urlscan.io logo urlscan.io
SecurityTrails logo

www.fxdomains.com Open in urlscan Pro
2606:4700:20::6819:2f45  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Submission: On May 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 2606:4700:20::6819:2f45, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fxdomains.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 19th 2020. Valid for: 7 months.
This is the only time www.fxdomains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    2606:4700:20::6819:2f45 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fxdomains.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:26f0:6c00:28a::228b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.secureserver.net
gui.secureserver.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
18 www.fxdomains.com www.fxdomains.com
3 fonts.gstatic.com www.fxdomains.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.fxdomains.com
1 gui.secureserver.net www.fxdomains.com
1 www.google.de www.fxdomains.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.secureserver.net www.fxdomains.com
1 www.googletagmanager.com www.fxdomains.com
1 fonts.googleapis.com www.fxdomains.com
28 10
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-19 -
2020-10-09		 7 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Frame ID: 40C32BAFC4D33A8E1F9F1CF64E36C96A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+ ng-version="([\d.]+)"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

1008 kB
Transfer

2082 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1694927533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Domain%20Registration%20%7C%20FXDomains%20-%20a%20name%20for%20everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=480708298&gjid=941481859&cid=556209709.1590486169&tid=UA-262242-1&_gid=317056302.1590486169&_r=1&gtm=2wg5e1TK2RSF&z=492039712 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_gid=317056302.1590486169&gjid=941481859&_v=j82&z=492039712 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712&slf_rd=1&random=2304528276

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fxdomains.com/ 		27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31ff0f2bc740f1d8f99b9fab51740db7a87295a522452a16e6d174431537bc7

Request headers

:method
GET
:authority
www.fxdomains.com
:scheme
https
:path
/?q=http://wm.shiquanxian.cn/3.exe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 09:42:48 GMT
content-type
text/html
set-cookie
__cfduid=d92598e78c1e08e85d501655e9d857ea61590486168; expires=Thu, 25-Jun-20 09:42:48 GMT; path=/; domain=.fxdomains.com; HttpOnly; SameSite=Lax; Secure
cf-ray
59968c5a3b36dfbf-FRA
age
6468798
cache-control
max-age=8640000
cf-cache-status
HIT
cf-bgj
h2pri
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
cf-request-id
02f1f60c620000dfbfac2c1200000001
main.css
www.fxdomains.com/wp-content/themes/fxd2017/app/css/ 		121 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be39809863f21454ff9a68d101965e5924bb305ca7daf716567263271c8d2550

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
185320
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac29dfbf-FRA
cf-request-id
02f1f60ca80000dfbfac2cb200000001
logo-y52-trans-opt.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/logo-y52-trans-opt.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d841181a506ac2a6c42a2f2a57f6b98f4f30e31b40d408587b9481fbd393f153

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
324647
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5aac2bdfbf-FRA
content-length
2614
cf-request-id
02f1f60ca80000dfbfac2cc200000001
facebook.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		603 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/facebook.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
313808
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5aac56dfbf-FRA
content-length
603
cf-request-id
02f1f60cad0000dfbfac2d5200000001
twitter.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		710 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/twitter.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
1511818
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5aac5bdfbf-FRA
content-length
710
cf-request-id
02f1f60cad0000dfbfac2d6200000001
google.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		929 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/google.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e8bba62c061d32b7dae74688b293eaeaf5996017443e5fbcf82c7b1687f61c

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
188946
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5aac5edfbf-FRA
content-length
929
cf-request-id
02f1f60cad0000dfbfac2d7200000001
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85316ec2f091adbcf00909c55952960e8efa7b1f06fb4e8c741b6019f8a25287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 May 2020 09:42:48 GMT
server
ESF
date
Tue, 26 May 2020 09:42:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 May 2020 09:42:48 GMT
inline.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/inline.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9cf4189d3d42ab6b133e6c20020de5d221349db368896ee0952de99ae56a7

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
180443
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac4bdfbf-FRA
cf-request-id
02f1f60cad0000dfbfac2d0200000001
polyfills.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		224 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bc4408f1f7027abc2b9d532c2451cf158debe37724b7d6147d3803a56aa8ee

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac4ddfbf-FRA
cf-request-id
02f1f60cad0000dfbfac2d1200000001
vendor.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		595 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/vendor.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d79af820859ef239e1dd48a0c793a26fbf72686facc6191ec08b50611a91c54

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
h2pri
server
cloudflare
age
2959097
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac4fdfbf-FRA
cf-request-id
02f1f60cad0000dfbfac2d2200000001
main.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/main.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28cb50c14b513316ee926a7561ece927a0b9dd32b64105fff3c5e743f0606740

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac51dfbf-FRA
cf-request-id
02f1f60cad0000dfbfac2d3200000001
vendor.js
www.fxdomains.com/wp-content/themes/fxd2017/app/script/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/vendor.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aacd7296a1814036fd981f237dfa1b1a4ebc18ff7938f28d9a6097feb3570959

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
313807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5aac54dfbf-FRA
cf-request-id
02f1f60cad0000dfbfac2d4200000001
gtm.js
www.googletagmanager.com/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TK2RSF
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36dd6e6f6c6c0e03addf6dbe9b3cc262968fb9a186cb9a2c52502d9564c64f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28082
x-xss-protection
0
last-modified
Tue, 26 May 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 May 2020 09:42:48 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK2RSF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2789
date
Tue, 26 May 2020 08:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 26 May 2020 10:56:19 GMT
woman-on-mountain.jpg
www.fxdomains.com/wp-content/uploads/2018/12/ 		489 KB
489 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/uploads/2018/12/woman-on-mountain.jpg
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81162fab0e28a5fe08b219109d7997ec8020ff3ca32a762261fd3f55947536ea

Request headers

Referer
https://www.fxdomains.com/wp-content/themes/fxd2017
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
cf-bgj
h2pri
server
cloudflare
age
2940752
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5b2d92dfbf-FRA
content-length
500511
cf-request-id
02f1f60cf40000dfbfac2dd200000001
footer-bg.jpg
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/footer-bg.jpg
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bcfd2797ad5fe450a20844e98048d372ac1af13c66df51594998e361f1aa5e

Request headers

Referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
313807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5b2d9edfbf-FRA
content-length
64277
cf-request-id
02f1f60cf70000dfbfac2df200000001
fxdomains-custom.woff
www.fxdomains.com/wp-content/themes/fxd2017/app/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/fonts/fxdomains-custom.woff
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adfa658d6a62632c614e5f7f3e389216d396d11ba420e3c5d70db8b828c43a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
Origin
https://www.fxdomains.com

Response headers

date
Tue, 26 May 2020 09:42:48 GMT
cf-cache-status
HIT
server
cloudflare
age
313807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
status
200
cache-control
max-age=8640000
accept-ranges
bytes
cf-ray
59968c5b2da3dfbf-FRA
content-length
63200
cf-request-id
02f1f60cf80000dfbfac2e0200000001
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Mon, 18 May 2020 23:29:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:46:37 GMT
server
sffe
age
641581
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26160
x-xss-protection
0
expires
Tue, 18 May 2021 23:29:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Sun, 17 May 2020 05:19:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
793393
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Mon, 17 May 2021 05:19:35 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Mon, 18 May 2020 00:54:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
722902
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Tue, 18 May 2021 00:54:26 GMT
/
www.fxdomains.com/json/extensions/ 		39 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/json/extensions/
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4c68790b92a98e3586d7eecd55f7bfbc8f8393d71910d10540689d4689d216

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
h2pri
server
cloudflare
age
2959098
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cache-control
max-age=8640000
cf-ray
59968c5cea44dfbf-FRA
cf-request-id
02f1f60e110000dfbfac2f9200000001
/
www.secureserver.net/api/v1/cart/107236/ 		15 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secureserver.net/api/v1/cart/107236/
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::228b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
01d018f3dfeb545761f3ee8f0ddc73a959bda0319804aecadc5c57c81a531164
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains, max-age=0; includeSubDomains
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
15
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
openresty/1.15.8.2
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 May 2020 09:42:49 GMT
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
Content-Language
en-US
Access-Control-Allow-Origin
https://www.fxdomains.com
Cache-Control
max-age=0, no-cache, no-store
X-ARC
102
ETag
W/"f-JGOZqebtWmC91HHGqqfrd8haDRM"
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Expires
Tue, 26 May 2020 09:42:49 GMT
/
www.fxdomains.com/ss/tester/ 		61 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/ss/tester/?mode=STOREFRONTAPI
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2f8a4acfdd12c550fe3dafa778215dfb7f0bcb650009b6a8d74a4b54f3d194

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
status
500
cf-ray
59968c5cea51dfbf-FRA
content-length
61
cf-request-id
02f1f60e140000dfbfac2fa200000001
ts.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/script/ 		21 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/ts.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
890a8394ff354193aa115a6c4c16c08106cf2d9157a17f863b9ef36d7f4d6547

Request headers

Accept
application/x-es-module, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
h2pri
server
cloudflare
age
2367531
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=8640000
cf-ray
59968c5d0ac5dfbf-FRA
cf-request-id
02f1f60e290000dfbfac2fd200000001
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1694927533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Do...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_gid=317056302.1590486169&gjid=941481859&_v=j82&z=492039712
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712&slf_rd=1&random=2304528276
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712&slf_rd=1&random=2304528276
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 May 2020 09:42:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 May 2020 09:42:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=556209709.1590486169&jid=480708298&_v=j82&z=492039712&slf_rd=1&random=2304528276
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
standardheaderfooter
gui.secureserver.net//pcjson/ 		397 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gui.secureserver.net//pcjson/standardheaderfooter?ci=17368&prog_id=FXDomains&marketid=de-DE&callback=jQuery32104639955124320958_1590486169118&plid=107236&_=1590486169119
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::228b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/8.5 / ARR/2.5
Resource Hash
23a8aa5a25f1ca007bd130259c3361301a41a1290c0851257a0542addc1c97cf

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 09:42:49 GMT
X-AspNet-Version
4.0.30319
X-Powered-By
ARR/2.5
P3P
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Connection
keep-alive
Content-Length
397
Pragma
no-cache
Server
Microsoft-IIS/8.5
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
x-requested-with, content-type, accept, origin, authorization, x-csrftoken
Expires
-1
collect
www.google-analytics.com/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1694927533&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Domain%20Registration%20%7C%20FXDomains%20-%20a%20name%20for%20everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=logged-in-status&ea=not-logged-in-unknown-customer&el=unknown&_u=aEDAAEAB~&jid=&gjid=&cid=556209709.1590486169&tid=UA-262242-1&_gid=317056302.1590486169&gtm=2wg5e1TK2RSF&z=143178540
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 23:29:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
641577
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
trace
www.fxdomains.com/cdn-cgi/ 		280 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/cdn-cgi/trace
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:2f45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac26caba09e8ab6664810aab02f84e84376f0b608fbbda3ded61b89052c18c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 09:42:49 GMT
content-encoding
gzip
server
cloudflare
status
200
x-frame-options
SAMEORIGIN
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
59968c610f17dfbf-FRA
cf-request-id
02f1f610a90000dfbfac343200000001
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| FxOperatingMode function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| true function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| ng object| __zone_symbol__focusfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| fxApi object| __zone_symbol__loadfalse function| $ function| jQuery object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse object| __zone_symbol__touchmovefalse function| Tether function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| SystemJS function| Cookies string| FxCountryCode string| FxCurrentTemplate object| FxUserCountryCodes object| gaplugins object| gaGlobal object| gaData string| promoHtml object| allEvents object| localAPI object| compromo function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

5 Cookies

Domain/Path Name / Value
.fxdomains.com/ Name: _gid
Value: GA1.2.317056302.1590486169
www.fxdomains.com/ Name: DISCOUNTEDCOMSHOWN
Value: true
.fxdomains.com/ Name: _gat_UA-262242-1
Value: 1
.fxdomains.com/ Name: _ga
Value: GA1.2.556209709.1590486169
.fxdomains.com/ Name: __cfduid
Value: d92598e78c1e08e85d501655e9d857ea61590486168

1 Console Messages

Source Level URL
Text
console-api warning URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/main.bundle.js(Line 1)
Message:
SFAPI IS DOWN, switching to SECURESERVER API

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gui.secureserver.net
stats.g.doubleclick.net
www.fxdomains.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.secureserver.net
2606:4700:20::6819:2f45
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:814::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:400c:c00::9c
2a02:26f0:6c00:28a::228b
01d018f3dfeb545761f3ee8f0ddc73a959bda0319804aecadc5c57c81a531164
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
23a8aa5a25f1ca007bd130259c3361301a41a1290c0851257a0542addc1c97cf
28cb50c14b513316ee926a7561ece927a0b9dd32b64105fff3c5e743f0606740
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
36dd6e6f6c6c0e03addf6dbe9b3cc262968fb9a186cb9a2c52502d9564c64f0c
41b9cf4189d3d42ab6b133e6c20020de5d221349db368896ee0952de99ae56a7
44e8bba62c061d32b7dae74688b293eaeaf5996017443e5fbcf82c7b1687f61c
535d31e27871183b70513eff7e011bce2ff2ce3b30bc589b6ebbd805ea0b3ebb
67bcfd2797ad5fe450a20844e98048d372ac1af13c66df51594998e361f1aa5e
6adfa658d6a62632c614e5f7f3e389216d396d11ba420e3c5d70db8b828c43a2
81162fab0e28a5fe08b219109d7997ec8020ff3ca32a762261fd3f55947536ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85316ec2f091adbcf00909c55952960e8efa7b1f06fb4e8c741b6019f8a25287
890a8394ff354193aa115a6c4c16c08106cf2d9157a17f863b9ef36d7f4d6547
8d79af820859ef239e1dd48a0c793a26fbf72686facc6191ec08b50611a91c54
9f2f8a4acfdd12c550fe3dafa778215dfb7f0bcb650009b6a8d74a4b54f3d194
aacd7296a1814036fd981f237dfa1b1a4ebc18ff7938f28d9a6097feb3570959
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
bac26caba09e8ab6664810aab02f84e84376f0b608fbbda3ded61b89052c18c1
be39809863f21454ff9a68d101965e5924bb305ca7daf716567263271c8d2550
ce51a8242cd7db442e699ae88aed60a8411c521792e72bc744725596b2593d45
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1bc4408f1f7027abc2b9d532c2451cf158debe37724b7d6147d3803a56aa8ee
d841181a506ac2a6c42a2f2a57f6b98f4f30e31b40d408587b9481fbd393f153
dd4c68790b92a98e3586d7eecd55f7bfbc8f8393d71910d10540689d4689d216
e31ff0f2bc740f1d8f99b9fab51740db7a87295a522452a16e6d174431537bc7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629