW@!J1ERBi

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/TrojWare.Win32.Agent.WFN@4t5srs.html
Title: TrojWare.Win32.Agent.WFN@4t5srs

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/ctch
Title: ctch

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/W32/Agent.KFY.html
Title: W32/Agent.KFY

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/W32/Agent.EWQQ-1275.html
Title: W32/Agent.EWQQ-1275

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan%20(%200040f3a51%20).html
Title: Trojan ( 0040f3a51 )

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Riskware/GamePatcher.html
Title: Riskware/GamePatcher

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/hunter
Title: hunter

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/PUA.HackTool.Patcher.html
Title: PUA.HackTool.Patcher

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/jiangmin
Title: jiangmin

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/kav4fs
Title: kav4fs

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/kingsoft
Title: kingsoft

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/mcafee
Title: mcafee

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/a%20variant%20of%20Win32/HackTool.Patcher.AD%20potentially%20unsafe%20application.html
Title: a variant of Win32/HackTool.Patcher.AD potentially unsafe application

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/qh360
Title: qh360

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/HEUR/QVM20.1.7F4B.Malware.Gen.html
Title: HEUR/QVM20.1.7F4B.Malware.Gen

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/qqphone
Title: qqphone

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Riskware.Dupatcher.A4.html
Title: Riskware.Dupatcher.A4

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/rising
Title: rising

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/PUF.Patcher.html
Title: PUF.Patcher

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan.Win32.Agent.wfn.html
Title: Trojan.Win32.Agent.wfn

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/sxf
Title: sxf

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/antivirusvendor/virusbuster
Title: virusbuster

Search URL Search Domain Scan URL

URL: https://s.click.taobao.com/VrZQ1wu

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan[Packed]/MSIL.VMProtect.html
Title: Trojan[Packed]/MSIL.VMProtect

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Win32.Virlock.Gen.1.html
Title: Win32.Virlock.Gen.1

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/JS:Decode-BTB.html
Title: JS:Decode-BTB

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Heur.Corrupt.PE@1z141z3.html
Title: Heur.Corrupt.PE@1z141z3

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/GrayWare[AdWare]/Android.Inoco.html
Title: GrayWare[AdWare]/Android.Inoco

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/RiskWare[RiskTool]/Win32.BitMiner.html
Title: RiskWare[RiskTool]/Win32.BitMiner

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Application.HackTool.MeterPreter.AQR.html
Title: Application.HackTool.MeterPreter.AQR

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan/Win32.Zenpak.html
Title: Trojan/Win32.Zenpak

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/DeepScan:Generic.Mira.CF26E316.html
Title: DeepScan:Generic.Mira.CF26E316

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/GrayWare/Autoit.BinToStr.a.html
Title: GrayWare/Autoit.BinToStr.a

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/JS:Trojan.JS.Redirector.BUQ.html
Title: JS:Trojan.JS.Redirector.BUQ

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan.Scar.hmoc.yleu.html
Title: Trojan.Scar.hmoc.yleu

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan.Ppatre.Gen.1.html
Title: Trojan.Ppatre.Gen.1

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Trojan.GenericKD.31022722.html
Title: Trojan.GenericKD.31022722

Search URL Search Domain Scan URL

URL: https://v.virscan.org/language/ru/Gen:Variant.Strictor.14267.html
Title: Gen:Variant.Strictor.14267

Search URL Search Domain Scan URL

URL: https://download.uc.cn/download/quark?ch=kk@other_zcwyunhai1

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/about
Title: Информация о VirSCAN

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.virscan.org/language/ru/link
Title: Дружественная ссылка

Search URL Search Domain Scan URL

URL: https://www.anva.org.cn/
Title:

Search URL Search Domain Scan URL

URL: https://www.centos.org/

Search URL Search Domain Scan URL

URL: https://www.hrbpolice.cn/

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/state/outPortal/loginPortal.action
Title: 京ICP备11007605号-14

Search URL Search Domain Scan URL

URL: https://www.beian.gov.cn/portal/registerSystemInfo?recordcode=11010802020746
Title: 京公网安备 11010802020746号

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97 HTTP 301
https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 177

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnh7oQKQr0Vr6gFU7SAoVU&google_cver=1&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY&google_hm=Q0FFU0VLbmg3b1FLUXIwVnI2Z0ZVN1NBb1ZV

Request Chain 178

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIYDJwuuAD18vHBbb8QkAAVeCmUyk3m_IbEz9cewngDfHK8IDjaDI9lWxeYemdznfDkZpn8fU5Gx7037kcRuqxYxUCWnfo&google_gid=CAESELn8pLpq05EIXPJMccEo2ts&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNPz7oQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVJWURKd3V1QUQxOHZIQmJiOFFrQUFWZUNtVXlrM21fSWJFejljZXduZ0RmSEs4SURqYURJOWxXeGVZZW1kem5mRGtacG44ZlU1R3g3MDM3a2NSdXF4WXhVQ1duZm8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwLXR0UnJwdTN4LUN2N1AxV1MtQ0RUTDd6Yy1XaVRHY2RKUHpkMTlvWTNoRQ==&google_push

Request Chain 179

https://rtb.openx.net/sync/dds?google_gid=CAESEJuuceppIOEDBnGro9Q7yko&google_cver=1&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJuuceppIOEDBnGro9Q7yko&google_cver=1&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A==&google_tc=

Request Chain 180

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc=

Request Chain 182

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJtGKFuALjYNTXikDSDu4YE&google_cver=1&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm=&google_tc=

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

186 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 9b269b68a697ba85216e221e6feaaa97 Show response
r.virscan.org/language/ru/report/
Redirect Chain

http://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

178 KB
29 KB

2310ms
2260ms

Document
text/html

18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: f05c01c1900cb0d1e7b211eaadc0a635559f6ae8ca15a1ffffaa9aa7ac0220a8

Request headers

:method: GET
:authority: r.virscan.org
:scheme: https
:path: /language/ru/report/9b269b68a697ba85216e221e6feaaa97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:41 GMT
content-type: text/html; charset=UTF-8
server: NWS_Oversea_AP
cache-control: max-age=8640000
last-modified: Wed, 12 May 2021 10:23:14 GMT
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=ru; expires=Sat, 10-May-2031 10:23:14 GMT; Max-Age=315360000; path=/; domain=.virscan.org
pragma: no-cache
x-nws-log-uuid: 4e6d47d5-48ad-4720-bf45-8d5bbbcf91b1
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream

Redirect headers

Server: NWS_Oversea_AP
Connection: keep-alive
Date: Wed, 12 May 2021 11:19:39 GMT
Cache-Control: max-age=8640000
Expires: Fri, 20 Aug 2021 11:19:39 GMT
Content-Length: 73
Location: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

GET
H2 200 styles.css
img.virscan.org/bootstrap/css/ 2 KB
648 B 457ms
31ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/styles.css
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 40f622b837062c49657a3ae4a387f37fa6d9c044598e67169ab6c3c0f8442fe1

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:58:58 GMT
server: NWS_Oversea_AP
etag: "5fbe0ec2-6bd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 7c7bea8e-fc74-454c-8954-b36e80a5f1f3
accept-ranges: bytes
content-length: 349
expires: Wed, 12 May 2021 11:29:41 GMT

GET
H2 200 bootstrap-responsive.min.css
img.virscan.org/bootstrap/css/ 16 KB
5 KB 457ms
31ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/bootstrap-responsive.min.css
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 028a86edc87123d64d64fa813f57de5a290fd2b17b16098c2b3162b42792cb77

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-41d1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 496d49ad-8530-4a25-9e1a-5660bc9341c6
content-length: 4496
expires: Wed, 12 May 2021 11:29:41 GMT

GET
H2 200 logo.gif
img.virscan.org/images/ 4 KB
4 KB 52ms
44ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/logo.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: fc8ea0fd0e6d1ef6d67751c5e8651a71ef4ad0862c527670b13edc0863f4e3e2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-ea0"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 68d931dc-08c8-4190-b306-ce6d8a41c0e3
accept-ranges: bytes
content-length: 3744
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 view_en.gif
img.virscan.org/images/ 816 B
1 KB 53ms
45ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/view_en.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 4568a10362069382ac9a64529c3525aa738dde0ad4c157193be3ce3ca525aee1

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-330"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: c7ecfabb-54db-40f0-8963-c2ebf449b406
accept-ranges: bytes
content-length: 816
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 up_en.gif
img.virscan.org/images/ 826 B
1 KB 34ms
34ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/up_en.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 9dab7845d7a1be91e0146aead00724ffe900629b68e2f13da430c8dbcc217741

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-33a"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: b0be5e89-d7c0-45fd-9df3-9b4fdf660444
accept-ranges: bytes
content-length: 826
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 1.gif
img.virscan.org/images/load/ 372 B
635 B 25ms
25ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/load/1.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 42944426153985a9f460fc92b40516ab3386ff1754afb58cb8f1aadb1936917e

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-174"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: ed5d3c3d-b7fb-42c7-9302-577deb235648
accept-ranges: bytes
content-length: 372
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 view1_en.gif
img.virscan.org/images/ 2 KB
2 KB 33ms
24ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/view1_en.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 65f410d2f4342e5bf98067b6116e97776863a9c9b2b64f8b5a529a72d216b6b3

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Thu, 07 Jan 2021 07:13:35 GMT
server: NWS_Oversea_AP
etag: "5ff6b49f-828"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 431e784d-7367-49ff-99cf-49d8d440235e
accept-ranges: bytes
content-length: 2088
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 select.png
img.virscan.org/images/ 140 B
403 B 35ms
27ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/select.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 5276076ca1f97edc1e435558b6b86db79292e5c73bd4ba9d1cd4fd02998cbb3a

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-8c"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: f32fd6f0-b77e-4c28-932c-402bdddb67b9
accept-ranges: bytes
content-length: 140
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 ahnlab.gif
img.virscan.org/images/av/ 2 KB
2 KB 30ms
28ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/ahnlab.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e6ee155a60c9ac6fc00dc4bcfdfd873c4782ad298ba5cd09f10faa7bfd0e61b9

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-604"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 81d67aa7-8321-405c-8e9c-85e1c45f872f
accept-ranges: bytes
content-length: 1540
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 antivir.gif
img.virscan.org/images/av/ 2 KB
3 KB 31ms
30ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/antivir.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 2d5e6d52173e24e92f8f1ae9ff1a5528c6c5b4e12ca1b775818a3e54c52ba6e8

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 10 Aug 2020 03:29:49 GMT
server: NWS_Oversea_AP
etag: "5f30bf2d-938"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 079b3f8a-26ef-483f-8eb2-140424768da2
accept-ranges: bytes
content-length: 2360
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 antiy.gif
img.virscan.org/images/av/ 1 KB
1 KB 31ms
30ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/antiy.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 40a66127d84eda5766c00542fce2986283d401a60b197ebf0c49128b75347425

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-435"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: b0e7586d-6222-4292-9037-4357b9716821
accept-ranges: bytes
content-length: 1077
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 arcabit-logo-new.png
img.virscan.org/images/av/ 6 KB
6 KB 25ms
24ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/arcabit-logo-new.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e66701a088ca436567831f670bd5d3da6cbadad69df630b3e302bcfabe59eff6

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 06 Jun 2018 07:05:07 GMT
server: NWS_Oversea_AP
etag: "5b1787a3-1819"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 07351e73-2523-4545-bdee-4338be846a16
accept-ranges: bytes
content-length: 6169
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 avast.gif
img.virscan.org/images/av/ 570 B
833 B 66ms
58ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/avast.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 34a758c1ef669444804a941d5ca3539ca035127f6701bb27f1bd6063f4bea5f6

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-23a"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: fd121ba8-bd10-4df1-8b1b-ffa1fad3422a
accept-ranges: bytes
content-length: 570
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 avg.gif
img.virscan.org/images/av/ 2 KB
3 KB 82ms
75ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/avg.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 8c7f80dd92bec308109382eb69619c1351384961d040ac3427895cd89d29af9b

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-9c5"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: b6e7bad7-1a08-4fa9-a00a-eefb6969ce3d
accept-ranges: bytes
content-length: 2501
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 ahxx_n.jpg
img.virscan.org/images/av/ 12 KB
12 KB 83ms
76ms Image
image/jpeg 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/ahxx_n.jpg
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 6c9bd38a258df401ea2038ce043f284ee46a55328030e2e8456e8687122086b3

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Sun, 14 Mar 2021 06:29:24 GMT
server: NWS_Oversea_AP
etag: "604dad44-2f83"
content-type: image/jpeg
cache-control: max-age=8640000
x-nws-log-uuid: 36f1e3b2-a037-457b-a292-51d4455737c2
accept-ranges: bytes
content-length: 12163
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 baidu.gif
img.virscan.org/images/ 2 KB
3 KB 90ms
82ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/baidu.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: b36bbc1f0d6c8199e51487edbe590a0852c296ad4ea7ea56f958fdeba3e2feae

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-99b"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 724eb158-1f86-486e-b049-4a55b4394574
accept-ranges: bytes
content-length: 2459
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bitdefender.gif
img.virscan.org/images/av/ 3 KB
4 KB 55ms
48ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/bitdefender.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 4a0592f5f393410ad2e2c185a120290e284210910a944072fed0379e9def2ca1

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-d6d"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 70391c2c-295b-480a-b538-8fd1a96b7ae2
accept-ranges: bytes
content-length: 3437
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 clamav.gif
img.virscan.org/images/av/ 2 KB
2 KB 56ms
48ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/clamav.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: a5ff91e781a8ef162e85819a0093a2c798a017300ddfc85b8273f68178c8ce2f

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-651"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: e5ed77fc-9460-43e6-9992-ac0e2eec98bf
accept-ranges: bytes
content-length: 1617
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 comodo.gif
img.virscan.org/images/av/ 3 KB
3 KB 86ms
79ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/comodo.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 4c2c0e0cb20b02fb9b83b7a6f51ab5037a3abecfd248578b1b86f8c84e9616b8

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-ba6"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: f985039b-f392-4226-9246-e1ea9acb578f
accept-ranges: bytes
content-length: 2982
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 cpsecure.gif
img.virscan.org/images/av/ 4 KB
4 KB 45ms
37ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/cpsecure.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 040b0b798e8aa5407fd10f6cf5f5722079b8a7633aa1b8959087bb0e4de4826d

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-103d"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 6da0203b-fe61-4227-99d8-246137187a62
accept-ranges: bytes
content-length: 4157
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 cyren1.png
img.virscan.org/images/av/ 5 KB
5 KB 57ms
49ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/cyren1.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 195f7dba3742591dacdbebc083e5458a0f96ae2078aa33ab6027a1a7783a29c3

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 13 Feb 2019 06:18:42 GMT
server: NWS_Oversea_AP
etag: "5c63b6c2-1217"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: bbb90d4a-6de4-4cab-a0f1-ad1a5ff96ebf
accept-ranges: bytes
content-length: 4631
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 drweb.gif
img.virscan.org/images/av/ 527 B
790 B 45ms
37ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/drweb.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 03c0aec1a588e0890db7890499c09493616621224d659e82f53e8b41761f031b

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-20f"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 0c9f2e00-d8f7-4f68-b81f-7e16e89d81d1
accept-ranges: bytes
content-length: 527
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 defenx.png
img.virscan.org/images/av/ 8 KB
9 KB 92ms
85ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/defenx.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: de961a24207e69cc862cf153eb92d9e141d65148e18c2d076545b61b10af20f3

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 14 Nov 2018 06:05:36 GMT
server: NWS_Oversea_AP
etag: "5bebbb30-21e6"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 12bac059-2bb1-442a-80dc-db84bcacf172
accept-ranges: bytes
content-length: 8678
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 asquared-logo.gif
img.virscan.org/images/av/ 3 KB
3 KB 72ms
65ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/asquared-logo.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 1b853b25f36c2542e90584258a6550a1520a04929ae5f8f73e2d6f806db03c09

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 15 Jun 2018 05:12:08 GMT
server: NWS_Oversea_AP
etag: "5b234aa8-aa4"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 88402293-7cb6-47fc-9a9d-3c3cbdacb1c5
accept-ranges: bytes
content-length: 2724
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 est_logo.png
img.virscan.org/images/av/ 6 KB
6 KB 67ms
60ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/est_logo.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 36ce02e2d42e11b8e8eb87d800f8e4f8292c0019196aa0cd2d5f41895a5f64c2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 28 Aug 2018 05:58:34 GMT
server: NWS_Oversea_AP
etag: "5b84e48a-1683"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 37769f0b-f512-49df-a906-efff6abe4a0a
accept-ranges: bytes
content-length: 5763
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 f-prot.gif
img.virscan.org/images/av/ 1 KB
2 KB 69ms
62ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/f-prot.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: b845c10e0779a20df5bca87b451b4894dd674ce02feb886a5a8ccbfb829b5078

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-53a"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: f336c1ff-7cde-4a46-8eac-2a642e316849
accept-ranges: bytes
content-length: 1338
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 f-secure.gif
img.virscan.org/images/av/ 2 KB
2 KB 91ms
83ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/f-secure.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 7e0e89bcb1317cba339b9e9295b77979e1b91c262660a011c696d2e5835bb74d

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-8b6"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 0a5aea87-94fd-4d07-b9c3-3160eb2f60d0
accept-ranges: bytes
content-length: 2230
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 tws.png
img.virscan.org/images/av/ 6 KB
6 KB 81ms
74ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/tws.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c8aca207bce82f8134f59b990fe0e78c520fcee1600b7ce5354d7c562c943731

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 24 Oct 2018 06:17:37 GMT
server: NWS_Oversea_AP
etag: "5bd00e81-16c4"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 13e42567-a89b-433f-8441-f4fdf8b52fdc
accept-ranges: bytes
content-length: 5828
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 fortinet.gif
img.virscan.org/images/av/ 2 KB
2 KB 39ms
31ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/fortinet.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 9dc726ddf7fe638867ab7406cc971813fa8d796471b5bf9ed69ff254320a8ea5

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-6c0"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: ce84138d-7c1f-4303-a882-e7244447ec10
accept-ranges: bytes
content-length: 1728
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 gdata.gif
img.virscan.org/images/av/ 3 KB
4 KB 68ms
61ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/gdata.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 5809c07087b85360849a78ec16692e35b79083acf5253a56bc8a5b9342557fe1

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-d75"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: e0a8ba93-6694-4bc0-99d1-c7eb0e3609a3
accept-ranges: bytes
content-length: 3445
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 GridinSoft.jpeg
img.virscan.org/images/av/ 4 KB
5 KB 57ms
49ms Image
image/jpeg 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/GridinSoft.jpeg
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 07fa45798eb8a273e6f1198f3e09f591095ebc3100551ec0eaa2d424c13eb751

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 05 Feb 2021 03:55:07 GMT
server: NWS_Oversea_AP
etag: "601cc19b-11b8"
content-type: image/jpeg
cache-control: max-age=8640000
x-nws-log-uuid: 83c0351b-4661-4ca5-bd2f-481dd9109b45
accept-ranges: bytes
content-length: 4536
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 hauri.gif
img.virscan.org/images/av/ 1 KB
1 KB 55ms
47ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/hauri.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e67457f25ef64b0022eca6d13848913974e2b123a22c97fbcf2bfdbf738fda7b

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-4c2"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: ea1d700a-0531-4736-9272-320c5c9a520b
accept-ranges: bytes
content-length: 1218
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 ikarus.gif
img.virscan.org/images/av/ 3 KB
3 KB 41ms
34ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/ikarus.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e90cc2b118c936341bbaebaa06f42e63c4e133c30d2be279756c25c9b213a4b0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-cee"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 8360514d-c3d0-4fee-89f3-dc802ae6c290
accept-ranges: bytes
content-length: 3310
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 jiangmin.gif
img.virscan.org/images/av/ 3 KB
3 KB 89ms
82ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/jiangmin.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 0d28d9a4e226f8531086c8369bb5a9037e9ff8bf95c2009925bb9b97939409c1

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-ce0"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 52c56b78-7ea5-4400-9e1e-a7b82c0089f5
accept-ranges: bytes
content-length: 3296
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 kaspersky.gif
img.virscan.org/images/av/ 823 B
1 KB 39ms
33ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/kaspersky.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 26fc80a676bef57ea0f819d737a6d2ee722368cbb4c410b86a0c15cb930419e6

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-337"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 98e42acb-483e-49f7-a19f-785bda520852
accept-ranges: bytes
content-length: 823
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 kingsoft_av.gif
img.virscan.org/images/av/ 3 KB
3 KB 91ms
84ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/kingsoft_av.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: f9419b1ae6a4338181041eaa7d6bf17a935f40c1b9cb738cbea087f1158731c2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-b45"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: b6843260-f210-4172-b73d-cd4a86301427
accept-ranges: bytes
content-length: 2885
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 k7-logo.png
img.virscan.org/images/av/ 2 KB
2 KB 44ms
36ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/k7-logo.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 0202b4868b2b74ef5d75de41c8a92c44fd67cb8ccba682c6f63328e4e53d525a

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Thu, 12 Apr 2018 01:36:42 GMT
server: NWS_Oversea_AP
etag: "5aceb82a-8a8"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 8596a569-94b9-4bbb-a855-f0c752ac75d0
accept-ranges: bytes
content-length: 2216
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 microsoft.gif
img.virscan.org/images/av/ 2 KB
3 KB 80ms
73ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/microsoft.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 84ee80fb8929b1b4557b8d11e42eb1f60116f1c0aeb45c1f452c37e05f5f4483

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-984"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 14c26232-ceac-467b-8f86-0e0f46715a84
accept-ranges: bytes
content-length: 2436
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 nod32.gif
img.virscan.org/images/av/ 3 KB
3 KB 70ms
62ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/nod32.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 02f77b6abdf6065e1c6e235a7551743d52959e0b70bd98c2cebc1f379ef152ca

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-c3f"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 4aed6f50-66cd-4d66-8a99-f4e45f0e13cd
accept-ranges: bytes
content-length: 3135
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 norman.gif
img.virscan.org/images/av/ 3 KB
3 KB 94ms
87ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/norman.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 6de350c30c8d8569aa132a5c3cf41497eaade76c19abf24cd8c2b2c869045599

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-bc3"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: f6c56dc0-e1d3-4c0c-9465-3f6afbaac100
accept-ranges: bytes
content-length: 3011
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 nano_log.gif
img.virscan.org/images/av/ 728 B
991 B 66ms
59ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/nano_log.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 5a19574ed937a1e0d72f124c7fceacc6411266656873821aa92d28047719b1b0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 20 Jul 2018 08:43:43 GMT
server: NWS_Oversea_AP
etag: "5b51a0bf-2d8"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: a903a273-b31f-4c18-a151-a8c68e248d79
accept-ranges: bytes
content-length: 728
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 panda.gif
img.virscan.org/images/av/ 3 KB
3 KB 46ms
39ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/panda.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c5bf8eae1aaf61cc2505ee8a6a0b04818d16ef1499aab2059340a0d42a77e3ea

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-b03"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 9c252098-72ae-4c56-83ad-a972bdf9bebf
accept-ranges: bytes
content-length: 2819
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 pcc.gif
img.virscan.org/images/av/ 3 KB
3 KB 40ms
34ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/pcc.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 811baea76794b886414b4321ff7915400db738bc5ed427613273b932bc9792ba

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-b83"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: aec39abe-0780-4e1d-ac05-1b526f45000d
accept-ranges: bytes
content-length: 2947
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 quickheal.gif
img.virscan.org/images/av/ 3 KB
3 KB 70ms
63ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/quickheal.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 058dfdf18095cd2f32ab6f730a71a1e95f7703a294e16e6c55357ada6006dfbe

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-a24"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: fbca131c-e59b-4d74-a954-f00577b33e2a
accept-ranges: bytes
content-length: 2596
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 rising.gif
img.virscan.org/images/av/ 2 KB
3 KB 68ms
61ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/rising.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 5ea12701c6778ffc88a4423788cf9a18ddfe9bdd88111cd7ac23d4487c4de619

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-9bc"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: a0f009f2-2e99-453f-a6a4-c6ea6c6ab031
accept-ranges: bytes
content-length: 2492
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 sophos.gif
img.virscan.org/images/av/ 949 B
1 KB 39ms
31ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/sophos.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 33501bd5e6b0e948b56a1162fd5c107bca99ddba95d2bcc5ad93a9a93824e3cf

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-3b5"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 1f845c6d-6926-41c1-8f04-8c2a310a14a5
accept-ranges: bytes
content-length: 949
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 sunbelt.gif
img.virscan.org/images/av/ 3 KB
3 KB 84ms
77ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/sunbelt.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 3160498aa54284b7292debb954eeb5f6ad924841ff72e24f51ad5f0ce1a39586

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-acc"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 40320832-e151-4806-9497-737d3c880044
accept-ranges: bytes
content-length: 2764
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 symantec.gif
img.virscan.org/images/av/ 2 KB
2 KB 83ms
75ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/symantec.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: f66dea01b45a6cc6973c961cd931d1251299d363302b6f0f5d2f982da1e262f5

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-892"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 65f1c7cf-abac-46c0-b43e-1ac2269d29b5
accept-ranges: bytes
content-length: 2194
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 sxf.gif
img.virscan.org/images/av/ 3 KB
3 KB 93ms
87ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/sxf.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 0c6a05c290dbc12475e3ff331cda913bc0509153d6cc3d3e7edab42d2c73d026

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 04 May 2018 04:00:14 GMT
server: NWS_Oversea_AP
etag: "5aebdace-a53"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: be6fd0e9-e2c7-49a8-bb37-fcbb6d223d46
accept-ranges: bytes
content-length: 2643
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 systweak-software.png
img.virscan.org/images/av/ 5 KB
5 KB 90ms
83ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/systweak-software.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 7780953db012af1018522ec7a2355bb5a7e61bb789ac6e13a73cea3b8b7b73c2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 17 Jul 2018 02:12:38 GMT
server: NWS_Oversea_AP
etag: "5b4d5096-146d"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 1b027b2f-4166-4c9c-9814-f59efc95d604
accept-ranges: bytes
content-length: 5229
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 tachyon.gif
img.virscan.org/images/av/ 3 KB
3 KB 47ms
40ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/tachyon.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 8c7613c0d57015134f5d245ade496eacd152cd237103829a1d8957fc3e10c827

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-acf"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: edb919a6-7123-4b15-a197-139da0b5a1e1
accept-ranges: bytes
content-length: 2767
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 thehacker.gif
img.virscan.org/images/av/ 4 KB
4 KB 89ms
82ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/thehacker.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c3fe9f54fba66cbf7f08bb7219fce75e8c6c750a8cb547972af2549b0360c8a7

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-e73"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: be386e01-dc3f-4eed-a209-67af4f742305
accept-ranges: bytes
content-length: 3699
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 hunter.png
img.virscan.org/images/av/ 5 KB
6 KB 47ms
39ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/hunter.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 83d5b99925b5fa5c19188ff2fa58d95b1032bdb3147685198bc38116ec284061

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 03 Aug 2018 09:17:34 GMT
server: NWS_Oversea_AP
etag: "5b641dae-15be"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 7d2c899f-08ba-4279-8f94-6460f8c4ea34
accept-ranges: bytes
content-length: 5566
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 vba.gif
img.virscan.org/images/av/ 1 KB
2 KB 91ms
84ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/vba.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 0f63444786561559c82c02f22aabc24c9f953c1163f7786031f50ed416831fdb

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-5b3"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 58ceda85-c732-4aeb-9320-3d4abcca6eee
accept-ranges: bytes
content-length: 1459
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 virusbuster.gif
img.virscan.org/images/av/ 3 KB
3 KB 56ms
48ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/virusbuster.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e4a0eb3f30c01c24c6e2f5b23b55d7b427d21539f2079914b93006e1dc55aa0a

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-b16"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: baafd050-ecaf-48b7-8356-62cf90b73b19
accept-ranges: bytes
content-length: 2838
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 tencent_av.gif
img.virscan.org/images/av/ 2 KB
2 KB 92ms
85ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/tencent_av.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: f4b9fde102dff4c16c9fd51e1875532147fbfb141ab2e842291fff5914c20ec2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 28 Jul 2014 09:53:32 GMT
server: NWS_Oversea_AP
etag: "53d61d9c-859"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: a57b983e-8f3e-48ec-8a8a-36b28ed07278
accept-ranges: bytes
content-length: 2137
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 360_av.gif
img.virscan.org/images/av/ 2 KB
3 KB 57ms
50ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/360_av.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 7317864cd8d51b666d8b8dfb26167de2e37258ba87cc98a6b692d0ff8dad41e2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 28 Jul 2014 09:53:32 GMT
server: NWS_Oversea_AP
etag: "53d61d9c-912"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 044e35b4-b739-403f-aa04-e576b98de29d
accept-ranges: bytes
content-length: 2322
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 xvirus_logo.png
img.virscan.org/images/av/ 5 KB
5 KB 85ms
77ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/xvirus_logo.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 3688213db4519c39699c83db0de7d714b5ce68075dd66de7a4fe663b78c7e64b

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 30 May 2018 01:19:01 GMT
server: NWS_Oversea_AP
etag: "5b0dfc05-121a"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: dfbb7b60-bb82-4925-9751-4515e8d2f267
accept-ranges: bytes
content-length: 4634
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 habo.png
img.virscan.org/images/av/ 4 KB
5 KB 91ms
84ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/habo.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 3d51e3726d7d6a4f2fbba3d8ee65cb8465ec5d15eee9c2500190eac583280593

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 12 Dec 2014 02:39:56 GMT
server: NWS_Oversea_AP
etag: "548a557c-1146"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: cf48cae0-aa48-4abc-b68b-a82c5c699b25
accept-ranges: bytes
content-length: 4422
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 vb.png
img.virscan.org/images/av/ 7 KB
7 KB 94ms
87ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/vb.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e469ba0e0d070666004289babb4429f9445beb0931f88928b5e7106938296752

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 09 Oct 2018 03:49:03 GMT
server: NWS_Oversea_AP
etag: "5bbc252f-1bc0"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 68395827-bcf2-4b1a-b356-91b0989062c7
accept-ranges: bytes
content-length: 7104
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 hybrid.png
img.virscan.org/images/av/ 7 KB
8 KB 73ms
65ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/av/hybrid.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: d8df7811b81fb413e5811e0cea0d712f2d44c4af880fa1d0b5814b7347659195

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 09 Oct 2018 03:49:03 GMT
server: NWS_Oversea_AP
etag: "5bbc252f-1de1"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: e28e1298-ac0c-4e8b-83b8-a7a6878ae96f
accept-ranges: bytes
content-length: 7649
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H/1.1 200
OK virscan.js Show response
data.choujue.net/script/ 13 KB
13 KB 1151ms
418ms Script
application/javascript 121.41.82.234
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.choujue.net/script/virscan.js
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.41.82.234 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 1102fd33e7771e3f7afcf7fa0e890eff148ae65499c4a9a8801d363d07a91863

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:19:43 GMT
Last-Modified: Wed, 11 Nov 2020 03:08:14 GMT
Server: Tengine
ETag: "5fab559e-3314"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13076
Expires: Wed, 12 May 2021 23:19:43 GMT

GET
H2 200 arrow-up.gif
img.virscan.org/images/ 80 B
342 B 32ms
29ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/arrow-up.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 9c5786f2cd3014394243a719b71fdc1bb17f2bdbbe09e0c37eb5f888c4873adc

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-50"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 7eab9e3c-68d6-42d3-9fae-eaa0693a2141
accept-ranges: bytes
content-length: 80
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 arrow-down.gif
img.virscan.org/images/ 82 B
344 B 38ms
37ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/arrow-down.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 25bfe404eac7c0676b215d8ecb1ce24024370a5be8605d2da616fb07d2e1f212

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-52"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 913b531d-684d-4f35-9e88-9520db7e5c6e
accept-ranges: bytes
content-length: 82
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 ZeroClipboard.js Show response
img.virscan.org/js/ 9 KB
3 KB 30ms
29ms Script
application/x-javascript 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/js/ZeroClipboard.js
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 08e7856bfadc8732aa9e8f2a39cd4f7e59b95faa192921694e99b2edfc87d278

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-2430"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8640000
x-nws-log-uuid: 1844ed33-6292-4e11-baac-bdf36bdb0a13
accept-ranges: bytes
content-length: 3185
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 aliyun_r.jpg
img.virscan.org/images/ali/ 55 KB
55 KB 30ms
29ms Image
image/jpeg 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/ali/aliyun_r.jpg
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 815e31a02c1562262ed696283465858c1539f1907d4f6cb82169a5f8e53bab75

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Thu, 27 Sep 2018 09:38:37 GMT
server: NWS_Oversea_AP
etag: "5baca51d-dbea"
content-type: image/jpeg
cache-control: max-age=8640000
x-nws-log-uuid: 8af0742a-f3b5-4ea2-869f-d6b91dc629a0
accept-ranges: bytes
content-length: 56298
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 kuake.gif
img.virscan.org/app/ 9 KB
9 KB 38ms
37ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/app/kuake.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: b5da5354e141bc95976c4e57e5644acf972aec4e3243b7843ffd504113fab6ec

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Tue, 24 Nov 2020 08:21:05 GMT
server: NWS_Oversea_AP
etag: "5fbcc271-232a"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 8c418286-1276-42bf-b0c4-f4fa1147123a
accept-ranges: bytes
content-length: 9002
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 close.png
img.virscan.org/images/ 199 B
462 B 34ms
33ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/close.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 0f07badfd3bb95015ba9eccd4397add7c3506242feaaed2a9bda2072cb658fba

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-c7"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 17791321-5be0-4624-8426-e29454ddf01c
accept-ranges: bytes
content-length: 199
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 leftbuttone.gif
img.virscan.org/images/ 1 KB
2 KB 39ms
38ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/leftbuttone.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 8ece9607f941bbde9ac5c12864fc911f56cb735a632910aafddfc38ffadc5a53

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 03 Dec 2014 09:29:22 GMT
server: NWS_Oversea_AP
etag: "547ed7f2-59c"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: b10061e3-6a8a-451d-83ce-860b885cb5f9
accept-ranges: bytes
content-length: 1436
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 rightbuttone.gif
img.virscan.org/images/ 2 KB
2 KB 34ms
30ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/rightbuttone.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 66aaac3e352276fc36125c02fd7f53f5d171ab4e16f13c1fdf3089fae17b4e16

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 03 Dec 2014 09:45:06 GMT
server: NWS_Oversea_AP
etag: "547edba2-68f"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 1ea11723-4804-475f-80a0-bc81bfef6c36
accept-ranges: bytes
content-length: 1679
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 logoL.png
img.virscan.org/images/ 9 KB
9 KB 34ms
30ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/logoL.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 4a92483595d60abe613f8459f4b133ce5bda1ac956cd0c75c10536fb20e2f815

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Thu, 27 Jun 2019 10:11:51 GMT
server: NWS_Oversea_AP
etag: "5d149667-22e6"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 52e65e8d-704e-4c5c-b2a7-5e2446c65e6e
accept-ranges: bytes
content-length: 8934
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 powered_by_centos.png
img.virscan.org/images/ 1 KB
1 KB 33ms
29ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/powered_by_centos.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: e8ef780d9e8d59156f402d0c3b8959aeef68bdec556a04d16037962d99175e8f

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-4bd"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 9b004c6c-a641-4824-9fc3-aeddbe412992
accept-ranges: bytes
content-length: 1213
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 police.gif
img.virscan.org/images/ 2 KB
2 KB 31ms
29ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/police.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: d086c26d11f2a61284e40af3d72e3f4d1b422dc91a13be10058de5276362ea82

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-702"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 183148f9-714d-42ed-b3e9-c02b8aed2c65
accept-ranges: bytes
content-length: 1794
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 icon-police.png
img.virscan.org/images/ 874 B
1 KB 31ms
29ms Image
image/png 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/icon-police.png
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 285ddc1018867ef77c5df035cc1dbf2309f2380be686b41569a50d3701317650

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Thu, 12 May 2016 03:05:04 GMT
server: NWS_Oversea_AP
etag: "5733f2e0-36a"
content-type: image/png
cache-control: max-age=8640000
x-nws-log-uuid: 8a443c21-75d1-463a-8c4e-b4d7ec8bcb78
accept-ranges: bytes
content-length: 874
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 tools.js Show response
img.virscan.org/js/ 109 KB
32 KB 35ms
26ms Script
application/x-javascript 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/js/tools.js
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c19ad82f499e9944a575db55d9305d985b38a6b76f2e56f17c1133b33f0c91e2

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-1b560"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8640000
x-nws-log-uuid: e107aa40-cba6-4f66-ac30-6bf91fcda191
content-length: 32743
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
img.virscan.org/bootstrap/js/ 91 KB
32 KB 47ms
39ms Script
application/x-javascript 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/js/jquery-1.10.1.min.js
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 70ad3c0cf60b92b5987ea51c7e2098b821b46b5ca1b7f03e6b0df2b575a44610

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-16b87"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8640000
x-nws-log-uuid: 7b366698-d600-486a-b4b2-3a429f15904b
accept-ranges: bytes
content-length: 32841
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bootstrap.min.js Show response
img.virscan.org/bootstrap/js/ 36 KB
10 KB 52ms
44ms Script
application/x-javascript 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/js/bootstrap.min.js
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-90b5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8640000
x-nws-log-uuid: e54be0ec-c00f-409f-8bbc-0291c9bff923
accept-ranges: bytes
content-length: 9832
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bootstrap.min.css
img.virscan.org/bootstrap/css/ 118 KB
20 KB 34ms
33ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/bootstrap.min.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-1d970"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 1a67e0f8-5dcc-4211-8adc-347c7a944281
accept-ranges: bytes
content-length: 19767
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 font-awesome.min.css
img.virscan.org/bootstrap/css/ 22 KB
5 KB 43ms
39ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/font-awesome.min.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-5644"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 6b6043ab-c5c0-410f-9763-810c0478872f
content-length: 4861
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 slider.css
img.virscan.org/bootstrap/css/ 4 KB
1 KB 34ms
29ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/slider.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 7df74ab28135297210c7dd74f47f4e04e9d2f4a0c490894aabc1da31fa8d9db8

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-1045"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 9926ac02-7f8a-47e0-9c3e-18a80680e78f
content-length: 1046
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 toggle-switch.css
img.virscan.org/bootstrap/css/ 8 KB
3 KB 40ms
36ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/toggle-switch.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: ce7716eaf5434046e225ab8ec122c8a6882096544f08ad88e37874d47af6e6c4

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-21c5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 0952c74b-1fe1-42f4-a818-ed36200450e4
content-length: 2287
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bootstrap-wysihtml5-0.0.2.css
img.virscan.org/bootstrap/css/ 985 B
667 B 41ms
37ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/bootstrap-wysihtml5-0.0.2.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: faca91deb48a114e795341ff212fafc54db53ba7049341737c5eedc989766398

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-3d9"
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 863fc4db-bd71-4006-bbf6-2b0988bdfda7
accept-ranges: bytes
content-length: 384
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 theme.default.css
img.virscan.org/bootstrap/css/ 14 KB
4 KB 35ms
31ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/theme.default.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 8cfa889a7e09f8884b6da6b3979b0d296f2eed2bc866a3e7d4d4745c092a9684

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-391e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: cdef145a-4ba2-4b8f-b2eb-aac48431d935
content-length: 3540
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bootstrap-editable.css
img.virscan.org/bootstrap/css/ 14 KB
3 KB 43ms
39ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/bootstrap-editable.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 39a173f2baa8787f4415eb5fd991e63a9288b546cb374d08acc0816e3f22c50d

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-3736"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 32877ca2-3514-4cfc-bacf-19dcf50e7dce
accept-ranges: bytes
content-length: 2729
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 jquery.selectBoxIt.css
img.virscan.org/bootstrap/css/ 7 KB
2 KB 33ms
30ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/jquery.selectBoxIt.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: a94871d658fec7e1787b1b95c68607326d15ddab11312d1ba1c12ed65ce5b27d

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-1a0e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 51e90d23-bec6-4a0a-adca-3957ce15cf09
content-length: 1902
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 colorpicker.css
img.virscan.org/bootstrap/css/ 2 KB
1 KB 41ms
38ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/colorpicker.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 8b51a22eb3cda781adbf31805ba43c9d27cd0e7b371c2fe62393dcfc0bed925c

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-96c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 63edf398-dd2f-4807-a5fa-ad1e4c8856aa
content-length: 792
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 datepicker.css
img.virscan.org/bootstrap/css/ 5 KB
1 KB 33ms
30ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/datepicker.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-1359"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 71fa9836-2ec0-4a73-b571-7d6ff35e5ba3
content-length: 1190
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 jquery.jgrowl.min.css
img.virscan.org/bootstrap/css/ 3 KB
1 KB 40ms
37ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/jquery.jgrowl.min.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 224c67cc7832ab04bba7cecc44e93160799e2d72ec7a22c252920e30bd88ff24

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-d8c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 2675a097-13cc-4df8-9b60-22ec97b35497
content-length: 770
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 bootstrap-tags.css
img.virscan.org/bootstrap/css/ 2 KB
1 KB 39ms
36ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/bootstrap-tags.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 1c83248e926cead9b810bbc2834bea283a57b735618348cb14784be74286d94a

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-6a2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: eab9d37f-53c2-48a8-b7fc-1ba9e3b6c6dc
content-length: 748
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 colorbox.css
img.virscan.org/bootstrap/css/ 5 KB
2 KB 44ms
42ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/colorbox.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c20343e40a266bdafb8be06f988270fa304927381f44b966f57c0c4031a4d5c4

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-1259"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 72d985f2-5f66-4cd0-81f6-e5214b12e69d
content-length: 1675
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 thekamarel.css
img.virscan.org/bootstrap/css/ 92 KB
14 KB 47ms
45ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/thekamarel.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: 34f55e702683c8ede4b22ce80ebd629840ee277284b02545192adb2c17b00779

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: "5fbe0888-1716f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: e2de0aeb-8f9e-4646-9fd8-f50ff216ab3f
accept-ranges: bytes
content-length: 14336
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 thekamarel-responsive.css
img.virscan.org/bootstrap/css/ 11 KB
3 KB 41ms
39ms Stylesheet
text/css 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.virscan.org/bootstrap/css/thekamarel-responsive.css
Requested by: Host: img.virscan.org
URL: https://img.virscan.org/bootstrap/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: c3176bb0c28245dc7f8bfce504d8fd18495d7e701b07adebd8564a86472f4676

Request headers

Referer: https://img.virscan.org/bootstrap/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Wed, 25 Nov 2020 07:32:24 GMT
server: NWS_Oversea_AP
etag: W/"5fbe0888-2a8e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=8640000
x-nws-log-uuid: 16e218b0-381f-4a39-b761-e3605d25ab80
content-length: 2877
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 41 KB
15 KB 993ms
486ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?08e32ec74a8a7982c7171bde829b77af

Requested by

Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

928282a765e19a96edcc86e9541d820e47b20686da5d13b8267d4461a0ac7ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:19:43 GMT
Content-Encoding: gzip
Server: apache
Etag: 20a478636206413732b3a7db8ba0cc37
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14796

GET
H2 200 stylebox.gif
img.virscan.org/images/ 505 B
768 B 40ms
32ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/stylebox.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: ccd9e3e88b911d5a00b54027206b7e7b636e14c983f5ec595a812a45fd969a05

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-1f9"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: d34ab597-04bf-4a19-96da-1e2ce82e368f
accept-ranges: bytes
content-length: 505
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H2 200 styleboxs.gif
img.virscan.org/images/ 272 B
535 B 66ms
58ms Image
image/gif 18.195.231.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.virscan.org/images/styleboxs.gif
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.231.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-231-212.eu-central-1.compute.amazonaws.com
Software: NWS_Oversea_AP /
Resource Hash: b2d3ab6900454625c09313044b368dcf164fd9161a9a5f7f35db5f7f8b50ac6d

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:42 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Mon, 20 Jan 2014 14:30:08 GMT
server: NWS_Oversea_AP
etag: "52dd32f0-110"
content-type: image/gif
cache-control: max-age=8640000
x-nws-log-uuid: 90b5753c-bfef-4c0b-84d2-afe741c60618
accept-ranges: bytes
content-length: 272
expires: Wed, 12 May 2021 11:29:42 GMT

GET
H/1.1 200
OK down_auto.js Show response
data.choujue.net/domains/ 1 KB
2 KB 219ms
219ms Script
application/javascript 121.41.82.234
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.choujue.net/domains/down_auto.js
Requested by: Host: data.choujue.net
URL: https://data.choujue.net/script/virscan.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.41.82.234 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 083424a7f377896fdbfc22cd2d04c0db4cef479f2cd514d2d037f9e958dfc214

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:19:43 GMT
Last-Modified: Fri, 11 Sep 2020 08:14:50 GMT
Server: Tengine
ETag: "5f5b31fa-554"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1364
Expires: Wed, 12 May 2021 23:19:43 GMT

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 105 B
456 B 33ms
9ms Script
application/x-javascript 2600:9000:206f:8a00:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8a00:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 12 May 2021 11:10:18 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc02.lato;EXPIRED from w-sc02.lato
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
age: 568
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: PI6Dj-THPm2sIF39-seTv0m3O5mEelmxquN-anXasyQ3SHYVYnzgKQ==
expires: Wed, 12 May 2021 11:20:15 GMT

GET ab77b6ea7f3fbf79.js
s.ssl.qhres.com/ssl/ 0
0

GET
H2 200 domain Show response
sc.anhuiry.com/ 80 B
405 B 1085ms
258ms XHR
application/json 47.102.38.15
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.anhuiry.com/domain
Requested by: Host: data.choujue.net
URL: https://data.choujue.net/domains/down_auto.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.102.38.15 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 546da401d12ef66d72c9171272e978b083dc7a87c1e302318ad063f6bccb0d8f

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:44 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token, Authorization, Token
content-length: 80

GET
H/1.1 200
OK jquery.min.js Show response
data.choujue.net/script/ 94 KB
94 KB 220ms
220ms Script
application/javascript 121.41.82.234
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.choujue.net/script/jquery.min.js
Requested by: Host: data.choujue.net
URL: https://data.choujue.net/script/virscan.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.41.82.234 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:19:43 GMT
Last-Modified: Thu, 18 Jun 2020 09:22:46 GMT
Server: Tengine
ETag: "5eeb3266-176da"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95962
Expires: Wed, 12 May 2021 23:19:43 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 354ms
354ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=197077545&si=08e32ec74a8a7982c7171bde829b77af&v=1.2.80&lv=1&sn=6764&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&tt=Patch-fpm95.exe%2036%25%20%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BD%D0%BE%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%BD%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%B5%D1%81%D0%BF%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5(18%2F49)%20%D0%BE%D0%B1%D0%BD%D0%B0%D1%80%D1%83%D0%B6%D0%B8%D0%BB%20%D0%B7%D0%BB%D0%BE%D0%B2%D1%80%D0%B5%D0%B4!%20-%20VirSCAN.org%20-%20The%20Multi-Engine%20Virus%20Scanner%20v1.02%2C%20Supports%2047%20AntiVirus%20Engines!

Requested by

Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:19:44 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK xzq.jpg
data.choujue.net/image/virscan/ 4 KB
4 KB 219ms
218ms Image
image/jpeg 121.41.82.234
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.choujue.net/image/virscan/xzq.jpg
Requested by: Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.41.82.234 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: Tengine /
Resource Hash: b215783207421cdade989c2f0f3344d4a9ed6d8664cd14749f2135bb42ca11a4

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 12 May 2021 11:19:44 GMT
Last-Modified: Fri, 16 Oct 2020 03:20:10 GMT
Server: Tengine
ETag: "5f89116a-1003"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4099
Expires: Fri, 11 Jun 2021 11:19:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3172
date: Wed, 12 May 2021 10:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 12 May 2021 12:26:52 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=179207987&t=pageview&_s=1&dl=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&ul=en-us&de=UTF-8&dt=Patch-fpm95.exe%2036%25%20%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BD%D0%BE%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%BD%D0%BE%D0%B5%20%D0%BE%D0%B1%D0%B5%D1%81%D0%BF%D0%B5%D1%87%D0%B5%D0%BD%D0%B8%D0%B5(18%2F49)%20%D0%BE%D0%B1%D0%BD%D0%B0%D1%80%D1%83%D0%B6%D0%B8%D0%BB%20%D0%B7%D0%BB%D0%BE%D0%B2%D1%80%D0%B5%D0%B4!%20-%20VirSCAN.org%20-%20The%20Multi-Engine%20Virus%20Scanner%20v1.02%2C%20Supports%2047%20AntiVirus%20Engines!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=70160685&gjid=1214870413&cid=52058892.1620818385&tid=UA-59666737-1&_gid=284086174.1620818385&_r=1&_slc=1&z=1050976868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r.virscan.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-59666737-1&cid=52058892.1620818385&jid=70160685&gjid=1214870413&_gid=284086174.1620818385&_u=IEBAAEAAAAAAAC~&z=2095950176

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 May 2021 11:19:44 GMT
content-type: text/plain
access-control-allow-origin: https://r.virscan.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: r.virscan.org
URL: https://r.virscan.org/language/ru/report/9b269b68a697ba85216e221e6feaaa97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49908
x-xss-protection: 0
server: cafe
etag: 13815580874420029976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/ 223 KB
82 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5662640855743483&plah=r.virscan.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84099
x-xss-protection: 0
server: cafe
etag: 12011922212658401594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame F137 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210510/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 May 2021 18:01:56 GMT
expires: Tue, 25 May 2021 18:01:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 62270
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
639 B 118ms
56ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=r.virscan.org&callback=_gfp_s_&client=ca-pub-5662640855743483

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5662640855743483&plah=r.virscan.org&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

bac37a2566cadcac630f7a53beccbe6730474d91fd1c5a0da7971db9cd17395d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=r.virscan.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=r.virscan.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 66E6 2 KB
634 B 92ms
90ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1620814994&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&ea=0&flash=0&pra=5&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386306&bpp=3&bdt=4485&idt=71&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6493444984970&frm=20&pv=2&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99275dc683090067a285793af7715888942641a37125f1cff4fc4bbeb47fd885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1620814994&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&ea=0&flash=0&pra=5&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386306&bpp=3&bdt=4485&idt=71&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6493444984970&frm=20&pv=2&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 12 May 2021 11:19:46 GMT
server: cafe
content-length: 611
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-May-2021 11:34:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 11:19:46 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210510&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682a3ea1ad378b8e3cbcf27ab4e9127260f8ed024d49df952cbd7a608f7cde21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7713
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B37 67 KB
23 KB 770ms
769ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd52cc38ae90c17a4827560c3d24aedbde3c7451119065ae7eb78dfbb4fa1472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 12 May 2021 11:19:47 GMT
server: cafe
content-length: 23737
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-May-2021 11:34:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 11:19:47 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0337 116 KB
26 KB 366ms
366ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=7430788333&adk=1236994834&adf=1961880720&pi=t.ma~as.7430788333&w=733&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=733x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386313&bpp=1&bdt=4492&idt=118&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xd2SEXyNax&p=https%3A//r.virscan.org&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aef585ee9c0b630bfef6336b9367e01dc98a320d224f27f8a26b0765bc38bbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=7430788333&adk=1236994834&adf=1961880720&pi=t.ma~as.7430788333&w=733&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=733x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386313&bpp=1&bdt=4492&idt=118&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xd2SEXyNax&p=https%3A//r.virscan.org&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 12 May 2021 11:19:46 GMT
server: cafe
content-length: 26799
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-May-2021 11:34:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 11:19:46 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8B4B 12 KB
5 KB 19ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 12 May 2021 11:08:48 GMT
expires: Thu, 12 May 2022 11:08:48 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 658
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 26ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=r.virscan.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=r.virscan.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A3A 73 KB
24 KB 591ms
591ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8ccfabb912248be7646534a8ea1b0ba74ce1b576b69f104fd2ba05348a7fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://r.virscan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.virscan.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 12 May 2021 11:19:47 GMT
server: cafe
content-length: 24910
x-xss-protection: 0
set-cookie: IDE=AHWqTUkc62x_6a7d699K-e5NTZKnWMxBu3fzinN9_pEhtyN4P1dfU0NGQl3ExHxOdYg; expires=Mon, 06-Jun-2022 11:19:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 11:19:47 GMT
cache-control: private

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B4B 14 KB
6 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Thu, 12 May 2022 10:46:01 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210510&jk=2905162584405387&bg=!qaqlqu7NAAY59bwoOfU7ACkAdvg8WtBcOkEcqcOzDDhxqet4pQS6cVR1oWwv9giD6rPjYuPrJA7WQAIAAAB7UgAAAAtoAQcKAJEKWmPFe9XMB1hMKajdcMAnLmE1vqMCASX9CkZXn_3xDlmBN95mGJArrRROJp5hZ0txLCi1_icmmfBlgw5uNpry2OuT9uV85kFvFO7p4BM4eD_efol7sztv_XnkgbHkdennacEKh6gk-jCSWHGDt9yLwRLWzcdB7B6QRg-TDp--mGSGSLYLE-vAfT-m3ERatDotmQJEmoHZb7fBnvrKhyF_iGR0rzTUnxVvxVr2ChBpB4amJC9BzAxnnep1GjzHBMr8ypz1d5N-vIzv1YtbKfFm3xblVtyDLEDgQzw1qiaiO3euj7ppmBf9V2Dwv1W-iPsruxe69PsExPiZdBKbxmGKm_JCfszL8ty6I9rDkF6QlnpJqEQD0IJhBqQCrNI0Y9jfis4HNPn5BCqr6CdD-iyMA6Vw2WGh7hFiv6h9a0bbdDu5i7edRnPBfa1qkFGVJBzRQCQKoYFohlNudRIwVDv3jztpNS6VGxcIRy0IA5DdEGXXg3O4r2GmUejMpZ-hjuE47ebL2YF_ipsDrqpp_QH-ekWfpRZdlhIV_d4AICsux19tjs0bva36kSAGYqmzfc2eXnOGNvUB4virh0MuuMmothOOSpycvNlPwNDOz9TbdfzYBUAbNz_gmohdOcNi2x5Am7BqNxn8G4M-XFKtH4wJIJoGpra6qUEJwXVpXjVpX-cqR8W_oef160AtRimgMBPg4dbzc4yNmfkO92xmpwY2LDvP51pUzIn3WHNx_gX6MD1pttelYlDGPB2LEgxSNM4YrXZaV-F3D3z5RTOZ6ZXxiPMB3sAL4S_D5UIvRGUTkdDzqj2-4h61rB2hOr9tE11uL_sYte82mSEqlkI5qUS0OWdlzfDgV3YIHSxIZKO3gDcgyXZVovnfwk3JMuTCZ8E2NbgMTTEEhmsr3r5tZm05GvrbHKRVl7O-KKdvhqVqK490J_5zau_BwaOYtYwEBlpaXetXpC6Stg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://r.virscan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0337 2 KB
531 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=7430788333&adk=1236994834&adf=1961880720&pi=t.ma~as.7430788333&w=733&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=733x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386313&bpp=1&bdt=4492&idt=118&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xd2SEXyNax&p=https%3A//r.virscan.org&dtd=122

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 May 2021 10:15:19 GMT
server: ESF
date: Wed, 12 May 2021 11:19:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 0337 1 KB
909 B 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 0337 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:17:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 0337 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0337 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 0337 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:11:09 GMT

GET
H2 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame 0337 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 11:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 07:08:25 GMT
server: sffe
age: 85484
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Mon, 09 Aug 2021 11:35:02 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0337 13 KB
13 KB 42ms
9ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSIJnxaGz-kuB1e8a5TDesB3r4I4aBNfPsuYzw6c4x60znstyc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec1149ace7d29f6689cc18117b5d45a3dcaa2e24d067302d49ab6544a76bd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:08:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 01:17:51 GMT
server: sffe
age: 403863
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13413
x-xss-protection: 0
expires: Sat, 07 May 2022 19:08:43 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0337 8 KB
8 KB 47ms
14ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSdySErIl_VrQBDr7omeofqFrMT9RIapd-1HryZr9vxpOZWraY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c07da19825ad50d371c1f660f83233dbcbb25460216c0bfdeb9964b6400f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:34:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 01:15:26 GMT
server: sffe
age: 9897
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8197
x-xss-protection: 0
expires: Thu, 12 May 2022 08:34:49 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0337 8 KB
8 KB 42ms
10ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRq6V3_l-oxHNhnpMTrs-I2lTbg9U3aYH1HPYfR1TmQ7VGjtPg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b014eea6e291e1cac70d160356b6ba372ba265159dd8d81176a9a6e365c34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 12:18:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 01:39:59 GMT
server: sffe
age: 428501
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8363
x-xss-protection: 0
expires: Sat, 07 May 2022 12:18:05 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0337 41 KB
41 KB 48ms
16ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRJlUIgp-JfIln8YS_RC3mzwsHzH6nlGpnKgmkIpUIs_iTejZ4fnUWoP1rG2w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31644216c96c06b296a16627a14455b349b7fdc76088256c5fbaad6522d2a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:17:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 May 2018 20:49:54 GMT
server: sffe
age: 579747
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41613
x-xss-protection: 0
expires: Thu, 05 May 2022 18:17:19 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0337 11 KB
12 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTru0C0VTAQwkxirmWOhxr9bh_73pYVuSWOs48h_n3oUq5qGp5A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8907dc68cc1568828207e807104482895d5745c45d76cfc4ec9cbda7034439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:51:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 May 2021 01:26:23 GMT
server: sffe
age: 1682
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11426
x-xss-protection: 0
expires: Thu, 12 May 2022 10:51:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0337 39 KB
39 KB 56ms
24ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcShkTAsYzptL6Byi7foIzJxYfur9NCDBfRdWak2xjujo3Fp4LHrcKZGOjPdAw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4e90995fbba9d7c4f5cf9694a9c5be79283f56a7e67e430f93bebef84ba29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 09:22:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 30 May 2020 15:54:51 GMT
server: sffe
age: 439021
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39459
x-xss-protection: 0
expires: Sat, 07 May 2022 09:22:45 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0337 7 KB
8 KB 48ms
17ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQItGrwzAxD0zoOucpNSLdlph2yMI5r77g5XJpYpu8Vc13znZQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75aee40eb99d6ae63e1f5ed9ca88a013daea87bfc4999a2947106e54245b86d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 18:09:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 06 Dec 2020 01:28:34 GMT
server: sffe
age: 407407
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
expires: Sat, 07 May 2022 18:09:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0337 43 KB
43 KB 40ms
9ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS1Gaa4a7RC8u_HryXJ8IFKSOqDiBkWq3llf6rJpXHIpFkw1ELKvZCG8gFRLw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae85d3c01d3b32d4b60743c7ee14f32a5f0d587545864b69ad19a3dec871380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 06:46:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 29 Jul 2018 11:55:24 GMT
server: sffe
age: 448421
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44160
x-xss-protection: 0
expires: Sat, 07 May 2022 06:46:05 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0337 26 KB
26 KB 47ms
15ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQFGrGNZv0ggmhDdPmQ860s0Kaq3WtMreRE5qZyyKQ_b0avUX4VyJ5gG26yXdA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe67d862e2997dcd255204f7027f403e91b573b895d3da6cd20d8ba4f362f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:43:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 May 2018 20:49:55 GMT
server: sffe
age: 2180
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26828
x-xss-protection: 0
expires: Thu, 12 May 2022 10:43:26 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0337 21 KB
22 KB 38ms
10ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTvjWBXI74IGYqsg5nLt9yvMeE7rs2oV7AHaky1wlRhkaoC42qgR2TN6AdAbw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad695571a775da9589eb8c5b3e2fa9e444c84bf5194ff7d2a70e1bbce148c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 22:15:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 22:01:32 GMT
server: sffe
age: 306259
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21982
x-xss-protection: 0
expires: Sun, 08 May 2022 22:15:27 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0337 7 KB
8 KB 36ms
10ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQxXI1C1R6HomUZlGrxFnobv3SJzMlIoB7iLm3sB5bIWDkUzIM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e14e5b60f82173be9de6082bdbf1e276374bca5591ab09cf0c83e64a9ac5c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 12:34:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Jan 2021 01:15:34 GMT
server: sffe
age: 600331
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7409
x-xss-protection: 0
expires: Thu, 05 May 2022 12:34:15 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0337 0
0 37ms
37ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-PkA0rmbYPHVG8uC2fcPqLKw8Az4g7HNYpjVzbKCCabfioTiChABILOQ3B5glQKgAYC6opgDyAEJqQKKM0m691a0PqgDAcgDywSqBNYBT9Dw3CW4U0TOe0XG-58DxMpH-GElvPPqwsIjKYWLRWpkuRDPMdXNr_3gBBW3E_jwUpOMpnfLZCwAyhroNdNYdRW2GD6F7-2A6ujcM0fLIIsBUqm97OfuRr8LzrLFfsTj2Wwal3cmKcSHm34C6O4zWWpVqrDDZqOZHoEAugdjrrmdKU6MRp2_6YDSZhOlpq7vCJaqikbrRRaWyqcEid2ucawYyBEsBJXmRhkm4Tbwquit2j_Tu-xgsQu4wGmeVZxpopHhi8N-5GJmT_IXoJVQFVLquvqv1sAElOzq1YgCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-jF3WeoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELfmBNIICQiA4YAQEAEYH4AKAcgLAdgTDtAVAYAXAbIXGgoYCAASFHB1Yi01NjYyNjQwODU1NzQzNDgz&sigh=xAwEYxtZ8gE&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=7430788333&adk=1236994834&adf=1961880720&pi=t.ma~as.7430788333&w=733&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=733x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386313&bpp=1&bdt=4492&idt=118&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xd2SEXyNax&p=https%3A//r.virscan.org&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 12 May 2021 11:19:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:46 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0337 8 KB
8 KB 36ms
17ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ9yz7J5wuELh8qbeHIQW8ziaCednywrwKIUkP7xqEnCwNRGuY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d89e1065e56773b90b484e4e054acc44381651ebe265ef242afe83e0590b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:51:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 02:10:37 GMT
server: sffe
age: 1682
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8391
x-xss-protection: 0
expires: Thu, 12 May 2022 10:51:44 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0337 39 KB
40 KB 28ms
9ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQwLjsM4z1cE01CUtXUgGIBVkcGlTJQEaEgcw9M41KWq2s3MkM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24dec7fc027ff2382e85657f74483435328454ad7ac9dcd4099b1cd38e8c5eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 08:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 27 Jan 2019 13:10:03 GMT
server: sffe
age: 97040
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40124
x-xss-protection: 0
expires: Wed, 11 May 2022 08:22:26 GMT

GET
DATA 200
OK truncated
/ Frame 0337 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86b8550c7ae2800d19744082f88f97ebcf6f53570bf155161b19cfe4e4c1cc20

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 0337 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 23:13:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 129970
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 10 May 2022 23:13:36 GMT

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 10EC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Thu, 12 May 2022 10:46:01 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9A3A 6 KB
669 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 May 2021 09:40:39 GMT
server: ESF
date: Wed, 12 May 2021 11:19:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 May 2021 11:19:47 GMT

GET
H3-29 200 bgl_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/ Frame 9A3A 4 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/bgl_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716d7275e1e1d9dd0725ef0cb98ffb2953fd7aa5d3048394209062e80a39d956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 17:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2176
x-xss-protection: 0
server: cafe
etag: 14296419091769528085
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 May 2021 17:19:25 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 9A3A 1 KB
909 B 20ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 9A3A 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:17:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 9A3A 2 KB
1 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A3A 116 KB
35 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:47 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 9A3A 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:11:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9A3A 0
0 20ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuKSiNud0hdpa1DaaDZbFAi8XedNgSWwCf6NQ8WTut0G_lUW6fXxMkuyxl8OET_C_C9Uu_9bahmeglVhXvAF_mlimUrQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame 9A3A 25 KB
10 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 07:08:25 GMT
server: sffe
age: 8426
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Tue, 10 Aug 2021 08:59:21 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4908957974114507287/ Frame 9A3A 14 KB
14 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4908957974114507287/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49ebde038050ead1a4db92f945f0a6f5e46b3f15970d874f7b367b1bcb86a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:03:27 GMT
x-content-type-options: nosniff
age: 422180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14482
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 21:55:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 14:03:27 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7365524805176232166/ Frame 9A3A 1 KB
1 KB 36ms
34ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7365524805176232166/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db570b2edb80db4b906ebd3bfb6632da6c8d61c70b07f1cb05b4fbdbd82ecd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:03:07 GMT
x-content-type-options: nosniff
age: 422200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1419
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 21:53:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 14:03:07 GMT

GET
DATA 200
OK truncated
/ Frame 9A3A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A3A 0
0 32ms
31ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_ciS0rmbYL2AIreHzAa3iIv4BYG-67Ni0unO4tINiJT4h7MCEAEgs5DcHmCVAqAB7LHDhgPIAQmpAgft_11TJKo-qAMByAPLBKoE0gFP0MHBv6K0E0457O5vW5Q0WUhvn6BuyJll8mdLB15I4Id15RsuKAonogWkltMfLKGfpZGRL4gEnq0nq7opW5bt_yEfcT4cplO7tBBovfyeIyJoYEjqksDOyzzzW5rOoO5gIjr-wZyT2SkLMdKRXLC2Bkaw-Y-MwU-u4qblL1uwQGkNvUjOO5PtbnGe-Ykq3iv9lJWLd1YR7Kt8SApcFBBmlZKt-b6vGoYaGcSxkat2g_bykJQGUv_taXAkLX4jUONYH85z1R-xAuZxuy9rYp5LejXABKa6rOC1A5IFBAgEGAGSBQQIBRgEoAYugAf9wLmEAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmlAbSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNTY2MjY0MDg1NTc0MzQ4Mw&sigh=ONX2xPS5lkU&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 12 May 2021 11:19:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 115F 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 12 May 2021 03:14:09 GMT
expires: Thu, 13 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 29138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9A3A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e074e95145078eb37752cefdb3299e00957f1369da57414d0294ef80e4c4ef1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7B37 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 May 2021 10:15:08 GMT
server: ESF
date: Wed, 12 May 2021 11:19:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 May 2021 11:19:47 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9A3A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 284184
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 09 May 2022 04:23:23 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9A3A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 503058
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 06 May 2022 15:35:29 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7B37 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 7B37 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 8099588968410230469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:17:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7B37 2 KB
1 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:19:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B37 116 KB
35 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696594685118"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Wed, 12 May 2021 11:19:47 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 7B37 13 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 May 2021 11:11:09 GMT

GET
H3-29 200 a9a8364a2596c42846402f3b38495283.js Show response
www.gstatic.com/mysidia/ Frame 7B37 25 KB
10 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 08:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 07:08:25 GMT
server: sffe
age: 8426
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
expires: Tue, 10 Aug 2021 08:59:21 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B37 0
0 29ms
29ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzXzL0rmbYMvLGvbgzAbE4YWQA-3K5cle-Nivm9sL47KAr5AOEAEgs5DcHmCVAqABpbLA4wPIAQGpAoozSbr3VrQ-qAMByAPLBKoE3AFP0AeD1zjMexbYGmih9CJLrViQwg-QHkPpbpye86XWEFDIoF8Kl24geC1gtAtds8A7azUvLrccCUOP3Hz-vjLEIHKqwcMaZ5wpleCg9qxi0J2_OD6ImOuAZ3V8FgC28uijcokrp4o-kHTmCQSIH9EWo9vNpWxY1FSIHTnJL9JwzZOaq0giYWmxhiMTJlXTuJnGFY2ULrteD1TrNXNNEdpks_D-oipBQXH53Eh-dHPB1107AeWHF9V2euGHxZ-azoe_xi5gtJPonlRuVJe1W7iRduPpL8MZazBM3tkawASGmrWWgQOSBQQIBBgBkgUECAUYBIAHw82_HKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD0hgjSCAkIgOGAEBABGB-ACgHICwHYEw2IFAXQFQGAFwGyFxoKGAgAEhRwdWItNTY2MjY0MDg1NTc0MzQ4Mw&sigh=4dg7XHpmrbc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 12 May 2021 11:19:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE1A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkc62x_6a7d699K-e5NTZKnWMxBu3fzinN9_pEhtyN4P1dfU0NGQl3ExHxOdYg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=3919176945&adk=1603147683&adf=2689116385&pi=t.ma~as.3919176945&w=970&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386309&bpp=1&bdt=4488&idt=106&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=163&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Uifz9z7SEp&p=https%3A//r.virscan.org&dtd=112

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 12 May 2021 10:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1357
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7B37 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31f42c58dcf16d3c385150d10ffe6f864fe7b473c348bfca82b4bb2d135f93b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7B37 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 553665
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 06 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7B37 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 553696
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 06 May 2022 01:31:31 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 115F 35 B
464 B 33ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIc6BMp9oRS9MStG10QvYQk&google_cver=1&google_push=AQvitUJOpc1SsgyqHiCHxupqkr0R_wBWnZlru30hnWvoXOYP4op4ECzkpq8PPURuf_QPxDitJ-xcGdfMCDJJybLEPEhF4wvEmYo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 115F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnh7oQKQr0Vr6gFU7SAoVU&google_cver=1&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY&google_hm=Q0FFU0VLbmg3b1FLUXIwVn...

170 B
188 B

43ms
40ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY&google_hm=Q0FFU0VLbmg3b1FLUXIwVnI2Z0ZVN1NBb1ZV

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 May 2021 11:19:46 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULh9PQSLY2uOHtDsPg1yVZ-irPs010gp5l11o5WVRfYO-TdlJvcrD7l8u2Jxltn956zfTUcCp2Qw1SltvR6V8mHvoUshVY&google_hm=Q0FFU0VLbmg3b1FLUXIwVnI2Z0ZVN1NBb1ZV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 115F
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIYDJwuuAD18vHBbb8QkAAVeCmUyk3m_IbEz9cewngDfHK8IDjaDI9lWxeYemdznfDkZpn8fU5Gx7037kcRuqxYxUCWnfo&google_gid=CAESELn8pLpq05EIXPJMccEo2ts&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNPz7oQGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVJWURKd3V1QUQxOHZIQmJiOFFrQUFWZUNtVXlrM21fSWJFejljZXduZ0RmSEs4SURqYURJOWxXeGVZZW1kem5mRGtacG44ZlU1R3g3MDM3a2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwLXR0UnJwdTN4LUN2N1AxV1MtQ0RUTDd6Yy1XaVRHY2RKUHpkMTlvWTNoRQ==&google_push

170 B
243 B

33ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwLXR0UnJwdTN4LUN2N1AxV1MtQ0RUTDd6Yy1XaVRHY2RKUHpkMTlvWTNoRQ==&google_push

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 May 2021 11:19:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwLXR0UnJwdTN4LUN2N1AxV1MtQ0RUTDd6Yy1XaVRHY2RKUHpkMTlvWTNoRQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 115F
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJuuceppIOEDBnGro9Q7yko&google_cver=1&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI
https://rtb.openx.net/sync/dds?google_gid=CAESEJuuceppIOEDBnGro9Q7yko&google_cver=1&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A==
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A==...

170 B
188 B

37ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A==&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULOekAPsVP8jIYfz1YegBPb7qRqhHUp6ot_DWQ7_OrzSEgkikCmt5zUqTTzyaedn6TMDj2glKE5NzZ7Fg2VgQl_NLgn3CI&google_hm=D51T-j6HxLsLbMxtjtyK9A==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 115F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXa...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 115F 43 B
296 B 98ms
21ms Image
image/gif 2a05:d01c:1d8:8102:6239:a920:2d8:2f61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOlMKatWvfZF-FlOhWrWbe4&google_cver=1&google_push=AQvitUIu3g1bInAbbZ4mLtjo1bQbkqO6kHgUpE1ZEkgowOwVUNtJEo-Ogww68lWQCMefS3rsGDXQ8K4MkvrURafzc5MrFH1y6ak
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&adk=3088186576&adf=1409212968&pi=t.aa~a.3769035704~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620814994&rafmt=1&to=qs&pwprc=4475921873&psa=0&format=1200x280&url=https%3A%2F%2Fr.virscan.org%2Flanguage%2Fru%2Freport%2F9b269b68a697ba85216e221e6feaaa97&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=IltcIlwiLFwiXCIsXCJcIixcIlwiLFwiXCIsW11dIg..&dt=1620818386525&bpp=1&bdt=4704&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C733x280&nras=2&correlator=6493444984970&frm=20&pv=1&ga_vid=52058892.1620818385&ga_sid=1620818386&ga_hid=179207987&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060711&oid=3&pvsid=2905162584405387&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZV0E4qNt0P&p=https%3A//r.virscan.org&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:6239:a920:2d8:2f61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 115F
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJtGKFuALjYNTXikDSDu4YE&google_cver=1&google_push=AQvitUKgU-iWxL7JpsJ69vJ8...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm=
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm=&google_tc=

170 B
188 B

34ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm=&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKgU-iWxL7JpsJ69vJ8Lrk7oQc_-7nWnxtxnkDtbRmn26-KCVEtfKpmOsAEJCSEqw3m9laUZUa5CQIJJLPFhVXM9-T-3KDx&google_hm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 115F 0
236 B 95ms
33ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLZRjawCU4KUnFm8GCaFVH_theVVx4Cw0L2vQYiq8hmUmIquHxHZijPRBm7-oKMb0z2MDuFA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 11:19:47 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame DA53 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Thu, 12 May 2022 10:46:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CE1A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkc62x_6a7d699K-e5NTZKnWMxBu3fzinN9_pEhtyN4P1dfU0NGQl3ExHxOdYg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 May 2021 11:19:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 12-May-2021 12:19:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 May 2021 11:19:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 May 2021 11:19:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame C5AB 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 10:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 2026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Thu, 12 May 2022 10:46:01 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0337 42 B
108 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJg0NeN4tzzS-576JKxI4c93Ph5cihGc6Gg_LenFiCy3wRd3f_XSiIBuQGZdSI0ax3Uk4uVktnM52yHeRAsOT4olqoMc3JU4TWmT_l8KNdyifNn76GqTmKzI4hzg&sai=AMfl-YTTiLXnWn-YQ40ZCYtYe0vtiR-khUYLHy7fDi0TPhAiuZkyeylNnDF3tm5wpPhAt4f1wImDLRnIBRZr&sig=Cg0ArKJSzBoiUKnpZHleEAE&id=lidar2&mcvt=1000&p=727,535,1007,1268&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1236994834&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620818386438&dlt=369&rpt=29&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B37 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEn5rRXt_9F1n0CPGhuIwNwSfTNFowYx7GY8S8K5Xv_-Vv2Nten5yaJnpA-i_0oJUhUqm0BMhmbt_HHhMKii8jlYE4wo9ll7xM2cWuvS2mnsdMX9uGEtxG_SHuqA&sai=AMfl-YSSKmk-5gdJvyLkwkH3SYteYyvh1LVYGZd_v0JKz8HSSG2owmrZOh7gzRgaIh4uBWI-DcwB6hW9_X7T&sig=Cg0ArKJSzJVYHAtIdW0pEAE&id=lidar2&mcvt=1000&p=163,315,443,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1603147683&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1620818386424&dlt=780&rpt=37&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 May 2021 11:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.ssl.qhres.com
URL: https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJu5009oyQl-viH-OKHMDwAABL0AAAAB&google_cver=1&google_push=AQvitULb2ZeO42ou0QYOktyQSpVDmjNV3Ot_wBQJVbikxCNEURHZ2QkWuLfhzhE4fZodkQiLqVXacT8KjrdzT8LKMRB_D5Cm8h0&google_gid=CAESEKjINnj-p4KBYZsNY2xahmA&google_tc=

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.virscan.org/	1969-12-31 23:59:59	Name: Hm_lpvt_08e32ec74a8a7982c7171bde829b77af Value: 1620818384
			.virscan.org/	1970-01-20 02:59:14	Name: Hm_lvt_08e32ec74a8a7982c7171bde829b77af Value: 1620818384

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
data.choujue.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hm.baidu.com
id.rlcdn.com
img.virscan.org
jspassport.ssl.qhimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.virscan.org
rtb.openx.net
s.ssl.qhres.com
sc.anhuiry.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
s.ssl.qhres.com
103.235.46.191
121.41.82.234
172.217.23.98
18.195.231.212
18.196.98.222
216.58.212.162
217.182.200.20
2600:9000:206f:8a00:0:e2b1:a380:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9b
2a05:d01c:1d8:8102:6239:a920:2d8:2f61
35.227.252.103
35.244.174.68
47.102.38.15
0202b4868b2b74ef5d75de41c8a92c44fd67cb8ccba682c6f63328e4e53d525a
028a86edc87123d64d64fa813f57de5a290fd2b17b16098c2b3162b42792cb77
02f77b6abdf6065e1c6e235a7551743d52959e0b70bd98c2cebc1f379ef152ca
03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822
03c0aec1a588e0890db7890499c09493616621224d659e82f53e8b41761f031b
040b0b798e8aa5407fd10f6cf5f5722079b8a7633aa1b8959087bb0e4de4826d
058dfdf18095cd2f32ab6f730a71a1e95f7703a294e16e6c55357ada6006dfbe
07fa45798eb8a273e6f1198f3e09f591095ebc3100551ec0eaa2d424c13eb751
083424a7f377896fdbfc22cd2d04c0db4cef479f2cd514d2d037f9e958dfc214
08e7856bfadc8732aa9e8f2a39cd4f7e59b95faa192921694e99b2edfc87d278
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6a05c290dbc12475e3ff331cda913bc0509153d6cc3d3e7edab42d2c73d026
0d28d9a4e226f8531086c8369bb5a9037e9ff8bf95c2009925bb9b97939409c1
0e14e5b60f82173be9de6082bdbf1e276374bca5591ab09cf0c83e64a9ac5c0b
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f07badfd3bb95015ba9eccd4397add7c3506242feaaed2a9bda2072cb658fba
0f63444786561559c82c02f22aabc24c9f953c1163f7786031f50ed416831fdb
1102fd33e7771e3f7afcf7fa0e890eff148ae65499c4a9a8801d363d07a91863
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195f7dba3742591dacdbebc083e5458a0f96ae2078aa33ab6027a1a7783a29c3
1b853b25f36c2542e90584258a6550a1520a04929ae5f8f73e2d6f806db03c09
1c83248e926cead9b810bbc2834bea283a57b735618348cb14784be74286d94a
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
224c67cc7832ab04bba7cecc44e93160799e2d72ec7a22c252920e30bd88ff24
24dec7fc027ff2382e85657f74483435328454ad7ac9dcd4099b1cd38e8c5eb4
25bfe404eac7c0676b215d8ecb1ce24024370a5be8605d2da616fb07d2e1f212
26fc80a676bef57ea0f819d737a6d2ee722368cbb4c410b86a0c15cb930419e6
285ddc1018867ef77c5df035cc1dbf2309f2380be686b41569a50d3701317650
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d5e6d52173e24e92f8f1ae9ff1a5528c6c5b4e12ca1b775818a3e54c52ba6e8
3160498aa54284b7292debb954eeb5f6ad924841ff72e24f51ad5f0ce1a39586
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
33501bd5e6b0e948b56a1162fd5c107bca99ddba95d2bcc5ad93a9a93824e3cf
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34a758c1ef669444804a941d5ca3539ca035127f6701bb27f1bd6063f4bea5f6
34f55e702683c8ede4b22ce80ebd629840ee277284b02545192adb2c17b00779
3688213db4519c39699c83db0de7d714b5ce68075dd66de7a4fe663b78c7e64b
36ce02e2d42e11b8e8eb87d800f8e4f8292c0019196aa0cd2d5f41895a5f64c2
39a173f2baa8787f4415eb5fd991e63a9288b546cb374d08acc0816e3f22c50d
3ae85d3c01d3b32d4b60743c7ee14f32a5f0d587545864b69ad19a3dec871380
3d51e3726d7d6a4f2fbba3d8ee65cb8465ec5d15eee9c2500190eac583280593
3db570b2edb80db4b906ebd3bfb6632da6c8d61c70b07f1cb05b4fbdbd82ecd1
3e074e95145078eb37752cefdb3299e00957f1369da57414d0294ef80e4c4ef1
40a66127d84eda5766c00542fce2986283d401a60b197ebf0c49128b75347425
40f622b837062c49657a3ae4a387f37fa6d9c044598e67169ab6c3c0f8442fe1
42944426153985a9f460fc92b40516ab3386ff1754afb58cb8f1aadb1936917e
4568a10362069382ac9a64529c3525aa738dde0ad4c157193be3ce3ca525aee1
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a0592f5f393410ad2e2c185a120290e284210910a944072fed0379e9def2ca1
4a92483595d60abe613f8459f4b133ce5bda1ac956cd0c75c10536fb20e2f815
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4c2c0e0cb20b02fb9b83b7a6f51ab5037a3abecfd248578b1b86f8c84e9616b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
5276076ca1f97edc1e435558b6b86db79292e5c73bd4ba9d1cd4fd02998cbb3a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
546da401d12ef66d72c9171272e978b083dc7a87c1e302318ad063f6bccb0d8f
5809c07087b85360849a78ec16692e35b79083acf5253a56bc8a5b9342557fe1
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a19574ed937a1e0d72f124c7fceacc6411266656873821aa92d28047719b1b0
5ea12701c6778ffc88a4423788cf9a18ddfe9bdd88111cd7ac23d4487c4de619
5f8907dc68cc1568828207e807104482895d5745c45d76cfc4ec9cbda7034439
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
65f410d2f4342e5bf98067b6116e97776863a9c9b2b64f8b5a529a72d216b6b3
66aaac3e352276fc36125c02fd7f53f5d171ab4e16f13c1fdf3089fae17b4e16
682a3ea1ad378b8e3cbcf27ab4e9127260f8ed024d49df952cbd7a608f7cde21
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6c9bd38a258df401ea2038ce043f284ee46a55328030e2e8456e8687122086b3
6de350c30c8d8569aa132a5c3cf41497eaade76c19abf24cd8c2b2c869045599
70ad3c0cf60b92b5987ea51c7e2098b821b46b5ca1b7f03e6b0df2b575a44610
716d7275e1e1d9dd0725ef0cb98ffb2953fd7aa5d3048394209062e80a39d956
7317864cd8d51b666d8b8dfb26167de2e37258ba87cc98a6b692d0ff8dad41e2
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
75aee40eb99d6ae63e1f5ed9ca88a013daea87bfc4999a2947106e54245b86d0
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
7780953db012af1018522ec7a2355bb5a7e61bb789ac6e13a73cea3b8b7b73c2
7d89e1065e56773b90b484e4e054acc44381651ebe265ef242afe83e0590b929
7df74ab28135297210c7dd74f47f4e04e9d2f4a0c490894aabc1da31fa8d9db8
7e0e89bcb1317cba339b9e9295b77979e1b91c262660a011c696d2e5835bb74d
7ec1149ace7d29f6689cc18117b5d45a3dcaa2e24d067302d49ab6544a76bd2b
80c07da19825ad50d371c1f660f83233dbcbb25460216c0bfdeb9964b6400f0e
811baea76794b886414b4321ff7915400db738bc5ed427613273b932bc9792ba
815e31a02c1562262ed696283465858c1539f1907d4f6cb82169a5f8e53bab75
83d5b99925b5fa5c19188ff2fa58d95b1032bdb3147685198bc38116ec284061
84ee80fb8929b1b4557b8d11e42eb1f60116f1c0aeb45c1f452c37e05f5f4483
86b8550c7ae2800d19744082f88f97ebcf6f53570bf155161b19cfe4e4c1cc20
8b51a22eb3cda781adbf31805ba43c9d27cd0e7b371c2fe62393dcfc0bed925c
8c7613c0d57015134f5d245ade496eacd152cd237103829a1d8957fc3e10c827
8c7f80dd92bec308109382eb69619c1351384961d040ac3427895cd89d29af9b
8cfa889a7e09f8884b6da6b3979b0d296f2eed2bc866a3e7d4d4745c092a9684
8ece9607f941bbde9ac5c12864fc911f56cb735a632910aafddfc38ffadc5a53
928282a765e19a96edcc86e9541d820e47b20686da5d13b8267d4461a0ac7ea6
99275dc683090067a285793af7715888942641a37125f1cff4fc4bbeb47fd885
9a8ccfabb912248be7646534a8ea1b0ba74ce1b576b69f104fd2ba05348a7fea
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad695571a775da9589eb8c5b3e2fa9e444c84bf5194ff7d2a70e1bbce148c22
9c5786f2cd3014394243a719b71fdc1bb17f2bdbbe09e0c37eb5f888c4873adc
9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841
9dab7845d7a1be91e0146aead00724ffe900629b68e2f13da430c8dbcc217741
9dc726ddf7fe638867ab7406cc971813fa8d796471b5bf9ed69ff254320a8ea5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a5ff91e781a8ef162e85819a0093a2c798a017300ddfc85b8273f68178c8ce2f
a94871d658fec7e1787b1b95c68607326d15ddab11312d1ba1c12ed65ce5b27d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef585ee9c0b630bfef6336b9367e01dc98a320d224f27f8a26b0765bc38bbb9
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b215783207421cdade989c2f0f3344d4a9ed6d8664cd14749f2135bb42ca11a4
b2d3ab6900454625c09313044b368dcf164fd9161a9a5f7f35db5f7f8b50ac6d
b31644216c96c06b296a16627a14455b349b7fdc76088256c5fbaad6522d2a15
b36bbc1f0d6c8199e51487edbe590a0852c296ad4ea7ea56f958fdeba3e2feae
b5da5354e141bc95976c4e57e5644acf972aec4e3243b7843ffd504113fab6ec
b845c10e0779a20df5bca87b451b4894dd674ce02feb886a5a8ccbfb829b5078
bac37a2566cadcac630f7a53beccbe6730474d91fd1c5a0da7971db9cd17395d
c19ad82f499e9944a575db55d9305d985b38a6b76f2e56f17c1133b33f0c91e2
c1b014eea6e291e1cac70d160356b6ba372ba265159dd8d81176a9a6e365c34b
c20343e40a266bdafb8be06f988270fa304927381f44b966f57c0c4031a4d5c4
c3176bb0c28245dc7f8bfce504d8fd18495d7e701b07adebd8564a86472f4676
c3fe9f54fba66cbf7f08bb7219fce75e8c6c750a8cb547972af2549b0360c8a7
c5bf8eae1aaf61cc2505ee8a6a0b04818d16ef1499aab2059340a0d42a77e3ea
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8aca207bce82f8134f59b990fe0e78c520fcee1600b7ce5354d7c562c943731
ccd9e3e88b911d5a00b54027206b7e7b636e14c983f5ec595a812a45fd969a05
cd52cc38ae90c17a4827560c3d24aedbde3c7451119065ae7eb78dfbb4fa1472
ce7716eaf5434046e225ab8ec122c8a6882096544f08ad88e37874d47af6e6c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d086c26d11f2a61284e40af3d72e3f4d1b422dc91a13be10058de5276362ea82
d31f42c58dcf16d3c385150d10ffe6f864fe7b473c348bfca82b4bb2d135f93b
d8df7811b81fb413e5811e0cea0d712f2d44c4af880fa1d0b5814b7347659195
de961a24207e69cc862cf153eb92d9e141d65148e18c2d076545b61b10af20f3
df4e90995fbba9d7c4f5cf9694a9c5be79283f56a7e67e430f93bebef84ba29a
dfe67d862e2997dcd255204f7027f403e91b573b895d3da6cd20d8ba4f362f3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e469ba0e0d070666004289babb4429f9445beb0931f88928b5e7106938296752
e49ebde038050ead1a4db92f945f0a6f5e46b3f15970d874f7b367b1bcb86a8c
e4a0eb3f30c01c24c6e2f5b23b55d7b427d21539f2079914b93006e1dc55aa0a
e66701a088ca436567831f670bd5d3da6cbadad69df630b3e302bcfabe59eff6
e67457f25ef64b0022eca6d13848913974e2b123a22c97fbcf2bfdbf738fda7b
e6ee155a60c9ac6fc00dc4bcfdfd873c4782ad298ba5cd09f10faa7bfd0e61b9
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8ef780d9e8d59156f402d0c3b8959aeef68bdec556a04d16037962d99175e8f
e90cc2b118c936341bbaebaa06f42e63c4e133c30d2be279756c25c9b213a4b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05c01c1900cb0d1e7b211eaadc0a635559f6ae8ca15a1ffffaa9aa7ac0220a8
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4b9fde102dff4c16c9fd51e1875532147fbfb141ab2e842291fff5914c20ec2
f66dea01b45a6cc6973c961cd931d1251299d363302b6f0f5d2f982da1e262f5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9419b1ae6a4338181041eaa7d6bf17a935f40c1b9cb738cbea087f1158731c2
faca91deb48a114e795341ff212fafc54db53ba7049341737c5eedc989766398
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc8ea0fd0e6d1ef6d67751c5e8651a71ef4ad0862c527670b13edc0863f4e3e2

r.virscan.org Open in urlscan Pro 18.195.231.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

186 Requests

99 %HTTPS

68 %IPv6

21 Domains

31 Subdomains

28 IPs

7 Countries

1451 kBTransfer

2934 kBSize

2 Cookies

125 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

r.virscan.org Open in urlscan Pro
18.195.231.212 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

99 %
HTTPS

68 %
IPv6

21
Domains

31
Subdomains

28
IPs

7
Countries

1451 kB
Transfer

2934 kB
Size

2
Cookies

186 HTTP transactions
4 data transactions