www.pageswirl.com Open in urlscan Pro
192.95.29.179  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request html_test.php Show response www.pageswirl.com/	3 KB 3 KB	191ms 96ms	Document text/html	192.95.29.179 OVH
General Check archive.org Show headers Download Go to Full URL http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 192.95.29.179 Montréal, Canada, ASN16276 (OVH, FR), Reverse DNS ks3.pageswirl.com Software lighttpd/1.4.31 / PHP/5.3.3 Resource Hash 1ff554f7925c950f268fd75d0533b47ae05df06059067fd258095b82243729d7 Request headers Host www.pageswirl.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 684CC78FAA55B520E1DE834746F4AB35 Response headers X-Powered-By PHP/5.3.3 Content-type text/html Transfer-Encoding chunked Date Thu, 19 Jul 2018 16:24:08 GMT Server lighttpd/1.4.31
GET S	200	base.js Show response webminepool.com/lib/	161 KB 70 KB	54ms 18ms	Script application/javascript	2400:cb00:2048:1::681b:a7ca Cloudflare
General Check archive.org Show headers Download Go to Full URL https://webminepool.com/lib/base.js Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol SPDY Server 2400:cb00:2048:1::681b:a7ca , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0eb011c334d9f197f89077be725c054eeb7b4280908ddfbe7d14efb8ca4afcdf Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:08 GMT content-encoding gzip cf-cache-status HIT status 200 alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 71586 last-modified Mon, 23 Apr 2018 18:01:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 43ce895c88f163af-FRA expires Thu, 19 Jul 2018 20:24:08 GMT
GET H/1.1	200 OK	base.js Show response swiftmining.win/static/js/	162 KB 163 KB	691ms 348ms	Script application/javascript	206.189.165.149 DigitalOcean
General Check archive.org Show headers Download Go to Full URL https://swiftmining.win/static/js/base.js Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 206.189.165.149 Reading, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 282dd1200699fba5d0ea0da40519959aaf717aed4bdf9c6bb90725054787fb6c Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 19 Jul 2018 16:24:08 GMT Last-Modified Tue, 19 Jun 2018 08:39:14 GMT Server nginx/1.10.3 (Ubuntu) ETag "1529397554.888786-166274-3488877629" Content-Type application/javascript Cache-Control max-age=43200, public Connection keep-alive Accept-Ranges bytes Content-Length 166274 Expires Fri, 20 Jul 2018 04:24:08 GMT
GET S	200	miner.min.js Show response coinhive.com/lib/	4 KB 2 KB	51ms 18ms	Script application/javascript	2400:cb00:2048:1::6814:d13b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://coinhive.com/lib/miner.min.js Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol SPDY Server 2400:cb00:2048:1::6814:d13b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 07dd3300c1894c68e33fcd6bb984fe68cf898d60302e5ab98cd4fda3af7ff1df Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:08 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 11 Apr 2018 09:52:09 GMT server cloudflare status 200 etag W/"5acddac9-fb4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=28800 cf-ray 43ce895c8e09975c-FRA expires Fri, 20 Jul 2018 00:24:08 GMT
GET H/1.1	200 OK	WyJEeW5hbWl0ZTU2MyIsMCwwLjUsMCwiMiJd.w0f7KmjFGdClYIeSA_LhsOJmhdI.min.js Show response alflying.bid/00uN05/	113 KB 36 KB	116ms 50ms	Script text/javascript	95.216.176.192 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://alflying.bid/00uN05/WyJEeW5hbWl0ZTU2MyIsMCwwLjUsMCwiMiJd.w0f7KmjFGdClYIeSA_LhsOJmhdI.min.js Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 95.216.176.192 , Ukraine, ASN24940 (HETZNER-AS, DE), Reverse DNS static.192.176.216.95.clients.your-server.de Software nginx / Resource Hash 8e0226780bdaba15c5d69012b71ad7663a7312efb3dba9dc4b03f366e27fba0f Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 19 Jul 2018 16:24:08 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	113 Show response trafadsense.ru/adsview/js/	2 KB 1 KB	218ms 65ms	Script text/html	87.236.19.186 BEGET-AS
General Check archive.org Show headers Download Go to Full URL http://trafadsense.ru/adsview/js/113 Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 87.236.19.186 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS m2.amper2.beget.com Software nginx-reuseport/1.13.4 / PHP/7.2.5 Resource Hash 0f4b37015e2be0e19631c152088581b1207f22d870b9b640b9233a437a940182 Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Jul 2018 16:24:08 GMT Content-Encoding gzip Server nginx-reuseport/1.13.4 X-Powered-By PHP/7.2.5 Vary Accept-Encoding Content-Type text/html; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=30 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET BLOB	200 OK	0165e631-480f-4d83-bfce-4e20bfe051e8 http://www.pageswirl.com/	156 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.pageswirl.com/0165e631-480f-4d83-bfce-4e20bfe051e8 Requested by Host: swiftmining.win URL: https://swiftmining.win/static/js/base.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f47004ba4c2757a2880d8d98fe50d3ad71d29bd54f3668e1951bdf47803baac Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Length 159386 Content-Type text/javascript
GET BLOB	200 OK	1a4f8a68-5cb8-499e-ab38-8bf4655b721d http://www.pageswirl.com/	156 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.pageswirl.com/1a4f8a68-5cb8-499e-ab38-8bf4655b721d Requested by Host: swiftmining.win URL: https://swiftmining.win/static/js/base.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f47004ba4c2757a2880d8d98fe50d3ad71d29bd54f3668e1951bdf47803baac Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Length 159386 Content-Type text/javascript
GET BLOB	200 OK	4fd7664c-54c6-46d9-9ff2-05a6fdd0acf7 http://www.pageswirl.com/	156 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.pageswirl.com/4fd7664c-54c6-46d9-9ff2-05a6fdd0acf7 Requested by Host: swiftmining.win URL: https://swiftmining.win/static/js/base.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f47004ba4c2757a2880d8d98fe50d3ad71d29bd54f3668e1951bdf47803baac Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Length 159386 Content-Type text/javascript
GET BLOB	200 OK	3f287089-594a-4273-9416-f474dd4664aa http://www.pageswirl.com/	156 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://www.pageswirl.com/3f287089-594a-4273-9416-f474dd4664aa Requested by Host: swiftmining.win URL: https://swiftmining.win/static/js/base.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f47004ba4c2757a2880d8d98fe50d3ad71d29bd54f3668e1951bdf47803baac Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Length 159386 Content-Type text/javascript
GET H2	200	ecart.html play.gramombird.com/ Frame A9B7	0 0	63ms 26ms	Document text/html	2400:cb00:2048:1::681c:1d78 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://play.gramombird.com/ecart.html?bdata=Lbnf-4JB;50;1 Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::681c:1d78 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority play.gramombird.com :scheme https :path /ecart.html?bdata=Lbnf-4JB;50;1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer http://www.pageswirl.com/html_test.php?id=6955 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 684CC78FAA55B520E1DE834746F4AB35 Referer http://www.pageswirl.com/html_test.php?id=6955 Response headers status 200 date Thu, 19 Jul 2018 16:24:09 GMT content-type text/html set-cookie __cfduid=d66dc98537c9eb540f2bc6b9ba21457fa1532017449; expires=Fri, 19-Jul-19 16:24:09 GMT; path=/; domain=.gramombird.com; HttpOnly last-modified Tue, 05 Jun 2018 13:47:16 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 43ce89630d66233c-FRA content-encoding gzip
GET S	200	/ Show response load.jsecoin.com/load/4685/pageswirl.com/optionalSubID/0/	22 KB 9 KB	175ms 150ms	Script text/javascript	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/load/4685/pageswirl.com/optionalSubID/0/ Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Express Resource Hash 9c30d3da72e99c21b4e129359c457af2d7775263ea9d42cc40e16c3142d7f8fd Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:09 GMT content-encoding gzip vary Accept-Encoding status 200 access-control-allow-headers cache-control, Origin, X-Requested-With, Content-Type, Accept, Authorization x-powered-by Express etag W/"5692-tOExmer7cwrn8OADRtTVPQywzGs" x-ratelimit-remaining 499 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache x-ratelimit-limit 500 alt-svc clear via 1.1 google
GET H2	200	miner.html coinhive.com/media/ Frame 99F3	0 0	38ms 37ms	Document text/html	2400:cb00:2048:1::6814:d13b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://coinhive.com/media/miner.html?key=Z9lVWyVPiD4ATGIr158dCdm4omEToSQd&user=P2919086&whitelabel=1&autostart=1&throttle=0.5&threads=2&background=000000&text=eeeeee&action=000000&ref=&graph=00ee00&start=Start%20Now! Requested by Host: coinhive.com URL: https://coinhive.com/lib/miner.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:d13b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority coinhive.com :scheme https :path /media/miner.html?key=Z9lVWyVPiD4ATGIr158dCdm4omEToSQd&user=P2919086&whitelabel=1&autostart=1&throttle=0.5&threads=2&background=000000&text=eeeeee&action=000000&ref=&graph=00ee00&start=Start%20Now! pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer http://www.pageswirl.com/html_test.php?id=6955 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 684CC78FAA55B520E1DE834746F4AB35 Referer http://www.pageswirl.com/html_test.php?id=6955 Response headers status 200 date Thu, 19 Jul 2018 16:24:09 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d43014957fbf107f33507d434c91346d01532017449; expires=Fri, 19-Jul-19 16:24:09 GMT; path=/; domain=.coinhive.com; HttpOnly last-modified Fri, 30 Mar 2018 10:06:45 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 43ce8962eafd975c-FRA content-encoding gzip
GET H/1.1	200 OK	Cookie set / wedox.ru/ Frame 3D9B	0 0	272ms 87ms	Document text/html	87.236.19.186 BEGET-AS
General Check archive.org Show headers Download Go to Full URL http://wedox.ru/?ref=3 Requested by Host: trafadsense.ru URL: http://trafadsense.ru/adsview/js/113 Protocol HTTP/1.1 Server 87.236.19.186 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS m2.amper2.beget.com Software nginx-reuseport/1.13.4 / PHP/5.6.30 Resource Hash Request headers Host wedox.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://www.pageswirl.com/html_test.php?id=6955 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 684CC78FAA55B520E1DE834746F4AB35 Referer http://www.pageswirl.com/html_test.php?id=6955 Response headers Server nginx-reuseport/1.13.4 Date Thu, 19 Jul 2018 16:24:09 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=30 Vary Accept-Encoding X-Powered-By PHP/5.6.30 Set-Cookie PHPSESSID=05ba5df40044489d9d42bfbff7211269; path=/ ref=3; expires=Thu, 26-Jul-2018 16:24:09 GMT; Max-Age=604800 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	468x60.gif rubmining.ru/img/	73 KB 74 KB	230ms 46ms	Image image/gif	87.236.19.186 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL http://rubmining.ru/img/468x60.gif Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 87.236.19.186 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS m2.amper2.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 12ced85dc7da7222386dcadfb3c8a66a626cfe47d4c8195d833bf03696bc979c Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 19 Jul 2018 16:24:09 GMT Last-Modified Sat, 22 Aug 2015 19:54:09 GMT Server nginx-reuseport/1.13.4 ETag "55d8d361-1252c" Content-Type image/gif Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=30 Content-Length 75052 Expires Sat, 18 Aug 2018 16:24:09 GMT
GET H/1.1	200 OK	b_logo.png trafadsense.ru/theme/img/	767 B 1 KB	229ms 44ms	Image image/png	87.236.19.186 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL http://trafadsense.ru/theme/img/b_logo.png Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol HTTP/1.1 Server 87.236.19.186 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS m2.amper2.beget.com Software nginx-reuseport/1.13.4 / Resource Hash a7795b0dca780f00cb94d913c1babf72c8d1cf68e882f59559a6f3c46b5fc001 Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 19 Jul 2018 16:24:09 GMT Last-Modified Sun, 10 Jun 2018 12:08:02 GMT Server nginx-reuseport/1.13.4 ETag "5b1d14a2-2ff" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=30 Content-Length 767 Expires Sat, 18 Aug 2018 16:24:09 GMT
GET S	200	socket.io.js Show response cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/	59 KB 18 KB	12ms 12ms	Script application/javascript	2400:cb00:2048:1::6813:c697 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Requested by Host: load.jsecoin.com URL: https://load.jsecoin.com/load/4685/pageswirl.com/optionalSubID/0/ Protocol SPDY Server 2400:cb00:2048:1::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 58f7853d60f73d94140eba459c333537629a74d57009f352e1c099efc6fbe93f Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:09 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT status 200 served-in-seconds 0.002 last-modified Thu, 17 May 2018 09:26:47 GMT server cloudflare etag W/"5afd4ad7-ed3a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 43ce89640aa89726-FRA expires Tue, 09 Jul 2019 16:24:09 GMT
GET S	200	jsebadge.png jsecoin.com/static/images/	4 KB 5 KB	121ms 118ms	Image image/png	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://jsecoin.com/static/images/jsebadge.png Requested by Host: www.pageswirl.com URL: http://www.pageswirl.com/html_test.php?id=6955 Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software lighttpd hardened / Resource Hash 4b982d093c886ec2333c8b92d513fc81c3d29b51bd4f16ff6d6439a3e29e60d6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.pageswirl.com/html_test.php?id=6955 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:09 GMT via 1.1 google x-content-type-options nosniff last-modified Sat, 14 Jul 2018 12:32:57 GMT server lighttpd hardened etag "3320793714" content-type image/png status 200 cache-control max-age=86400 accept-ranges bytes alt-svc clear content-length 4435 expires Fri, 20 Jul 2018 16:24:09 GMT
GET S	200	/ Show response load.jsecoin.com/socket.io/	103 B 276 B	119ms 119ms	XHR text/plain	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/socket.io/?EIO=3&transport=polling&t=MIpMnhk Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Resource Hash b17de71d3263359a04aeff8405d8e4775bfd679753e80cbc0dc53d15d334448b Request headers Accept */* Referer http://www.pageswirl.com/html_test.php?id=6955 Origin http://www.pageswirl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:09 GMT via 1.1 google status 200 content-type text/plain; charset=UTF-8 access-control-allow-origin http://www.pageswirl.com access-control-allow-credentials true alt-svc clear content-length 103
POST S	200	/ Show response load.jsecoin.com/socket.io/	2 B 116 B	130ms 118ms	XHR text/html	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/socket.io/?EIO=3&transport=polling&t=MIpMnjf&sid=CUk4hHmet7qWCll5AJ4D Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer http://www.pageswirl.com/html_test.php?id=6955 Origin http://www.pageswirl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Thu, 19 Jul 2018 16:24:09 GMT via 1.1 google status 200 content-type text/html access-control-allow-origin http://www.pageswirl.com access-control-allow-credentials true alt-svc clear content-length 2
GET S	200	/ Show response load.jsecoin.com/socket.io/	16 B 123 B	137ms 125ms	XHR text/plain	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/socket.io/?EIO=3&transport=polling&t=MIpMnjg&sid=CUk4hHmet7qWCll5AJ4D Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Resource Hash a1fe634355f2f44b5e53a83841f4e15e71673f5ce77593ee7dbc93cc4d192231 Request headers Accept */* Referer http://www.pageswirl.com/html_test.php?id=6955 Origin http://www.pageswirl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:09 GMT via 1.1 google status 200 content-type text/plain; charset=UTF-8 access-control-allow-origin http://www.pageswirl.com access-control-allow-credentials true alt-svc clear content-length 16
POST S	200	/ Show response load.jsecoin.com/socket.io/	2 B 106 B	120ms 120ms	XHR text/html	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/socket.io/?EIO=3&transport=polling&t=MIpMnlk&sid=CUk4hHmet7qWCll5AJ4D Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer http://www.pageswirl.com/html_test.php?id=6955 Origin http://www.pageswirl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Thu, 19 Jul 2018 16:24:10 GMT via 1.1 google status 200 content-type text/html access-control-allow-origin http://www.pageswirl.com access-control-allow-credentials true alt-svc clear content-length 2
GET S	200	/ Show response load.jsecoin.com/socket.io/	3 B 109 B	214ms 213ms	XHR text/plain	35.190.24.124 Google LLC
General Check archive.org Show headers Download Go to Full URL https://load.jsecoin.com/socket.io/?EIO=3&transport=polling&t=MIpMnls&sid=CUk4hHmet7qWCll5AJ4D Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.0.4/socket.io.js Protocol SPDY Server 35.190.24.124 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 124.24.190.35.bc.googleusercontent.com Software / Resource Hash 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0 Request headers Accept */* Referer http://www.pageswirl.com/html_test.php?id=6955 Origin http://www.pageswirl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 19 Jul 2018 16:24:10 GMT via 1.1 google status 200 content-type text/plain; charset=UTF-8 access-control-allow-origin http://www.pageswirl.com access-control-allow-credentials true alt-svc clear content-length 3

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| refresh function| Miner object| WMP object| miner object| receiveStack object| sendStack number| connected number| throttleMiner object| handshake object| a object| job number| logicalProcessors number| refresher object| CoinHive object| _0x44ed function| _0x4132 object| IcecreamClient number| secs object| ls function| redo undefined| JSE function| io object| _this

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alflying.bid
cdnjs.cloudflare.com
coinhive.com
jsecoin.com
load.jsecoin.com
play.gramombird.com
rubmining.ru
swiftmining.win
trafadsense.ru
webminepool.com
wedox.ru
www.pageswirl.com
192.95.29.179
206.189.165.149
2400:cb00:2048:1::6813:c697
2400:cb00:2048:1::6814:d13b
2400:cb00:2048:1::681b:a7ca
2400:cb00:2048:1::681c:1d78
35.190.24.124
87.236.19.186
95.216.176.192
07dd3300c1894c68e33fcd6bb984fe68cf898d60302e5ab98cd4fda3af7ff1df
0eb011c334d9f197f89077be725c054eeb7b4280908ddfbe7d14efb8ca4afcdf
0f4b37015e2be0e19631c152088581b1207f22d870b9b640b9233a437a940182
12ced85dc7da7222386dcadfb3c8a66a626cfe47d4c8195d833bf03696bc979c
1ff554f7925c950f268fd75d0533b47ae05df06059067fd258095b82243729d7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
282dd1200699fba5d0ea0da40519959aaf717aed4bdf9c6bb90725054787fb6c
4b982d093c886ec2333c8b92d513fc81c3d29b51bd4f16ff6d6439a3e29e60d6
58f7853d60f73d94140eba459c333537629a74d57009f352e1c099efc6fbe93f
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6f47004ba4c2757a2880d8d98fe50d3ad71d29bd54f3668e1951bdf47803baac
8e0226780bdaba15c5d69012b71ad7663a7312efb3dba9dc4b03f366e27fba0f
9c30d3da72e99c21b4e129359c457af2d7775263ea9d42cc40e16c3142d7f8fd
a1fe634355f2f44b5e53a83841f4e15e71673f5ce77593ee7dbc93cc4d192231
a7795b0dca780f00cb94d913c1babf72c8d1cf68e882f59559a6f3c46b5fc001
b17de71d3263359a04aeff8405d8e4775bfd679753e80cbc0dc53d15d334448b