urlscan.io logo urlscan.io
SecurityTrails logo

z-oleg.com Open in urlscan Pro
31.31.198.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Submission Tags: falconsandbox
Submission: On October 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 27 HTTP transactions. The main IP is 31.31.198.188, located in Russian Federation and belongs to AS-REG, RU. The main domain is z-oleg.com.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on December 5th 2020. Valid for: a year.
This is the only time z-oleg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 31.31.198.188 197695 (AS-REG)
2 151.236.71.75 204720 (CDNETWORKS)
1 5 217.69.133.145 47764 (MAILRU-AS...)
1 5.255.255.5 13238 (YANDEX)
3 7 93.158.134.119 13238 (YANDEX)
27 5
16    31.31.198.188 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: scp93.hosting.reg.ru
z-oleg.com
2    151.236.71.75 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
z-oleg.com.images.1c-bitrix-cdn.ru
5    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    5.255.255.5 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
7    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
16 z-oleg.com
z-oleg.com
76 KB
5 yandex.com
mc.yandex.com
2 KB
5 mail.ru
top-fwz1.mail.ru
16 KB
3 yandex.ru
yandex.ru
mc.yandex.ru
66 KB
2 1c-bitrix-cdn.ru
z-oleg.com.images.1c-bitrix-cdn.ru
671 B
27 5
Domain Requested by
16 z-oleg.com z-oleg.com
5 mc.yandex.com 2 redirects z-oleg.com
5 top-fwz1.mail.ru 1 redirects z-oleg.com
top-fwz1.mail.ru
2 mc.yandex.ru 1 redirects z-oleg.com
2 z-oleg.com.images.1c-bitrix-cdn.ru z-oleg.com
1 yandex.ru z-oleg.com
27 6

This site contains links to these domains. Also see Links.

Domain
www.z-oleg.com
top.mail.ru
webmaster.yandex.ru
Subject Issuer Validity Valid
www.z-oleg.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-05 -
2022-01-06		 a year crt.sh
*.ssl.1c-bitrix-cdn.ru
Go Daddy Secure Certificate Authority - G2		 2021-03-12 -
2022-04-13		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://z-oleg.com/secur/virlist/trojan-dropper.php
Frame ID: 1D8A761298BAB2CA5222D8D6AE8C257F
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trojan-Dropper

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:<link[^>]+components/bitrix|(?:src|href)="/bitrix/(?:js|templates))
  • 1c-bitrix
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

27
Requests

93 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

1
Countries

159 kB
Transfer

344 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://top-fwz1.mail.ru/counter?id=717989;t=479;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=717989;t=479;l=1
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9434.pOsR94rAGqBH822ypg-PUHn-W7RColb8dwZC79RiJEe0SSNGpav8jqzfkvQCKcIJ.MV-tT7LB6fl419-qIxPBWtWI6Pc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9434.YfKKNRMpV1amLPAbQdkpLpa9UQD9yY5ygZDIamKM85_XfNCJZmH3ePf3jOW8Kt3S4AMFuzFaOz3gjMltUMos7g%2C%2C.pzaIQ8nUUBAhWlQfyCvGbyvRuh8%2C
Request Chain 24
  • https://mc.yandex.com/watch/51481078?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A624%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1104357882134%3Ahid%3A402641536%3Az%3A0%3Ai%3A202101022132314%3Aet%3A1634908995%3Ac%3A1%3Arn%3A918070037%3Arqn%3A1%3Au%3A1634908995272699106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634908993988%3Ads%3A0%2C103%2C385%2C1%2C0%2C0%2C%2C122%2C0%2C%2C%2C%2C615%3Adsn%3A1%2C103%2C385%2C1%2C%2C0%2C%2C124%2C0%2C%2C%2C%2C615%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634908995%3At%3ATrojan-Dropper&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/51481078/1?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A624%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1104357882134%3Ahid%3A402641536%3Az%3A0%3Ai%3A202101022132314%3Aet%3A1634908995%3Ac%3A1%3Arn%3A918070037%3Arqn%3A1%3Au%3A1634908995272699106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634908993988%3Ads%3A0%2C103%2C385%2C1%2C0%2C0%2C%2C122%2C0%2C%2C%2C%2C615%3Adsn%3A1%2C103%2C385%2C1%2C%2C0%2C%2C124%2C0%2C%2C%2C%2C615%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634908995%3At%3ATrojan-Dropper&t=gdpr%2814%29ti%282%29

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request trojan-dropper.php
z-oleg.com/secur/virlist/ 		54 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx / PHP/7.4.14
Resource Hash
7bdf15326b7a2d9f5275d6ebb0aaadd32d9391a63d5398356974cd5b193c7572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
z-oleg.com
:scheme
https
:path
/secur/virlist/trojan-dropper.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 22 Oct 2021 13:23:14 GMT
content-type
text/html; charset=windows-1251
content-length
7780
x-powered-by
PHP/7.4.14
expires
Fri, 07 Jun 1974 04:00:00 GMT
x-bitrix-composite
Cache (200)
content-encoding
gzip
etag
df1f02b77f5a0e896fa72771500d68d6
last-modified
Fri, 22 Oct 2021 13:22:03 GMT
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
core.min.css
z-oleg.com/bitrix/js/main/core/css/ 		3 KB
993 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/bitrix/js/main/core/css/core.min.css?14539646242854
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/js/main/core/css/core.min.css?14539646242854
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2016 07:03:44 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css
styles.css
z-oleg.com/bitrix/templates/main2/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/bitrix/templates/main2/styles.css?15879858773197
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
31cbf69ea7244f2abc84b086654f5577e90f62d8cf6551433bca56fac498c084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/styles.css?15879858773197
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2020 11:11:17 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css
template_styles.css
z-oleg.com/bitrix/templates/main2/ 		2 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/bitrix/templates/main2/template_styles.css?15879858771796
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
87f8db7c15974ae5af5dc12e743aeed6bf73cb934954e6315cd06d4aa95a557a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/template_styles.css?15879858771796
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2020 11:11:17 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css
ddnmenu.js
z-oleg.com/bitrix/templates/main2/js/ 		2 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/bitrix/templates/main2/js/ddnmenu.js
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
4e544c35c4747340590f27e4cab2169cd8c1fe6649e6b234c3dbe3c7d89004ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/js/ddnmenu.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 18 Mar 2006 15:22:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
main_01.jpg
z-oleg.com/bitrix/templates/main2/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/main_01.jpg
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
ce9ef958ba5ba6dad1ce72a5bcc8d8298e4efd30402e6247b62c287ef2d4332f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/main_01.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Mar 2006 17:56:17 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
11400
expires
Mon, 25 Oct 2021 13:23:14 GMT
1.gif
z-oleg.com/bitrix/templates/main2/images/ 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/1.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/1.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Mar 2006 15:22:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
43
expires
Mon, 25 Oct 2021 13:23:14 GMT
main_03.jpg
z-oleg.com/bitrix/templates/main2/images/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/main_03.jpg
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
007d2c96c5f9a045c466111ebc79924bad9ce81453d651fce13e4a2a44cdb2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/main_03.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Mar 2006 17:56:25 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
845
expires
Mon, 25 Oct 2021 13:23:14 GMT
top_menu_divider.gif
z-oleg.com/bitrix/templates/main2/images/ 		70 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/top_menu_divider.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
2a3e0af809b7ad8f61a35c78ff2c62c9690bbcd3bd6d22d17cd8198ae27a2ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/top_menu_divider.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Mar 2006 15:22:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
70
expires
Mon, 25 Oct 2021 13:23:14 GMT
1.gif
z-oleg.com/bitrix/templates/demo/images/ 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/demo/images/1.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/demo/images/1.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Feb 2006 13:09:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
43
expires
Mon, 25 Oct 2021 13:23:14 GMT
left_bullet.gif
z-oleg.com.images.1c-bitrix-cdn.ru/bitrix/templates/main2/images/ 		88 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com.images.1c-bitrix-cdn.ru/bitrix/templates/main2/images/left_bullet.gif?114269533288
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.75 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
995a97a788312e6341173dd2fcbdc3bb28cb2cef85067082e037fc4e1c4a13e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Mar 2006 15:22:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
88
expires
Sat, 13 Nov 2021 12:06:37 GMT
left_bullet_a.gif
z-oleg.com.images.1c-bitrix-cdn.ru/bitrix/templates/main2/images/ 		111 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com.images.1c-bitrix-cdn.ru/bitrix/templates/main2/images/left_bullet_a.gif?1143376355111
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.75 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4ebca46f48b95aefd34cba4babeac1464a7e7c246afde08111c82cde6768c9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Mar 2006 12:32:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
111
expires
Sun, 14 Nov 2021 10:39:10 GMT
1.gif
z-oleg.com/images/ 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/images/1.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/1.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Feb 2006 13:09:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
43
expires
Mon, 25 Oct 2021 13:23:14 GMT
header_corner.gif
z-oleg.com/bitrix/templates/main2/images/ 		364 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/header_corner.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
471832547885aa1ce97b17d897784315f8e8f7b978fd0c828d357ab068df4871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/header_corner.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Mar 2006 15:22:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
364
expires
Mon, 25 Oct 2021 13:23:14 GMT
book1.jpg
z-oleg.com/secur/books/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/secur/books/book1.jpg
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
c1484bea7ce75a393e1155e15544c12886642b44033eb9152f49053460ad4bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/secur/books/book1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 03 Sep 2006 14:08:45 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
49424
expires
Mon, 25 Oct 2021 13:23:14 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=717989;t=479;l=1
  • https://top-fwz1.mail.ru/counter2?id=717989;t=479;l=1
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=717989;t=479;l=1
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f0254ba396b817e4511a42210e2e90baa8449377bdf2437cb43ec020093efb2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
2509
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=717989;t=479;l=1
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
cycounter
yandex.ru/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/cycounter?z-oleg.com&theme=dark&lang=ru
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.255.255.5 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
6d34cdbef4343edbf7a23547fda210b823fd4e0757423cde2321ec9d882b307a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
expires
Thu, 04 Nov 2021 09:43:18 GMT
last-modified
Thu, 21 Oct 2021 09:43:18 GMT
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
trojan-dropper.php
z-oleg.com/secur/virlist/ 		658 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z-oleg.com/secur/virlist/trojan-dropper.php?bxrand=1634908994580
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx / PHP/7.4.14
Resource Hash
8e50b4a26fa8b6120a3ef6997292e3fb310ba76a02f4e70a15efd8484b88463a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
bx-action-type
get_dynamic
:path
/secur/virlist/trojan-dropper.php?bxrand=1634908994580
pragma
no-cache
bx-cache-mode
HTMLCACHE
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
bx-cache-blocks
[]
bx-ref
:method
GET
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
BX-REF
Accept-Language
de-DE,de;q=0.9
BX-CACHE-MODE
HTMLCACHE
BX-CACHE-BLOCKS
[]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
BX-ACTION-TYPE
get_dynamic

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 13:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bitrix-composite
Ajax (stable)
server
nginx
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-cms
Bitrix Site Manager (e1c767aaa11706c51d98780831dfe4d5)
cache-control
no-store, no-cache, must-revalidate
set-cookie
PHPSESSID=SNx9pXmesHmcE78zUgreLd24i8deY9iu; path=/; HttpOnly
content-type
application/x-javascript; charset=windows-1251
bx-rand
1634908994580
expires
Thu, 19 Nov 1981 08:52:00 GMT
main_02.jpg
z-oleg.com/bitrix/templates/main2/images/ 		585 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/main2/images/main_02.jpg
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
58e05292e53cd9705d9a1eee03495689dc18bc4abdd5fc89418ad3b1364fe423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/main2/images/main_02.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sat, 25 Mar 2006 17:56:19 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
585
expires
Mon, 25 Oct 2021 13:23:14 GMT
l_menu_border.gif
z-oleg.com/bitrix/templates/demo/images/ 		44 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-oleg.com/bitrix/templates/demo/images/l_menu_border.gif
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.188 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
scp93.hosting.reg.ru
Software
nginx /
Resource Hash
0af1479f3aa9fd207ee94d07fc670749600e7a1c3f2a2bacc9f1efcbe88a46e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/demo/images/l_menu_border.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
z-oleg.com
referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/secur/virlist/trojan-dropper.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Feb 2006 13:09:03 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
44
expires
Mon, 25 Oct 2021 13:23:14 GMT
code.js
top-fwz1.mail.ru/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 18:35:46 GMT
server
nginx
etag
W/"60f08002-64db"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Fri, 22 Oct 2021 14:23:14 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
content-encoding
br
last-modified
Fri, 22 Oct 2021 12:25:47 GMT
etag
"6172839b-10089"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65673
expires
Fri, 22 Oct 2021 14:23:14 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9434.pOsR94rAGqBH822ypg-PUHn-W7RColb8dwZC79RiJEe0SSNGpav8jqzfkvQCKcIJ.MV-tT7LB6fl419-qIxPBWtWI6Pc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9434.YfKKNRMpV1amLPAbQdkpLpa9UQD9yY5ygZDIamKM85_XfNCJZmH3ePf3jOW8Kt3S4AMFuzFaOz3gjMltUMos7g%2C%2C.pzaIQ8nUUBAhWlQfyCvGbyvRuh8%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9434.YfKKNRMpV1amLPAbQdkpLpa9UQD9yY5ygZDIamKM85_XfNCJZmH3ePf3jOW8Kt3S4AMFuzFaOz3gjMltUMos7g%2C%2C.pzaIQ8nUUBAhWlQfyCvGbyvRuh8%2C
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9434.YfKKNRMpV1amLPAbQdkpLpa9UQD9yY5ygZDIamKM85_XfNCJZmH3ePf3jOW8Kt3S4AMFuzFaOz3gjMltUMos7g%2C%2C.pzaIQ8nUUBAhWlQfyCvGbyvRuh8%2C
date
Fri, 22 Oct 2021 13:23:14 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: z-oleg.com
URL: https://z-oleg.com/secur/virlist/trojan-dropper.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
last-modified
Wed, 20 Oct 2021 16:44:53 GMT
etag
"61701d55-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 22 Oct 2021 14:23:14 GMT
counter
top-fwz1.mail.ru/ 		43 B
910 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=717989;u=https%3A//z-oleg.com/secur/virlist/trojan-dropper.php;st=1634908994603;title=Trojan-Dropper;s=1600*1200;vp=1600*1617;touch=0;hds=1;frame=0;flash=;sid=1d8305d67b0230f5;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1634908994807%3A1634908994818%3A1%3A799720eecf8b7170da938ca688fd6cef;visible=true;_=0.26964682794776906
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://z-oleg.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://z-oleg.com
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://z-oleg.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://z-oleg.com
access-control-allow-headers
*
1
mc.yandex.com/watch/51481078/
Redirect Chain
  • https://mc.yandex.com/watch/51481078?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A...
  • https://mc.yandex.com/watch/51481078/1?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/51481078/1?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A624%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1104357882134%3Ahid%3A402641536%3Az%3A0%3Ai%3A202101022132314%3Aet%3A1634908995%3Ac%3A1%3Arn%3A918070037%3Arqn%3A1%3Au%3A1634908995272699106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634908993988%3Ads%3A0%2C103%2C385%2C1%2C0%2C0%2C%2C122%2C0%2C%2C%2C%2C615%3Adsn%3A1%2C103%2C385%2C1%2C%2C0%2C%2C124%2C0%2C%2C%2C%2C615%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634908995%3At%3ATrojan-Dropper&t=gdpr%2814%29ti%282%29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c71b326c3551363aec5e216b79e9b5ea37eeaf6724ccd4dc05745e4f6e0f83a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://z-oleg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 22-Oct-2021 13:23:14 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://z-oleg.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 22-Oct-2021 13:23:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Oct 2021 13:23:14 GMT
last-modified
Fri, 22-Oct-2021 13:23:14 GMT
location
/watch/51481078/1?wmode=7&page-url=https%3A%2F%2Fz-oleg.com%2Fsecur%2Fvirlist%2Ftrojan-dropper.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A624%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1104357882134%3Ahid%3A402641536%3Az%3A0%3Ai%3A202101022132314%3Aet%3A1634908995%3Ac%3A1%3Arn%3A918070037%3Arqn%3A1%3Au%3A1634908995272699106%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634908993988%3Ads%3A0%2C103%2C385%2C1%2C0%2C0%2C%2C122%2C0%2C%2C%2C%2C615%3Adsn%3A1%2C103%2C385%2C1%2C%2C0%2C%2C124%2C0%2C%2C%2C%2C615%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634908995%3At%3ATrojan-Dropper&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://z-oleg.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 22-Oct-2021 13:23:14 GMT
tracker
top-fwz1.mail.ru/ 		43 B
910 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=717989;u=https%3A//z-oleg.com/secur/virlist/trojan-dropper.php;st=1634908994603;s=1600*1200;vp=1600*1617;touch=0;hds=1;frame=0;flash=;sid=1d8305d67b0230f5;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1634908993988/////0/2/2/2/105/48/105/490/491/493/615/615/615/914/914/;ni=9.2//4g/0/0/;lvid=1634908994807%3A1634908994903%3A2%3A799720eecf8b7170da938ca688fd6cef;visible=true;_=0.05307232665766737;e=RT/load;et=1634908994902
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://z-oleg.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Oct 2021 13:23:14 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://z-oleg.com
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://z-oleg.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://z-oleg.com
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| frameCacheVars boolean| frameRequestStart string| brname string| BrVer number| timer function| show function| hidden function| GetPos function| hideElement function| showElement number| lastid number| w string| nav object| _tmr function| ym object| Ya object| yaCounter51481078 string| frameDataString

19 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CMS2BRDQTBgB
.yandex.ru/ Name: i
Value: w1vAQFggKuy08ctqyRdVl7t5WeIshJNupqiW9G3CnQj9V3DUapRsX6+Xt1bjTmHWJ0re8YnfETeXSMHwRP8C8crfsiE=
.z-oleg.com/ Name: _ym_uid
Value: 1634908995272699106
.z-oleg.com/ Name: _ym_d
Value: 1634908995
.z-oleg.com/ Name: tmr_lvid
Value: 799720eecf8b7170da938ca688fd6cef
.z-oleg.com/ Name: tmr_lvidTS
Value: 1634908994807
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2382127184fake
.z-oleg.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3982992095fake
.z-oleg.com/ Name: tmr_reqNum
Value: 2
.yandex.com/ Name: yandexuid
Value: 9956925891634908994
.yandex.com/ Name: yuidss
Value: 9956925891634908994
mc.yandex.com/ Name: yabs-sid
Value: 31567431634908994
.yandex.com/ Name: i
Value: oT7Zd4nqjlluhTxFQJK2SPmjotRx1LJkJGinW9+CWyobwhErBGlND8wa1fwc8g33gmlri5NTf+8teG1dwDGFavgHOek=
.yandex.com/ Name: ymex
Value: 1666444994.yrts.1634908994#1666444994.yrtsi.1634908994
.mail.ru/ Name: VID
Value: 3VQddr3iGvI500000W10H425:::0-0-0-68d1402:CAASEHQ-UVbGOkWrpDThL0aoM_YaYC2-Lx8CPQHsYcWWrrUxH-OjvGvD4Se9uflfoUzAeeumDY5vjnGbX1SVTyLrWwysV1aClNVZuS6BFSCW43DVXAYGod1qcZnAt_cZjFctVF1mY3OpEBIXZ4LiY_w4zUe7_g
z-oleg.com/ Name: PHPSESSID
Value: SNx9pXmesHmcE78zUgreLd24i8deY9iu
z-oleg.com/ Name: tmr_detect
Value: 0%7C1634908997074

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9434.YfKKNRMpV1amLPAbQdkpLpa9UQD9yY5ygZDIamKM85_XfNCJZmH3ePf3jOW8Kt3S4AMFuzFaOz3gjMltUMos7g%2C%2C.pzaIQ8nUUBAhWlQfyCvGbyvRuh8%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.com
mc.yandex.ru
top-fwz1.mail.ru
yandex.ru
z-oleg.com
z-oleg.com.images.1c-bitrix-cdn.ru
151.236.71.75
217.69.133.145
31.31.198.188
5.255.255.5
93.158.134.119
007d2c96c5f9a045c466111ebc79924bad9ce81453d651fce13e4a2a44cdb2cc
0af1479f3aa9fd207ee94d07fc670749600e7a1c3f2a2bacc9f1efcbe88a46e7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a3e0af809b7ad8f61a35c78ff2c62c9690bbcd3bd6d22d17cd8198ae27a2ef3
31cbf69ea7244f2abc84b086654f5577e90f62d8cf6551433bca56fac498c084
471832547885aa1ce97b17d897784315f8e8f7b978fd0c828d357ab068df4871
4e544c35c4747340590f27e4cab2169cd8c1fe6649e6b234c3dbe3c7d89004ed
4ebca46f48b95aefd34cba4babeac1464a7e7c246afde08111c82cde6768c9a9
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e05292e53cd9705d9a1eee03495689dc18bc4abdd5fc89418ad3b1364fe423
6d34cdbef4343edbf7a23547fda210b823fd4e0757423cde2321ec9d882b307a
7bdf15326b7a2d9f5275d6ebb0aaadd32d9391a63d5398356974cd5b193c7572
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87f8db7c15974ae5af5dc12e743aeed6bf73cb934954e6315cd06d4aa95a557a
8e50b4a26fa8b6120a3ef6997292e3fb310ba76a02f4e70a15efd8484b88463a
995a97a788312e6341173dd2fcbdc3bb28cb2cef85067082e037fc4e1c4a13e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b
c1484bea7ce75a393e1155e15544c12886642b44033eb9152f49053460ad4bf6
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
c71b326c3551363aec5e216b79e9b5ea37eeaf6724ccd4dc05745e4f6e0f83a5
ce9ef958ba5ba6dad1ce72a5bcc8d8298e4efd30402e6247b62c287ef2d4332f
f0254ba396b817e4511a42210e2e90baa8449377bdf2437cb43ec020093efb2e