urlscan.io logo urlscan.io
SecurityTrails logo

www.fxdomains.com Open in urlscan Pro
2606:4700:20::681b:1658  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Submission: On December 12 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2606:4700:20::681b:1658, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.fxdomains.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 24th 2018. Valid for: 6 months.
This is the only time www.fxdomains.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.238.65.199 26496 (AS-26496-...)
1 104.108.66.20 16625 (AKAMAI-AS)
32 8
19    2606:4700:20::681b:1658 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.fxdomains.com
1    2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:81b::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
6    2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
3    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a00:1450:400c:c08::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:824::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:400e:807::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    104.238.65.199 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-104-238-65-199.ip.secureserver.net
storefront.api.secureserver.net
1    104.108.66.20 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-66-20.deploy.static.akamaitechnologies.com
gui.secureserver.net
Domain Requested by
19 www.fxdomains.com www.fxdomains.com
6 fonts.gstatic.com www.fxdomains.com
3 www.google-analytics.com 2 redirects www.googletagmanager.com
2 www.google.de www.fxdomains.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 gui.secureserver.net www.fxdomains.com
1 storefront.api.secureserver.net www.fxdomains.com
1 www.googletagmanager.com www.fxdomains.com
1 fonts.googleapis.com www.fxdomains.com
32 10
Subject Issuer Validity Valid
ssl387523.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-24 -
2019-05-02		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
storefront.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2017-01-05 -
2019-01-05		 2 years crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2016-11-01 -
2019-11-01		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Frame ID: 2DCA6BF2862F29F9E9994D7836A73C7B
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

32
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

1013 kB
Transfer

2097 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1801016775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Domain%20Registration%20%7C%20FXDomains%20-%20a%20name%20for%20everyone&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=1826987723&gjid=175057948&cid=1625926230.1544638875&tid=UA-262242-1&_gid=1745249630.1544638875&_r=1&gtm=2wgbc0TK2RSF&z=449456560 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_gid=1745249630.1544638875&gjid=175057948&_v=j72&z=449456560 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560&slf_rd=1&random=3333985262
Request Chain 29
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1801016775&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Domain%20Registration%20%7C%20FXDomains%20-%20a%20name%20for%20everyone&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=logged-in-status&ea=not-logged-in-unknown-customer&el=unknown&_u=aEBAAEAB~&jid=1867765797&gjid=1221583041&cid=825938732.1544638875&tid=UA-262242-1&_gid=1298495492.1544638875&_r=1&gtm=2wgbc0TK2RSF&z=2009325882 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_gid=1298495492.1544638875&gjid=1221583041&_v=j72&z=2009325882 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882&slf_rd=1&random=2121942085

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fxdomains.com/ 		29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e724568960f60a1ab5dc7e9020bab3c99d7e0506054aadb846b161e8cf4544a0

Request headers

:method
GET
:authority
www.fxdomains.com
:scheme
https
:path
/?q=http://wm.shiquanxian.cn/3.exe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 12 Dec 2018 18:21:14 GMT
content-type
text/html
set-cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874; expires=Thu, 12-Dec-19 18:21:14 GMT; path=/; domain=.fxdomains.com; HttpOnly; Secure
cf-cache-status
HIT
cache-control
public, max-age=1382400
cf-ray
488235a49c5abefd-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 28 Dec 2018 18:21:14 GMT
last-modified
Sat, 24 Nov 2018 22:19:57 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
content-encoding
br
main.css
www.fxdomains.com/wp-content/themes/fxd2017/app/css/ 		122 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb98b3421596705a15deb137e32483b9497b94f597b680512e928e3978708564

Request headers

:path
/wp-content/themes/fxd2017/app/css/main.css
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e135c-1f042-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=1382400
cf-polished
origSize=127042
cf-bgj
minify
cf-ray
488235a58d28befd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
logo-y52-trans-opt.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/logo-y52-trans-opt.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea91a83330dfa4213c8d5f4b6236e127c61de7a97e521392ece57c8b18d47356

Request headers

:path
/wp-content/themes/fxd2017/app/assets/images/logo-y52-trans-opt.png
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2614
status
200
content-disposition
inline; filename="logo-y52-trans-opt.webp"
content-length
2268
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
"1e1368-a36-56eaf44ca6400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a58d29befd-FRA
cf-bgj
imgq:85
XYZ-logo-white.png
www.fxdomains.com/wp-content/uploads/2018/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/uploads/2018/02/XYZ-logo-white.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da568c94052523173422234a916e6f9d02c03967ed812f2038d22393b647ffb2

Request headers

:path
/wp-content/uploads/2018/02/XYZ-logo-white.png
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5276
status
200
content-disposition
inline; filename="XYZ-logo-white.webp"
content-length
2392
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
"1e1354-149c-56eaf44ca6400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a58d2bbefd-FRA
cf-bgj
imgq:85
facebook.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		514 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/facebook.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d

Request headers

:path
/wp-content/themes/fxd2017/app/assets/images/facebook.png
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=603
status
200
content-disposition
inline; filename="facebook.webp"
content-length
514
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
"1e136b-25b-56eaf44ca6400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a59d3fbefd-FRA
cf-bgj
imgq:85
twitter.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		654 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/twitter.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33

Request headers

:path
/wp-content/themes/fxd2017/app/assets/images/twitter.png
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=710
status
200
content-disposition
inline; filename="twitter.webp"
content-length
654
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
"1e1369-2c6-56eaf44ca6400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a59d40befd-FRA
cf-bgj
imgq:85
google.png
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		856 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/google.png
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a

Request headers

:path
/wp-content/themes/fxd2017/app/assets/images/google.png
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=929
status
200
content-disposition
inline; filename="google.webp"
content-length
856
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
"1e136a-3a1-56eaf44ca6400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a59d41befd-FRA
cf-bgj
imgq:85
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d8b9bb4b4bc3e7e5c9c37ea83cc67f477b8565e6821dbf115e9276a9f5feeb4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 12 Dec 2018 18:21:14 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 12 Dec 2018 18:21:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Wed, 12 Dec 2018 18:21:14 GMT
inline.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/inline.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9cf4189d3d42ab6b133e6c20020de5d221349db368896ee0952de99ae56a7

Request headers

:path
/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/inline.bundle.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e136f-553-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-bgj
minify
cf-ray
488235a59d30befd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
polyfills.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8948402794fe986318ea46c83dd768e8a2fdc28fb14e745cf59e687147cc06ad

Request headers

:path
/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e136e-37ffe-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-polished
origSize=229374
cf-bgj
minify
cf-ray
488235a59d3bbefd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
vendor.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		595 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/vendor.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d79af820859ef239e1dd48a0c793a26fbf72686facc6191ec08b50611a91c54

Request headers

:path
/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/vendor.bundle.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e1370-94a71-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-bgj
minify
cf-ray
488235a59d3cbefd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
main.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/ 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/main.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceee0995981281571ec747089b928aeb0f4f5c636034016e3bd872e3ac9cd753

Request headers

:path
/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/main.bundle.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e1371-cd65-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-bgj
minify
cf-ray
488235a59d3dbefd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
vendor.js
www.fxdomains.com/wp-content/themes/fxd2017/app/script/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/vendor.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aacd7296a1814036fd981f237dfa1b1a4ebc18ff7938f28d9a6097feb3570959

Request headers

:path
/wp-content/themes/fxd2017/app/script/vendor.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jun 2018 14:45:36 GMT
server
cloudflare
etag
W/"1e135f-325a5-56eaf44ca6400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-bgj
minify
cf-ray
488235a59d3ebefd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
gtm.js
www.googletagmanager.com/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TK2RSF
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
64b32ff94eb19766922da0eb6ef22dfddedf3f0ec166ecd399fe5d39047c54f2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
content-encoding
gzip
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28502
x-xss-protection
1; mode=block
expires
Wed, 12 Dec 2018 18:21:14 GMT
woman-on-mountain.jpg
www.fxdomains.com/wp-content/uploads/2017/12/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/uploads/2017/12/woman-on-mountain.jpg
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81162fab0e28a5fe08b219109d7997ec8020ff3ca32a762261fd3f55947536ea

Request headers

:path
/wp-content/uploads/2017/12/woman-on-mountain.jpg
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/wp-content/themes/fxd2017
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/wp-content/themes/fxd2017
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
last-modified
Sat, 24 Nov 2018 22:18:18 GMT
server
cloudflare
etag
"1e0165-7a31f-57b707a105e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a5dd6fbefd-FRA
content-length
500511
expires
Fri, 28 Dec 2018 18:21:14 GMT
footer-bg.jpg
www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/images/footer-bg.jpg
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de1fb01d299aea115dc25e34cda050857666d8d3ebd714cf1f9a6a8be9c1578

Request headers

:path
/wp-content/themes/fxd2017/app/assets/images/footer-bg.jpg
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
:scheme
https
:method
GET
Referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=64277
status
200
content-disposition
inline; filename="footer-bg.webp"
content-length
41092
last-modified
Fri, 15 Jun 2018 14:45:40 GMT
server
cloudflare
etag
"1e1367-fb15-56eaf45076d00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 28 Dec 2018 18:21:14 GMT
cache-control
public, max-age=1382400
accept-ranges
bytes
cf-ray
488235a5dd70befd-FRA
cf-bgj
imgq:85
fxdomains-custom.woff
www.fxdomains.com/wp-content/themes/fxd2017/app/fonts/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/fonts/fxdomains-custom.woff
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adfa658d6a62632c614e5f7f3e389216d396d11ba420e3c5d70db8b828c43a2

Request headers

:path
/wp-content/themes/fxd2017/app/fonts/fxdomains-custom.woff
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874
origin
https://www.fxdomains.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.fxdomains.com/wp-content/themes/fxd2017/app/css/main.css
Origin
https://www.fxdomains.com

Response headers

date
Wed, 12 Dec 2018 18:21:14 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 15 Jun 2018 14:45:40 GMT
server
cloudflare
etag
W/"1e1362-f6e0-56eaf45076d00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
font/woff
status
200
cache-control
public, max-age=1382400
cf-ray
488235a5ed78befd-FRA
expires
Fri, 28 Dec 2018 18:21:14 GMT
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Mon, 10 Dec 2018 15:36:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:42 GMT
server
sffe
age
182676
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13596
x-xss-protection
1; mode=block
expires
Tue, 10 Dec 2019 15:36:38 GMT
6xKodSZaM9iE8KbpRA_p2HcYT8L_FYzokA.woff2
fonts.gstatic.com/s/quicksand/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKodSZaM9iE8KbpRA_p2HcYT8L_FYzokA.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d38b99829896a012223985c176ce2fb6553bb03a195f6f7389c57c34999c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Wed, 12 Dec 2018 17:00:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:35 GMT
server
sffe
age
4837
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13536
x-xss-protection
1; mode=block
expires
Thu, 12 Dec 2019 17:00:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Wed, 12 Dec 2018 08:05:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
36957
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10788
x-xss-protection
1; mode=block
expires
Thu, 12 Dec 2019 08:05:17 GMT
6xKodSZaM9iE8KbpRA_pgHYYT8L_FYzokA.woff2
fonts.gstatic.com/s/quicksand/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKodSZaM9iE8KbpRA_pgHYYT8L_FYzokA.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1badeb25ece4bd2006db70a1d549494f39808f6ff810c4e13be2bfc21679a2ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Fri, 07 Dec 2018 21:38:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:08 GMT
server
sffe
age
420137
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12880
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:38:57 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Sat, 08 Dec 2018 16:22:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:04 GMT
server
sffe
age
352703
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10752
x-xss-protection
1; mode=block
expires
Sun, 08 Dec 2019 16:22:51 GMT
6xKodSZaM9iE8KbpRA_pkHEYT8L_FYzokA.woff2
fonts.gstatic.com/s/quicksand/v8/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKodSZaM9iE8KbpRA_pkHEYT8L_FYzokA.woff2
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ff81460517b83711068fc195f9909664a40de558930d7bc45509b57fc270dbad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700|Roboto:100,300,400,500,700,900
Origin
https://www.fxdomains.com

Response headers

date
Wed, 12 Dec 2018 01:41:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:13 GMT
server
sffe
age
59994
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12736
x-xss-protection
1; mode=block
expires
Thu, 12 Dec 2019 01:41:20 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TK2RSF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
1071
date
Wed, 12 Dec 2018 18:03:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Wed, 12 Dec 2018 20:03:23 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1801016775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20Do...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_gid=1745249630.1544638875&gjid=175057948&_v=j72&z=449456560
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560&slf_rd=1&random=3333985262
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560&slf_rd=1&random=3333985262
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400e:807::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Dec 2018 18:21:15 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Dec 2018 18:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=1625926230.1544638875&jid=1826987723&_v=j72&z=449456560&slf_rd=1&random=3333985262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.fxdomains.com/json/extensions/ 		39 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/json/extensions/
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a2bd3140069416ac3ae335178016aea046be4ef4532858fbbcce25d42fcce4

Request headers

:path
/json/extensions/
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874; _ga=GA1.2.1625926230.1544638875; _gid=GA1.2.1745249630.1544638875; _gat_UA-262242-1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Nov 2018 19:25:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/html
status
200
cache-control
public, max-age=1382400
cf-ray
488235a91821befd-FRA
expires
Fri, 28 Dec 2018 18:21:15 GMT
/
storefront.api.secureserver.net/api/v1/cart/107236/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://storefront.api.secureserver.net/api/v1/cart/107236/
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.238.65.199 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-104-238-65-199.ip.secureserver.net
Software
nginx /
Resource Hash
01d018f3dfeb545761f3ee8f0ddc73a959bda0319804aecadc5c57c81a531164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Origin
https://www.fxdomains.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Dec 2018 18:21:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"f-JGOZqebtWmC91HHGqqfrd8haDRM"
X-Download-Options
noopen
X-Frame-Options
DENY
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.fxdomains.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin, Accept-Encoding
Content-Length
15
X-XSS-Protection
1; mode=block
/
www.fxdomains.com/ss/tester/ 		101 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/ss/tester/?mode=STOREFRONTAPI
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.6
Resource Hash
b26ada7582b16821f28315a2874af278ba1b35bedb4f9b27911235d95c346139

Request headers

:path
/ss/tester/?mode=STOREFRONTAPI
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874; _ga=GA1.2.1625926230.1544638875; _gid=GA1.2.1745249630.1544638875; _gat_UA-262242-1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:15 GMT
content-encoding
br
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
x-powered-by
PHP/7.2.6
status
200
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1000
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1382400
access-control-allow-credentials
true
cf-ray
488235a92830befd-FRA
access-control-allow-headers
Origin, Content-Type, X-Auth-Token , Authorization, AuthLastUpdated, RealAuth
expires
Fri, 28 Dec 2018 18:21:15 GMT
ts.bundle.js
www.fxdomains.com/wp-content/themes/fxd2017/app/script/ 		21 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/ts.bundle.js
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1f8740baeb89fdfb8ae897a4249e5d21e249eb20e2054f2e14049e875eb103

Request headers

:path
/wp-content/themes/fxd2017/app/script/ts.bundle.js
pragma
no-cache
cookie
__cfduid=ddec67bb8167b9f621a07d4b63fb622431544638874; _ga=GA1.2.1625926230.1544638875; _gid=GA1.2.1745249630.1544638875; _gat_UA-262242-1=1
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
application/x-es-module, */*
cache-control
no-cache
:authority
www.fxdomains.com
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:scheme
https
:method
GET
Accept
application/x-es-module, */*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Nov 2018 22:05:11 GMT
server
cloudflare
etag
W/"1e135e-5577-57b704b27b3c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=1382400
cf-bgj
minify
cf-ray
488235a9686abefd-FRA
expires
Fri, 28 Dec 2018 18:21:15 GMT
standardheaderfooter
gui.secureserver.net//pcjson/ 		397 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gui.secureserver.net//pcjson/standardheaderfooter?ci=17368&prog_id=FXDomains&marketid=de-DE&callback=jQuery32108792251803979234_1544638875090&plid=107236&_=1544638875091
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/script/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.66.20 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-66-20.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash
c1929012fe86fd2da008be2acf6e2411164fc9ff54539a8564d1ab6426d488d2

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 Dec 2018 18:21:15 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
X-Powered-By
ARR/2.5, ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
397
Expires
-1
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1801016775&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.fxdomains.com%2F%3Fq%3Dhttp%3A%2F%2Fwm.shiquanxian.cn%2F3.exe&ul=en-us&de=UTF-8&dt=Cheap%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_gid=1298495492.1544638875&gjid=1221583041&_v=j72&z=2009325882
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882&slf_rd=1&random=2121942085
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882&slf_rd=1&random=2121942085
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400e:807::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Dec 2018 18:21:15 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Dec 2018 18:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-262242-1&cid=825938732.1544638875&jid=1867765797&_v=j72&z=2009325882&slf_rd=1&random=2121942085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
trace
www.fxdomains.com/cdn-cgi/ 		263 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.fxdomains.com/cdn-cgi/trace
Requested by
Host: www.fxdomains.com
URL: https://www.fxdomains.com/wp-content/themes/fxd2017/app/assets/angular/fx-domain-search/polyfills.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681b:1658 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
884d499b6222ebb07a5d068924c9ca92a96abccf63678af23cc8b7dca000a1c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/cdn-cgi/trace
pragma
no-cache
cookie
_ga=GA1.2.825938732.1544638875; _gid=GA1.2.1298495492.1544638875; _gat_UA-262242-1=1; DISCOUNTEDCOMSHOWN=true
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.fxdomains.com
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
:method
GET
Accept
*/*
Referer
https://www.fxdomains.com/?q=http://wm.shiquanxian.cn/3.exe
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 18:21:15 GMT
content-encoding
gzip
server
cloudflare
status
200
x-frame-options
SAMEORIGIN
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
set-cookie
__cfduid=d604fcdc55a7ffcd158f31a5d8a90ec591544638875; expires=Thu, 12-Dec-19 18:21:15 GMT; path=/; domain=.fxdomains.com; HttpOnly; Secure
cf-ray
488235ad3c30befd-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| FxOperatingMode function| webpackJsonp object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| true function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| ng object| __zone_symbol__focusfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| fxApi object| __zone_symbol__loadfalse function| $ function| jQuery object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse object| __zone_symbol__touchmovefalse function| Tether function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| SystemJS function| Cookies string| FxCountryCode string| FxCurrentTemplate object| FxUserCountryCodes object| allEvents object| localAPI object| compromo function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
.fxdomains.com/ Name: _gid
Value: GA1.2.1298495492.1544638875
www.fxdomains.com/ Name: DISCOUNTEDCOMSHOWN
Value: true
.fxdomains.com/ Name: _gat_UA-262242-1
Value: 1
.fxdomains.com/ Name: _ga
Value: GA1.2.825938732.1544638875

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gui.secureserver.net
stats.g.doubleclick.net
storefront.api.secureserver.net
www.fxdomains.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.108.66.20
104.238.65.199
2606:4700:20::681b:1658
2a00:1450:4001:816::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81b::2008
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9a
2a00:1450:400e:807::2003
01d018f3dfeb545761f3ee8f0ddc73a959bda0319804aecadc5c57c81a531164
0de1fb01d299aea115dc25e34cda050857666d8d3ebd714cf1f9a6a8be9c1578
1badeb25ece4bd2006db70a1d549494f39808f6ff810c4e13be2bfc21679a2ea
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
41b9cf4189d3d42ab6b133e6c20020de5d221349db368896ee0952de99ae56a7
44a2bd3140069416ac3ae335178016aea046be4ef4532858fbbcce25d42fcce4
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
64b32ff94eb19766922da0eb6ef22dfddedf3f0ec166ecd399fe5d39047c54f2
6adfa658d6a62632c614e5f7f3e389216d396d11ba420e3c5d70db8b828c43a2
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33
81162fab0e28a5fe08b219109d7997ec8020ff3ca32a762261fd3f55947536ea
884d499b6222ebb07a5d068924c9ca92a96abccf63678af23cc8b7dca000a1c8
8948402794fe986318ea46c83dd768e8a2fdc28fb14e745cf59e687147cc06ad
8d79af820859ef239e1dd48a0c793a26fbf72686facc6191ec08b50611a91c54
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
aacd7296a1814036fd981f237dfa1b1a4ebc18ff7938f28d9a6097feb3570959
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a
b26ada7582b16821f28315a2874af278ba1b35bedb4f9b27911235d95c346139
b3d38b99829896a012223985c176ce2fb6553bb03a195f6f7389c57c34999c9e
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
c1929012fe86fd2da008be2acf6e2411164fc9ff54539a8564d1ab6426d488d2
ca1f8740baeb89fdfb8ae897a4249e5d21e249eb20e2054f2e14049e875eb103
ceee0995981281571ec747089b928aeb0f4f5c636034016e3bd872e3ac9cd753
d8b9bb4b4bc3e7e5c9c37ea83cc67f477b8565e6821dbf115e9276a9f5feeb4c
da568c94052523173422234a916e6f9d02c03967ed812f2038d22393b647ffb2
e724568960f60a1ab5dc7e9020bab3c99d7e0506054aadb846b161e8cf4544a0
ea91a83330dfa4213c8d5f4b6236e127c61de7a97e521392ece57c8b18d47356
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb98b3421596705a15deb137e32483b9497b94f597b680512e928e3978708564
ff81460517b83711068fc195f9909664a40de558930d7bc45509b57fc270dbad