urlscan.io logo urlscan.io
SecurityTrails logo

www.pcrisk.com Open in urlscan Pro
2606:4700:10::6814:110e  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Submission: On May 25 via api from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:10::6814:110e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pcrisk.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on May 12th 2021. Valid for: a year.
This is the only time www.pcrisk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.112.134 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 72.246.168.118 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
21 6
16    2606:4700:10::6814:110e (United States)

ASN13335 (CLOUDFLARENET, US)
www.pcrisk.com
1    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
pcriskweb.disqus.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    72.246.168.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com
www.paypalobjects.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
16 www.pcrisk.com www.pcrisk.com
2 www.google-analytics.com www.pcrisk.com
www.google-analytics.com
1 www.paypalobjects.com www.pcrisk.com
1 code.jquery.com www.pcrisk.com
1 pcriskweb.disqus.com www.pcrisk.com
21 5
Subject Issuer Validity Valid
www.pcrisk.com
GeoTrust EV RSA CA 2018		 2021-05-12 -
2022-05-27		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-28 -
2022-01-11		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Frame ID: F507CDC9FBDB320D2CB13534AF584CA3
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

338 kB
Transfer

624 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 19707-pdfsearchhq-browser-hijacker
www.pcrisk.com/removal-guides/ 		101 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a1816eb098e0438c7154027a097e719f3b4fb8373e3532722506ae2a542888
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.pcrisk.com
:scheme
https
:path
/removal-guides/19707-pdfsearchhq-browser-hijacker
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-type
text/html; charset=utf-8
expires
Mon, 1 Jan 2001 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 private, must-revalidate
pragma
no-cache
set-cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341; path=/
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a442f7abf00002b3539ba3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
server
cloudflare
cf-ray
654d4ea46d752b35-FRA
content-encoding
br
styles_v2.css
www.pcrisk.com/templates/joomspirit_70/css/ 		43 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47383ebff09fa7d80e6f6f693e18f18e14a2681922fd8f312b426ed2fb323ef6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/templates/joomspirit_70/css/styles_v2.css
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3054930
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
0a442f7cb900002b3572267000000001
last-modified
Wed, 10 Mar 2021 08:35:49 GMT
server
cloudflare
etag
W/"6b28f1-ac3f-5bd2a8dcf4340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
text/css
cache-control
public, max-age=2678400
cf-ray
654d4ea78c2e2b35-FRA
expires
Sun, 18 Jul 2021 23:38:26 GMT
embed.js
pcriskweb.disqus.com/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pcriskweb.disqus.com/embed.js
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
777d28c84caaf16ce08037a8975c683543bfd2207c567b39b79a8ae667b2a378
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.pcrisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 08:13:55 GMT
Content-Encoding
gzip
Server
openresty
Age
7
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24248
prettyPhoto.css
www.pcrisk.com/plugins/content/ppgallery/res/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pcrisk.com/plugins/content/ppgallery/res/prettyPhoto.css
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b418f9c1db0cec3e5e14276884e32fe535055f6b3f82e0072468ddaafb8be0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/plugins/content/ppgallery/res/prettyPhoto.css
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2774690
cf-polished
origSize=19888
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
0a442f7cc000002b358e840000000001
last-modified
Wed, 29 May 2013 06:42:02 GMT
server
cloudflare
etag
W/"36a005-4db0-4ddd5ade3c280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
text/css
cache-control
public, max-age=2678400
cf-ray
654d4ea79c332b35-FRA
expires
Thu, 22 Jul 2021 05:29:07 GMT
pPGallery.css
www.pcrisk.com/plugins/content/ppgallery/res/ 		2 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pcrisk.com/plugins/content/ppgallery/res/pPGallery.css
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3923cfc9a4a3ad41fcbfa161a70ca1c7bf53fda143e3e92088aee9a1b41d7d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/plugins/content/ppgallery/res/pPGallery.css
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2922682
cf-polished
origSize=2718
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
0a442f7cba00002b355320e000000001
last-modified
Wed, 29 May 2013 06:42:02 GMT
server
cloudflare
etag
W/"36a004-a9e-4ddd5ade3c280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
text/css
cache-control
public, max-age=2678400
cf-ray
654d4ea79c352b35-FRA
expires
Tue, 20 Jul 2021 12:22:33 GMT
jquery-1.6.4.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.6.4.min.js
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5

Request headers

Origin
https://www.pcrisk.com
Referer
https://www.pcrisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
W/"54499a47-16615"
vary
Accept-Encoding
x-hw
1621930435.dop213.fr8.t,1621930435.cds238.fr8.hc,1621930435.cds218.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32051
jquery.prettyPhoto.js
www.pcrisk.com/plugins/content/ppgallery/res/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pcrisk.com/plugins/content/ppgallery/res/jquery.prettyPhoto.js
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd02179888325e33661b4db69416cefc1d0013ed17755bcb0bfe57026828c674
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/plugins/content/ppgallery/res/jquery.prettyPhoto.js
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2774964
cf-polished
origSize=24867
cf-bgj
minify
vary
Accept-Encoding
cf-request-id
0a442f7cbb00002b352b117000000001
last-modified
Wed, 29 May 2013 06:42:02 GMT
server
cloudflare
etag
W/"36a003-6123-4ddd5ade3c280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
text/javascript
cache-control
public, max-age=2678400
cf-ray
654d4ea79c372b35-FRA
expires
Thu, 22 Jul 2021 05:24:33 GMT
tm-c70.png
www.pcrisk.com/images/team/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/team/tm-c70.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf72b04219155857dc6589fb6a5eb411a1f5694d77e72bbc199859a86c60c238
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/team/tm-c70.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
698471
cf-polished
origFmt=png, origSize=7484
content-disposition
inline; filename="tm-c70.webp"
vary
Accept
content-length
5098
cf-request-id
0a442f7d1000002b3517989000000001
last-modified
Fri, 05 Jul 2019 07:38:58 GMT
server
cloudflare
etag
"1cc001-1d3c-58cea2fef4880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Sun, 15 Aug 2021 06:12:46 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea81d672b35-FRA
cf-bgj
imgq:85,h2pri
btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		732 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3485707c2d30082b1f3723f9692ea0327c6034346c0271da892d73d5d2ce2f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcrisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 01:57:50 GMT
server
Akamai Image Manager
etag
"U3pl0/XCujlHacl+n45I4YfostqG/gKwMB9VmB+OaEg"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
732
expires
Tue, 25 May 2021 20:13:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcrisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2639
date
Tue, 25 May 2021 07:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 25 May 2021 09:29:56 GMT
pcrisk_logo_n.png
www.pcrisk.com/images/logos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/logos/pcrisk_logo_n.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a498fbc9a7b0ee351847680e7b08e69c5b30d6d28646a1f322d4461c45e2ae2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/logos/pcrisk_logo_n.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
447453
cf-polished
origFmt=png, origSize=6891
content-disposition
inline; filename="pcrisk_logo_n.webp"
vary
Accept
content-length
5302
cf-request-id
0a442f7d2100002b3575317000000001
last-modified
Thu, 15 Jun 2017 13:15:54 GMT
server
cloudflare
etag
"8b0eff-1aeb-551ff77ebb680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Wed, 18 Aug 2021 03:56:23 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea83db22b35-FRA
cf-bgj
imgq:85,h2pri
list_bullet.png
www.pcrisk.com/templates/joomspirit_70/images/ 		130 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/templates/joomspirit_70/images/list_bullet.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3203c97b75e32bd1cb84d20d408fb5b6420ed93c6c9c6ac8f16ac61c1b1d3b9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/templates/joomspirit_70/images/list_bullet.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/templates/joomspirit_70/css/styles_v2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
461751
cf-polished
origFmt=png, origSize=166
content-disposition
inline; filename="list_bullet.webp"
vary
Accept
content-length
130
cf-request-id
0a442f7d2300002b351f2d4000000001
last-modified
Thu, 07 Nov 2013 12:00:10 GMT
server
cloudflare
etag
"53c025-a6-4ea9501ea4680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Tue, 17 Aug 2021 23:58:05 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea83db72b35-FRA
cf-bgj
imgq:85,h2pri
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d88f6bceec015ea6c6e7f5d35793bbf630bd283b4ae1bb18ed35a11bb744a88

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0845dc27e0191aa8af922886250c0a0becf62b8be94c00c34f28f1d9cd35ebe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32f2a545f40882a9b74357bd19827a53e7fd46b6e995afebedc27455ad3422f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e397c2872ad75aaa20d4326282d4b0f1b2921dca16bbc5d97150f90b1eb1764f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pdfsearchhq-browser-hijacker-main.jpg
www.pcrisk.com/images/stories/screenshots202012/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-main.jpg
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963e58d4ec2e6fc542461f85848d4c3d831ac98caac308c39c5d09d91362ec92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-main.jpg
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
qual=85, origFmt=jpeg, origSize=46111
content-disposition
inline; filename="pdfsearchhq-browser-hijacker-main.webp"
vary
Accept
content-length
12850
cf-request-id
0a442f7d6600002b3583247000000001
last-modified
Thu, 17 Dec 2020 12:32:03 GMT
server
cloudflare
etag
"8b5ed1-b41f-5b6a82dd136c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8aea82b35-FRA
cf-bgj
imgq:85,h2pri
pdfsearchhq-browser-hijacker-permissions.jpg
www.pcrisk.com/images/stories/screenshots202012/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-permissions.jpg
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b167ca6f0a613a7157707a7e32b978f03d1e871421471b0decc85dede1155158
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-permissions.jpg
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
qual=85, origFmt=jpeg, origSize=61263
content-disposition
inline; filename="pdfsearchhq-browser-hijacker-permissions.webp"
vary
Accept
content-length
21478
cf-request-id
0a442f7d6700002b3515342000000001
last-modified
Thu, 17 Dec 2020 12:32:04 GMT
server
cloudflare
etag
"8b5ed3-ef4f-5b6a82de07900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8aeab2b35-FRA
cf-bgj
imgq:85,h2pri
pdfsearchhq-browser-hijacker-appearance.gif
www.pcrisk.com/images/stories/screenshots202012/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-appearance.gif
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad826ea5222b802e83a760d773d81ab727f5d1699997e47e067ff20fb00c08b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/stories/screenshots202012/pdfsearchhq-browser-hijacker-appearance.gif
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
status=not_needed
vary
Accept-Encoding
content-length
162030
cf-request-id
0a442f7d6600002b352f285000000001
last-modified
Thu, 17 Dec 2020 12:36:37 GMT
server
cloudflare
etag
"8b5530-278ee-5b6a83e261f40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/gif
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8aead2b35-FRA
cf-bgj
imgq:85,h2pri
150x150_q75_t_pdfsearchhq-browser-hijacker-promoter.jpg
www.pcrisk.com/cache/ppgallery/197070/images/stories/screenshots202012/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/cache/ppgallery/197070/images/stories/screenshots202012/150x150_q75_t_pdfsearchhq-browser-hijacker-promoter.jpg
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd407933cab16c14ca0db9d664f5d5f1e9539939ba927ab9b075fb9b5546433b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/cache/ppgallery/197070/images/stories/screenshots202012/150x150_q75_t_pdfsearchhq-browser-hijacker-promoter.jpg
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
qual=85, origFmt=jpeg, origSize=4671
content-disposition
inline; filename="150x150_q75_t_pdfsearchhq-browser-hijacker-promoter.webp"
vary
Accept
content-length
3308
cf-request-id
0a442f7d6700002b35400b6000000001
x-robots-tag
noindex
last-modified
Thu, 11 Feb 2021 08:02:33 GMT
server
cloudflare
etag
"f8366-123f-5bb0af11f9840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8aeae2b35-FRA
cf-bgj
imgq:85,h2pri
150x150_q75_t_pdfsearchhq-browser-hijacker-promoter-2.jpg
www.pcrisk.com/cache/ppgallery/197070/images/stories/screenshots202012/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/cache/ppgallery/197070/images/stories/screenshots202012/150x150_q75_t_pdfsearchhq-browser-hijacker-promoter-2.jpg
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2710de186238ce80d0d4c8a858cc12985de5f7db9df14141919ae0db10b1c2ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/cache/ppgallery/197070/images/stories/screenshots202012/150x150_q75_t_pdfsearchhq-browser-hijacker-promoter-2.jpg
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
qual=85, origFmt=jpeg, origSize=3418
content-disposition
inline; filename="150x150_q75_t_pdfsearchhq-browser-hijacker-promoter-2.webp"
vary
Accept
content-length
1834
cf-request-id
0a442f7d6700002b354a811000000001
x-robots-tag
noindex
last-modified
Thu, 11 Feb 2021 08:02:33 GMT
server
cloudflare
etag
"f8367-d5a-5bb0af11f9840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8aeaf2b35-FRA
cf-bgj
imgq:85,h2pri
pdfsearchhq-browser-hijacker.png
www.pcrisk.com/images/qr-codes/ 		496 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/qr-codes/pdfsearchhq-browser-hijacker.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6000cac16d0aa1f7bdfa0cc2b67a2bef8cf3b080592bebd8a0a672a9bafff9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/qr-codes/pdfsearchhq-browser-hijacker.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
6
cf-polished
origFmt=png, origSize=589
content-disposition
inline; filename="pdfsearchhq-browser-hijacker.webp"
vary
Accept
content-length
496
cf-request-id
0a442f7d8700002b352f287000000001
x-robots-tag
noindex
last-modified
Thu, 17 Dec 2020 13:19:05 GMT
server
cloudflare
etag
"59be12-24d-5b6a8d6058440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Mon, 23 Aug 2021 08:13:50 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8defe2b35-FRA
cf-bgj
imgq:85,h2pri
45stars_300_t.png
www.pcrisk.com/images/mainBtn/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/mainBtn/45stars_300_t.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444bf4f1f9e509013bb2763d8a1a23a7a36d47dcb927ef1b151958dec21c8923
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/mainBtn/45stars_300_t.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
535152
cf-polished
origFmt=png, origSize=4974
content-disposition
inline; filename="45stars_300_t.webp"
vary
Accept
content-length
3646
cf-request-id
0a442f7d8700002b354a813000000001
last-modified
Fri, 13 Jul 2018 11:54:37 GMT
server
cloudflare
etag
"8d6005-136e-570e024dcf940"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Tue, 17 Aug 2021 03:34:45 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8df002b35-FRA
cf-bgj
imgq:85,h2pri
activity-medium2.png
www.pcrisk.com/images/gtl/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pcrisk.com/images/gtl/activity-medium2.png
Requested by
Host: www.pcrisk.com
URL: https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:110e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a39df3d6847cd44d21c7fec39282172e3cbfa6b67d3652814a0254d70f1d5b5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

:path
/images/gtl/activity-medium2.png
pragma
no-cache
cookie
a9c6a816be66b801d78079e65b6c43a8=6a52719aea2d03352451792455c03341
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.pcrisk.com
referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.pcrisk.com/removal-guides/19707-pdfsearchhq-browser-hijacker
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 08:13:56 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2282925
cf-polished
origFmt=png, origSize=1566
content-disposition
inline; filename="activity-medium2.webp"
vary
Accept
content-length
1392
cf-request-id
0a442f7d9e00002b351804b000000001
x-robots-tag
noindex
last-modified
Thu, 23 Jan 2020 08:08:41 GMT
server
cloudflare
etag
"592003-61e-59cca26277440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Tue, 27 Jul 2021 22:05:12 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
654d4ea8ff5f2b35-FRA
cf-bgj
imgq:85,h2pri
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=953973192&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pcrisk.com%2Fremoval-guides%2F19707-pdfsearchhq-browser-hijacker&ul=en-us&de=UTF-8&dt=How%20to%20get%20rid%20of%20PDFSearchHQ%20Browser%20Hijacker%20-%20virus%20removal%20guide%20(updated)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2084202670&gjid=188021152&cid=1109297221.1621930436&tid=UA-18384110-1&_gid=423499657.1621930436&_r=1&_slc=1&z=150874787
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcrisk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 May 2021 08:13:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pcrisk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery boolean| pp_alreadyInitialized string| GoogleAnalyticsObject function| ga string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_shortname function| disqus_config function| loadComments function| dsqExist function| executeCookieRequest boolean| doresize object| scroll_pos string| url boolean| hashtag object| jQuery164015572421908627532 object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.pcrisk.com/ Name: _gid
Value: GA1.2.423499657.1621930436
.pcrisk.com/ Name: _gat
Value: 1
.pcrisk.com/ Name: _ga
Value: GA1.2.1109297221.1621930436
www.pcrisk.com/ Name: a9c6a816be66b801d78079e65b6c43a8
Value: 6a52719aea2d03352451792455c03341

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
pcriskweb.disqus.com
www.google-analytics.com
www.paypalobjects.com
www.pcrisk.com
151.101.112.134
2001:4de0:ac18::1:a:2a
2606:4700:10::6814:110e
2a00:1450:4001:82f::200e
72.246.168.118
1a39df3d6847cd44d21c7fec39282172e3cbfa6b67d3652814a0254d70f1d5b5
1ad826ea5222b802e83a760d773d81ab727f5d1699997e47e067ff20fb00c08b
2710de186238ce80d0d4c8a858cc12985de5f7db9df14141919ae0db10b1c2ad
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3203c97b75e32bd1cb84d20d408fb5b6420ed93c6c9c6ac8f16ac61c1b1d3b9b
32f2a545f40882a9b74357bd19827a53e7fd46b6e995afebedc27455ad3422f1
3485707c2d30082b1f3723f9692ea0327c6034346c0271da892d73d5d2ce2f79
36a1816eb098e0438c7154027a097e719f3b4fb8373e3532722506ae2a542888
444bf4f1f9e509013bb2763d8a1a23a7a36d47dcb927ef1b151958dec21c8923
47383ebff09fa7d80e6f6f693e18f18e14a2681922fd8f312b426ed2fb323ef6
4a498fbc9a7b0ee351847680e7b08e69c5b30d6d28646a1f322d4461c45e2ae2
6d88f6bceec015ea6c6e7f5d35793bbf630bd283b4ae1bb18ed35a11bb744a88
777d28c84caaf16ce08037a8975c683543bfd2207c567b39b79a8ae667b2a378
8b418f9c1db0cec3e5e14276884e32fe535055f6b3f82e0072468ddaafb8be0c
8b6000cac16d0aa1f7bdfa0cc2b67a2bef8cf3b080592bebd8a0a672a9bafff9
951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5
963e58d4ec2e6fc542461f85848d4c3d831ac98caac308c39c5d09d91362ec92
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b167ca6f0a613a7157707a7e32b978f03d1e871421471b0decc85dede1155158
cd407933cab16c14ca0db9d664f5d5f1e9539939ba927ab9b075fb9b5546433b
cf72b04219155857dc6589fb6a5eb411a1f5694d77e72bbc199859a86c60c238
d3923cfc9a4a3ad41fcbfa161a70ca1c7bf53fda143e3e92088aee9a1b41d7d1
dd02179888325e33661b4db69416cefc1d0013ed17755bcb0bfe57026828c674
e0845dc27e0191aa8af922886250c0a0becf62b8be94c00c34f28f1d9cd35ebe
e397c2872ad75aaa20d4326282d4b0f1b2921dca16bbc5d97150f90b1eb1764f