urlscan.io logo urlscan.io
SecurityTrails logo

v.virscan.org Open in urlscan Pro
119.188.250.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Submission: On July 21 via manual from CO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 102 HTTP transactions. The main IP is 119.188.250.140, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is v.virscan.org.
TLS certificate: Issued by RapidSSL RSA CA 2018 on November 9th 2019. Valid for: 2 years.
This is the only time v.virscan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 119.188.250.140 4837 (CHINA169-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 119.188.176.48 4837 (CHINA169-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 103.235.46.39 55967 (BAIDU Bei...)
1 171.8.167.90 137687 (CHINATELE...)
102 12
23    119.188.250.140 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
v.virscan.org
10    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    119.188.176.48 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
zz.bdstatic.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2057:e600:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)
jspassport.ssl.qhimg.com
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2600:9000:214f:3a00:11:1b7a:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ssl.qhres.com
1    103.235.46.39 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
1    171.8.167.90 (China)

ASN137687 (CHINATELECOM-HENAN-LUOYANG-IDC Luoyang, Henan Province, P.R.China., CN)
s.360.cn
Domain Requested by
23 v.virscan.org v.virscan.org
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com 1 redirects v.virscan.org
2 hm.baidu.com v.virscan.org
2 pagead2.googlesyndication.com v.virscan.org
pagead2.googlesyndication.com
1 s.360.cn v.virscan.org
1 sp0.baidu.com v.virscan.org
1 s.ssl.qhres.com jspassport.ssl.qhimg.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 jspassport.ssl.qhimg.com v.virscan.org
1 stats.g.doubleclick.net v.virscan.org
1 zz.bdstatic.com v.virscan.org
0 img.virscan.org Failed v.virscan.org
www.google-analytics.com
102 15
Subject Issuer Validity Valid
*.virscan.org
RapidSSL RSA CA 2018		 2019-11-09 -
2021-11-08		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-04-02 -
2021-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.ssl.qhimg.com
WoTrus OV SSL CA		 2020-02-11 -
2022-05-11		 2 years crt.sh
*.google.de
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.ssl.qhres.com
WoTrus OV SSL CA		 2020-02-11 -
2022-05-11		 2 years crt.sh
*.s.360.cn
WoSign OV SSL CA		 2019-10-25 -
2022-01-25		 2 years crt.sh

This page contains 8 frames:

Primary Page: https://v.virscan.org/Trojan.DOMG.yjxq.html
Frame ID: 2DF6A436BC8ABBD7689612B44694A217
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200716/r20190131/zrt_lookup.html
Frame ID: AED27E43E9F9ECAAF08C81C561B55C70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=4809798730&adk=3866135030&adf=2689116385&w=970&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=970x280&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1595357020792&bpp=18&bdt=3371&idt=64&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1169710074679&frm=20&pv=2&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=101100200&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FXzeezyh7u&p=https%3A//v.virscan.org&dtd=87
Frame ID: 322C7D6B83CE4A30A46064D0B0C5CA31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=1022897352&adf=1256174734&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&dt=1595357020814&bpp=2&bdt=3393&idt=76&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rxrFc8TRtj&p=https%3A//v.virscan.org&dtd=82
Frame ID: 8F4EB2F433C1420B2FDD82761DCFAA0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=447480644&adf=548056360&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&dt=1595357020817&bpp=1&bdt=3396&idt=81&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kS2xVbLPqK&p=https%3A//v.virscan.org&dtd=85
Frame ID: DD292E940129A1A07093224EDB3E7478
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=3599807995&adf=4251758550&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&adsid=NT&dt=1595357020817&bpp=1&bdt=3396&idt=90&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=538&ady=1508&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U0WEWxE8RS&p=https%3A//v.virscan.org&dtd=92
Frame ID: 75CD2D4994A1166DFA11D19CAC23CD1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=623822340&adf=1186416459&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&adsid=NT&dt=1595357020827&bpp=1&bdt=3406&idt=85&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=M8QGe62ikN&p=https%3A//v.virscan.org&dtd=88
Frame ID: BFCAC9B374A3029D8B525DE854987195
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1595354577&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1595357030745&bpp=1&bdt=13323&idt=1&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90%2C0x90&nras=1&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=653282418895&dssz=33&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=6
Frame ID: D4D5EB862DE66E98386F20845F18FD54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

102
Requests

43 %
HTTPS

55 %
IPv6

12
Domains

15
Subdomains

12
IPs

5
Countries

329 kB
Transfer

1049 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2132444102&t=pageview&_s=1&dl=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&ul=en-us&de=UTF-8&dt=Trojan.DOMG.yjxq%20-%20VirSCAN.org%20-%20Free%20Multi-Engine%20Online%20Virus%20Scanner%20v1.02%2C%20Supports%2047%20AntiVirus%20Engines!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=876949150&gjid=1513756450&cid=369672238.1595357021&tid=UA-59666737-1&_gid=175815965.1595357021&_r=1&z=254881677 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59666737-1&cid=369672238.1595357021&jid=876949150&_gid=175815965.1595357021&gjid=1513756450&_v=j83&z=254881677

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set Trojan.DOMG.yjxq.html
v.virscan.org/ 		92 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
8f63c491931f60f38412e7dedcbccdff775a3d733ff8892d0747dd983e0ac941

Request headers

Host
v.virscan.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 18:39:27 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Set-Cookie
lang=en; expires=Fri, 19-Jul-2030 18:02:57 GMT; Max-Age=315360000; path=/; domain=.virscan.org
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 21 Jul 2020 18:02:57GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip
X-Cache
MISS from L网域枣庄云
Transfer-Encoding
chunked
index1.css
v.virscan.org/static/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/static/css/index1.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
46d267de56b5f276695d1c35c2a7866a3db4d679d140cf38fde834ff29ead956

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Dec 2019 08:11:00 GMT
ETag
W/"5dfb3094-2901"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
2592
style.css
v.virscan.org/bootstrap/css/ 		999 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/style.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
5d72aea4ea5382c6e2325807458f5adbb4e695f8b37a895aa6d466956499197c

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
Accept-Ranges
bytes
ETag
"5e211f49-3e7"
Content-Length
999
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
styles.css
v.virscan.org/bootstrap/css/ 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/styles.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
058818990d972762db4356b005339019df71698094f95e0cbbed412bcb7eeaa1

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-564"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
344
bootstrap-responsive.min.css
v.virscan.org/bootstrap/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/bootstrap-responsive.min.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
028a86edc87123d64d64fa813f57de5a290fd2b17b16098c2b3162b42792cb77

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-41d1"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
4496
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11037886dcca7f8822aa69fe62a5718cbd1b8577057948bb8647fc06164a0b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 18:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42342
x-xss-protection
0
server
cafe
etag
14020070618890364554
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Jul 2020 18:43:40 GMT
analytic.js
v.virscan.org/static/js/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/static/js/analytic.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Last-Modified
Mon, 17 Dec 2018 02:18:03 GMT
Accept-Ranges
bytes
ETag
"5c17075b-0"
Content-Length
0
X-Cache
HIT from L网域枣庄云
Content-Type
application/x-javascript
tools.js
img.virscan.org/js/ 		0
0
jquery-1.10.1.min.js
v.virscan.org/bootstrap/js/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/js/jquery-1.10.1.min.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
70ad3c0cf60b92b5987ea51c7e2098b821b46b5ca1b7f03e6b0df2b575a44610

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-16b87"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
application/x-javascript
Content-Length
36873
bootstrap.min.js
v.virscan.org/bootstrap/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/js/bootstrap.min.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-90b5"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
application/x-javascript
Content-Length
11375
bootstrap.min.css
v.virscan.org/bootstrap/css/ 		118 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/bootstrap.min.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1d970"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
23906
font-awesome.min.css
v.virscan.org/bootstrap/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/font-awesome.min.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-5644"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
4861
slider.css
v.virscan.org/bootstrap/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/slider.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
7df74ab28135297210c7dd74f47f4e04e9d2f4a0c490894aabc1da31fa8d9db8

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1045"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
1046
toggle-switch.css
v.virscan.org/bootstrap/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/toggle-switch.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
ce7716eaf5434046e225ab8ec122c8a6882096544f08ad88e37874d47af6e6c4

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-21c5"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
2287
bootstrap-wysihtml5-0.0.2.css
v.virscan.org/bootstrap/css/ 		985 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/bootstrap-wysihtml5-0.0.2.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
faca91deb48a114e795341ff212fafc54db53ba7049341737c5eedc989766398

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:03 GMT
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
Accept-Ranges
bytes
ETag
"5e211f49-3d9"
Content-Length
985
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
theme.default.css
v.virscan.org/bootstrap/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/theme.default.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
8cfa889a7e09f8884b6da6b3979b0d296f2eed2bc866a3e7d4d4745c092a9684

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-391e"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
3540
bootstrap-editable.css
v.virscan.org/bootstrap/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/bootstrap-editable.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
39a173f2baa8787f4415eb5fd991e63a9288b546cb374d08acc0816e3f22c50d

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-3736"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
3097
jquery.selectBoxIt.css
v.virscan.org/bootstrap/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/jquery.selectBoxIt.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
a94871d658fec7e1787b1b95c68607326d15ddab11312d1ba1c12ed65ce5b27d

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1a0e"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
1902
colorpicker.css
v.virscan.org/bootstrap/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/colorpicker.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
8b51a22eb3cda781adbf31805ba43c9d27cd0e7b371c2fe62393dcfc0bed925c

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-96c"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
792
datepicker.css
v.virscan.org/bootstrap/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/datepicker.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1359"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
1190
jquery.jgrowl.min.css
v.virscan.org/bootstrap/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/jquery.jgrowl.min.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
224c67cc7832ab04bba7cecc44e93160799e2d72ec7a22c252920e30bd88ff24

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-d8c"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
770
bootstrap-tags.css
v.virscan.org/bootstrap/css/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/bootstrap-tags.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
1c83248e926cead9b810bbc2834bea283a57b735618348cb14784be74286d94a

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-6a2"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
748
colorbox.css
v.virscan.org/bootstrap/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/colorbox.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
c20343e40a266bdafb8be06f988270fa304927381f44b966f57c0c4031a4d5c4

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1259"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
1675
thekamarel.css
v.virscan.org/bootstrap/css/ 		92 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/thekamarel.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
34f55e702683c8ede4b22ce80ebd629840ee277284b02545192adb2c17b00779

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-1716f"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
17976
thekamarel-responsive.css
v.virscan.org/bootstrap/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.virscan.org/bootstrap/css/thekamarel-responsive.css
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.188.250.140 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
c3176bb0c28245dc7f8bfce504d8fd18495d7e701b07adebd8564a86472f4676

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 01:18:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Jan 2020 02:43:21 GMT
ETag
W/"5e211f49-2a8e"
Vary
Accept-Encoding
X-Cache
HIT from L网域枣庄云
Content-Type
text/css
Content-Length
2877
hm.js
hm.baidu.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?08e32ec74a8a7982c7171bde829b77af
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
8b9aaa9648f6f9f9bac68a5eae64abc3653ab972f79eab41bdc8c61c527b8896
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 18:43:41 GMT
Content-Encoding
gzip
Server
apache
Etag
22aa7114b461fa38e59b20b3fd5dad09
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13827
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
598
date
Tue, 21 Jul 2020 18:33:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 21 Jul 2020 20:33:42 GMT
push.js
zz.bdstatic.com/linksubmit/ 		308 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.188.176.48 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 18:43:42 GMT
ohc-cache-hit
jn2un112 [4]
ohc-response-time
1 0 17 36 193 193
last-modified
Thu, 03 Jan 2019 07:01:54 GMT
server
JSP3/2.0.14
etag
"384b81a-134-57e88566a1c80"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-encoding
gzip
content-length
254
stylebox.gif
img.virscan.org/images/ 		0
0
styleboxs.gif
img.virscan.org/images/ 		0
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2132444102&t=pageview&_s=1&dl=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&ul=en-us&de=UTF-8&dt=Trojan.DOMG.yjxq%20-%20VirSCAN.org%20-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59666737-1&cid=369672238.1595357021&jid=876949150&_gid=175815965.1595357021&gjid=1513756450&_v=j83&z=254881677
35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59666737-1&cid=369672238.1595357021&jid=876949150&_gid=175815965.1595357021&gjid=1513756450&_v=j83&z=254881677
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 21 Jul 2020 18:43:40 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Jul 2020 18:43:40 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59666737-1&cid=369672238.1595357021&jid=876949150&_gid=175815965.1595357021&gjid=1513756450&_v=j83&z=254881677
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32c35817509391ab7a808348f2b2bd84ae33cc2cff030f1de647c17cac724630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 18:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84709
x-xss-protection
0
server
cafe
etag
6642744543780991460
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jul 2020 18:43:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200716/r20190131/ Frame AED2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200716/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200716/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 21 Jul 2020 12:40:44 GMT
expires
Tue, 04 Aug 2020 12:40:44 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
21776
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
11.0.1.js
jspassport.ssl.qhimg.com/ 		105 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:e600:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 21 Jul 2020 18:37:35 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;MISS from w-sc02.lato
last-modified
Tue, 01 Aug 2017 05:52:02 GMT
age
368
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
_AbWFh-QFLMv97AQYhHdm3iY23gj2eb0kCPYbUAO3Sn4MHu8oYKVtw==
expires
Tue, 21 Jul 2020 18:47:33 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=v.virscan.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 18:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.virscan.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Jul 2020 18:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 322C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=4809798730&adk=3866135030&adf=2689116385&w=970&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=970x280&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1595357020792&bpp=18&bdt=3371&idt=64&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1169710074679&frm=20&pv=2&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=101100200&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FXzeezyh7u&p=https%3A//v.virscan.org&dtd=87
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&h=280&slotname=4809798730&adk=3866135030&adf=2689116385&w=970&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=970x280&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1595357020792&bpp=18&bdt=3371&idt=64&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1169710074679&frm=20&pv=2&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=101100200&dssz=24&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FXzeezyh7u&p=https%3A//v.virscan.org&dtd=87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:41 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:41 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9647158f17a3e482e4a64041911cf731dd19fac2630f5bd5c0338d12e7462d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 21 Jul 2020 18:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1595244815033837"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
expires
Tue, 21 Jul 2020 18:43:40 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8F4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=1022897352&adf=1256174734&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&dt=1595357020814&bpp=2&bdt=3393&idt=76&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rxrFc8TRtj&p=https%3A//v.virscan.org&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=1022897352&adf=1256174734&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&dt=1595357020814&bpp=2&bdt=3393&idt=76&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rxrFc8TRtj&p=https%3A//v.virscan.org&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:41 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DD29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=447480644&adf=548056360&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&dt=1595357020817&bpp=1&bdt=3396&idt=81&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kS2xVbLPqK&p=https%3A//v.virscan.org&dtd=85
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=7597248463&adk=447480644&adf=548056360&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&dt=1595357020817&bpp=1&bdt=3396&idt=81&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=535&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kS2xVbLPqK&p=https%3A//v.virscan.org&dtd=85
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:41 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 75CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=3599807995&adf=4251758550&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&adsid=NT&dt=1595357020817&bpp=1&bdt=3396&idt=90&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=538&ady=1508&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U0WEWxE8RS&p=https%3A//v.virscan.org&dtd=92
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=3599807995&adf=4251758550&w=728&lmt=1595354577&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwrattr=true&wgl=1&adsid=NT&dt=1595357020817&bpp=1&bdt=3396&idt=90&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=538&ady=1508&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U0WEWxE8RS&p=https%3A//v.virscan.org&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:41 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BFCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=623822340&adf=1186416459&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&adsid=NT&dt=1595357020827&bpp=1&bdt=3406&idt=85&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=M8QGe62ikN&p=https%3A//v.virscan.org&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&h=90&slotname=9073981665&adk=623822340&adf=1186416459&w=0&fwrn=4&fwrnh=100&lmt=1595354577&rafmt=12&psa=0&guci=1.2.0.0.2.2.0.0&format=0x90&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&flash=0&fwr=0&fwrattr=true&rh=90&rw=0&sfro=1&wgl=1&adsid=NT&dt=1595357020827&bpp=1&bdt=3406&idt=85&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=637971112&dssz=25&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEr%7C&abl=CS&fu=8320&bc=31&ifi=5&uci=a!5&fsb=1&xpc=M8QGe62ikN&p=https%3A//v.virscan.org&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:41 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:41 GMT
cache-control
private
ab77b6ea7f3fbf79.js
s.ssl.qhres.com/ssl/ 		478 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js
Requested by
Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:3a00:11:1b7a:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 15 Feb 2020 15:14:44 GMT
via
1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
x-qstatic-hit
1
kcs-via
HIT from w-fc02.lato;MISS from w-sc01.lato
age
13577338
x-cache
Hit from cloudfront
status
200
content-length
478
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"6a5b3175a87e4950"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
P30lsRlRxAUMBFG7Z3ZgXCoJVHMz3UeNlxuyZJcwEwHYMHEFIaQBAA==
expires
Tue, 12 Feb 2030 15:14:44 GMT
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://v.virscan.org/Trojan.DOMG.yjxq.html
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 18:43:42 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2068892711&si=08e32ec74a8a7982c7171bde829b77af&v=1.2.74&lv=1&sn=38517&r=0&ww=1600&ct=!!&tt=Trojan.DOMG.yjxq%20-%20VirSCAN.org%20-%20Free%20Multi-Engine%20Online%20Virus%20Scanner%20v1.02%2C%20Supports%2047%20AntiVirus%20Engines!
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Jul 2020 18:43:42 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
zz.gif
s.360.cn/so/ 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.360.cn/so/zz.gif?url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&sid=d182b3f28525f2db83acfaaf6e696dba&token=dl1m8t2hb.3qfx2j8y5.2G5MfO2Dd.bn
Requested by
Host: v.virscan.org
URL: https://v.virscan.org/Trojan.DOMG.yjxq.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.8.167.90 , China, ASN137687 (CHINATELECOM-HENAN-LUOYANG-IDC Luoyang, Henan Province, P.R.China., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 21 Jul 2020 18:43:43 GMT
Last-Modified
Tue, 23 Jul 2019 07:36:18 GMT
Server
nginx/1.14.2
ETag
"5d36b8f2-0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame D4D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1595354577&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1595357030745&bpp=1&bdt=13323&idt=1&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90%2C0x90&nras=1&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=653282418895&dssz=33&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200716/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5662640855743483&output=html&adk=1812271804&adf=3025194257&lmt=1595354577&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fv.virscan.org%2FTrojan.DOMG.yjxq.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1595357030745&bpp=1&bdt=13323&idt=1&shv=r20200716&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C0x90%2C728x90%2C728x90%2C0x90&nras=1&correlator=1169710074679&frm=20&pv=1&ga_vid=369672238.1595357021&ga_sid=1595357021&ga_hid=2132444102&ga_fc=0&iag=0&icsg=653282418895&dssz=33&mdo=0&mso=8&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066358%2C182982100%2C182982300&oid=3&pvsid=3290381619109316&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.virscan.org/Trojan.DOMG.yjxq.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://v.virscan.org/Trojan.DOMG.yjxq.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Jul 2020 18:43:50 GMT
server
cafe
content-length
643
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Jul-2020 18:58:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Jul 2020 18:43:50 GMT
cache-control
private
logo.gif
img.virscan.org/images/ 		0
0
view_en.gif
img.virscan.org/images/ 		0
0
up_en.gif
img.virscan.org/images/ 		0
0
1.gif
img.virscan.org/images/load/ 		0
0
select.png
img.virscan.org/images/ 		0
0
ahnlab.gif
img.virscan.org/images/av/ 		0
0
antivir.gif
img.virscan.org/images/av/ 		0
0
antiy.gif
img.virscan.org/images/av/ 		0
0
arcabit-logo-new.png
img.virscan.org/images/av/ 		0
0
avast.gif
img.virscan.org/images/av/ 		0
0
avg.gif
img.virscan.org/images/av/ 		0
0
baidu.gif
img.virscan.org/images/ 		0
0
bitdefender.gif
img.virscan.org/images/av/ 		0
0
clamav.gif
img.virscan.org/images/av/ 		0
0
comodo.gif
img.virscan.org/images/av/ 		0
0
cpsecure.gif
img.virscan.org/images/av/ 		0
0
drweb.gif
img.virscan.org/images/av/ 		0
0
defenx.png
img.virscan.org/images/av/ 		0
0
asquared-logo.gif
img.virscan.org/images/av/ 		0
0
est_logo.png
img.virscan.org/images/av/ 		0
0
f-prot.gif
img.virscan.org/images/av/ 		0
0
f-secure.gif
img.virscan.org/images/av/ 		0
0
tws.png
img.virscan.org/images/av/ 		0
0
fortinet.gif
img.virscan.org/images/av/ 		0
0
gdata.gif
img.virscan.org/images/av/ 		0
0
hauri.gif
img.virscan.org/images/av/ 		0
0
ikarus.gif
img.virscan.org/images/av/ 		0
0
jiangmin.gif
img.virscan.org/images/av/ 		0
0
kaspersky.gif
img.virscan.org/images/av/ 		0
0
kingsoft_av.gif
img.virscan.org/images/av/ 		0
0
k7-logo.png
img.virscan.org/images/av/ 		0
0
microsoft.gif
img.virscan.org/images/av/ 		0
0
nod32.gif
img.virscan.org/images/av/ 		0
0
norman.gif
img.virscan.org/images/av/ 		0
0
nano_log.gif
img.virscan.org/images/av/ 		0
0
panda.gif
img.virscan.org/images/av/ 		0
0
pcc.gif
img.virscan.org/images/av/ 		0
0
quickheal.gif
img.virscan.org/images/av/ 		0
0
rising.gif
img.virscan.org/images/av/ 		0
0
sophos.gif
img.virscan.org/images/av/ 		0
0
sunbelt.gif
img.virscan.org/images/av/ 		0
0
symantec.gif
img.virscan.org/images/av/ 		0
0
sxf.gif
img.virscan.org/images/av/ 		0
0
systweak-software.png
img.virscan.org/images/av/ 		0
0
tachyon.gif
img.virscan.org/images/av/ 		0
0
thehacker.gif
img.virscan.org/images/av/ 		0
0
hunter.png
img.virscan.org/images/av/ 		0
0
vba.gif
img.virscan.org/images/av/ 		0
0
virusbuster.gif
img.virscan.org/images/av/ 		0
0
tencent_av.gif
img.virscan.org/images/av/ 		0
0
360_av.gif
img.virscan.org/images/av/ 		0
0
xvirus_logo.png
img.virscan.org/images/av/ 		0
0
habo.png
img.virscan.org/images/av/ 		0
0
vb.png
img.virscan.org/images/av/ 		0
0
hybrid.png
img.virscan.org/images/av/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.virscan.org
URL
https://img.virscan.org/js/tools.js
Domain
img.virscan.org
URL
https://img.virscan.org/images/stylebox.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/styleboxs.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/logo.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/view_en.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/up_en.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/load/1.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/select.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/ahnlab.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/antivir.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/antiy.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/arcabit-logo-new.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/avast.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/avg.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/baidu.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/bitdefender.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/clamav.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/comodo.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/cpsecure.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/drweb.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/defenx.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/asquared-logo.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/est_logo.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/f-prot.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/f-secure.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/tws.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/fortinet.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/gdata.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/hauri.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/ikarus.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/jiangmin.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/kaspersky.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/kingsoft_av.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/k7-logo.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/microsoft.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/nod32.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/norman.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/nano_log.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/panda.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/pcc.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/quickheal.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/rising.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/sophos.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/sunbelt.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/symantec.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/sxf.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/systweak-software.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/tachyon.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/thehacker.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/hunter.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/vba.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/virusbuster.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/tencent_av.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/360_av.gif
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/xvirus_logo.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/habo.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/vb.png
Domain
img.virscan.org
URL
https://img.virscan.org/images/av/hybrid.png

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| showprocess function| showlang function| phoneshowlang function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _bdhm_loaded_08e32ec74a8a7982c7171bde829b77af object| mini_tangram_log_dql9ul undefined| $ function| jQuery object| jQuery1101049206720682270655 function| $j object| f function| $phpernote function| query object| observer

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
hm.baidu.com
img.virscan.org
jspassport.ssl.qhimg.com
pagead2.googlesyndication.com
s.360.cn
s.ssl.qhres.com
sp0.baidu.com
stats.g.doubleclick.net
v.virscan.org
www.google-analytics.com
www.googletagservices.com
zz.bdstatic.com
img.virscan.org
103.235.46.191
103.235.46.39
119.188.176.48
119.188.250.140
171.8.167.90
2600:9000:2057:e600:0:e2b1:a380:93a1
2600:9000:214f:3a00:11:1b7a:9b00:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:814::200e
2a00:1450:4001:81f::2002
2a00:1450:400c:c00::9b
028a86edc87123d64d64fa813f57de5a290fd2b17b16098c2b3162b42792cb77
03ad95964d61ff7b69502b303b9d639aacc99ae34e054e2dfc11a6cd338f5822
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058818990d972762db4356b005339019df71698094f95e0cbbed412bcb7eeaa1
11037886dcca7f8822aa69fe62a5718cbd1b8577057948bb8647fc06164a0b40
1c83248e926cead9b810bbc2834bea283a57b735618348cb14784be74286d94a
224c67cc7832ab04bba7cecc44e93160799e2d72ec7a22c252920e30bd88ff24
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32c35817509391ab7a808348f2b2bd84ae33cc2cff030f1de647c17cac724630
34f55e702683c8ede4b22ce80ebd629840ee277284b02545192adb2c17b00779
39a173f2baa8787f4415eb5fd991e63a9288b546cb374d08acc0816e3f22c50d
46d267de56b5f276695d1c35c2a7866a3db4d679d140cf38fde834ff29ead956
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d72aea4ea5382c6e2325807458f5adbb4e695f8b37a895aa6d466956499197c
70ad3c0cf60b92b5987ea51c7e2098b821b46b5ca1b7f03e6b0df2b575a44610
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
7df74ab28135297210c7dd74f47f4e04e9d2f4a0c490894aabc1da31fa8d9db8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b51a22eb3cda781adbf31805ba43c9d27cd0e7b371c2fe62393dcfc0bed925c
8b9aaa9648f6f9f9bac68a5eae64abc3653ab972f79eab41bdc8c61c527b8896
8cfa889a7e09f8884b6da6b3979b0d296f2eed2bc866a3e7d4d4745c092a9684
8f63c491931f60f38412e7dedcbccdff775a3d733ff8892d0747dd983e0ac941
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
9647158f17a3e482e4a64041911cf731dd19fac2630f5bd5c0338d12e7462d23
a94871d658fec7e1787b1b95c68607326d15ddab11312d1ba1c12ed65ce5b27d
c20343e40a266bdafb8be06f988270fa304927381f44b966f57c0c4031a4d5c4
c3176bb0c28245dc7f8bfce504d8fd18495d7e701b07adebd8564a86472f4676
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
ce7716eaf5434046e225ab8ec122c8a6882096544f08ad88e37874d47af6e6c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
faca91deb48a114e795341ff212fafc54db53ba7049341737c5eedc989766398
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955