windowsbulletin.com Open in urlscan Pro
2606:4700:30::681c:1c28 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Submission: On January 02 via manual (January 2nd 2020, 10:14:08 am UTC) from DE

Summary HTTP 40 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 40 HTTP transactions. The main IP is 2606:4700:30::681c:1c28, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is windowsbulletin.com.

This is the only time windowsbulletin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:30:... 2606:4700:30::681c:1c28	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	104.20.2.47 104.20.2.47	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY - Fastly)
6	2606:4700::68... 2606:4700::6810:50a6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY - Fastly)
1	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY - Fastly)
40	8

25 2606:4700:30::681c:1c28 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

windowsbulletin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.2.47 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

windowsbulletin.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:50a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	windowsbulletin.com windowsbulletin.com	138 KB
6	disquscdn.com c.disquscdn.com	225 KB
5	disqus.com windowsbulletin.disqus.com disqus.com links.services.disqus.com	30 KB
2	statcounter.com secure.statcounter.com c.statcounter.com	11 KB
1	moatads.com z.moatads.com	1 KB
1	addthis.com s7.addthis.com	113 KB
40	6

	Domain	Requested by
25	windowsbulletin.com	windowsbulletin.com
6	c.disquscdn.com	windowsbulletin.disqus.com
2	disqus.com	windowsbulletin.disqus.com
2	windowsbulletin.disqus.com	windowsbulletin.com
1	links.services.disqus.com	c.disquscdn.com
1	c.statcounter.com	secure.statcounter.com
1	z.moatads.com	s7.addthis.com
1	secure.statcounter.com	windowsbulletin.com
1	s7.addthis.com	windowsbulletin.com
40	9

This site contains links to these domains. Also see Links.

Domain
link.safecart.com
www.neuber.com

Subject Issuer	Validity	Valid
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.statcounter.com Go Daddy Secure Certificate Authority - G2	`2018-11-18` - `2020-01-17`	a year	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-25` - `2020-03-02`	6 months	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh

This page contains 4 frames:

Primary Page: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Frame ID: 3FDE8815D1ED254DC38020D706D98B87
Requests: 37 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=windowsbulletin&t_i=core-publishing-inc%2Fmaster-hacker%2Flz-exe%20http%3A%2F%2Fwindowsbulletin.com%2Ffiles%2Fexe%2Fcore-publishing-inc%2Fmaster-hacker%2Flz-exe&t_u=http%3A%2F%2Fwindowsbulletin.com%2F%2Ffiles%2Fexe%2Fcore-publishing-inc%2Fmaster-hacker%2Flz-exe&t_e=LZ.EXE&t_d=What%20is%20LZ.EXE%3F%20Is%20it%20Safe%20or%20a%20Virus%3F%20How%20to%20remove%20or%20fix%20it&t_t=LZ.EXE&s_o=default
Frame ID: 91D545177309A43F7F191ED694641B01
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 17CE9FAB35FBBB35B022F64D2A32EF6C
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: F55228923669411631141066DB4BB432
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

40
Requests

35 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

518 kB
Transfer

806 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://link.safecart.com/2f4rnu/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vQVNSX0JsdWVfSW5zdGFsbGVyXzdHQS1pbmFwcC0xRy5leGU?identify
Title: Identify LZ.EXE related errors

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2f4nuk/aHR0cDovL2FkdmFuY2Vkc3lzdGVtcmVwYWlyLmNvbQ?downloadoffer
Title: Website

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2nvh6h/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vRVVMQS5waHA?eula
Title: EULA

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2nv33e/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vUHJpdmFjeS1Qb2xpY3kucGhw?privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2nvscq/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vVW5pbnN0YWxsLnBocA?uninstall
Title: Uninstall

Search URL Search Domain Scan URL

URL: https://www.neuber.com/taskmanager/
Title: Security Task Manager

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2f4rnu/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vQVNSX0JsdWVfSW5zdGFsbGVyXzdHQS1pbmFwcC1HLmV4ZQ?mid
Title: Download PC Repair & Optimizer Tool

Search URL Search Domain Scan URL

URL: https://link.safecart.com/2f4rnu/aHR0cHM6Ly9hZHZhbmNlZHN5c3RlbXJlcGFpci5jb20vQVNSX0JsdWVfSW5zdGFsbGVyXzdHQS1pbmFwcC1HLmV4ZQ?midbutton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set lz-exe Show response
windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/ 53 KB
14 KB 318ms
279ms Document
text/html 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfc4fc30b49cef0b76b9c731d0bf879687932922c86ea49942e1d62e959886d

Request headers

Host: windowsbulletin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df9c2f3ec3179951ac9616b37f9a98a171577960031; expires=Sat, 01-Feb-20 10:13:51 GMT; path=/; domain=.windowsbulletin.com; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 54ebf673083fc2ef-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK widget.css
windowsbulletin.com/wp-content/plugins/yet-another-related-posts-plugin/style/ 771 B
735 B 22ms
16ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 05 Dec 2019 22:49:22 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67539a76359-FRA

GET
H/1.1 200
OK gtranslate-style24.css
windowsbulletin.com/wp-content/plugins/gtranslate/ 693 B
650 B 23ms
17ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 05 Dec 2019 22:48:57 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6753c596461-FRA

GET
H/1.1 200
OK font-awesome.min.css
windowsbulletin.com/wp-content/plugins/arconix-shortcodes/includes/css/ 28 KB
7 KB 282ms
277ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/arconix-shortcodes/includes/css/font-awesome.min.css?ver=4.6.3
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 12 Nov 2018 12:05:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6753ef396bc-FRA

GET
H/1.1 200
OK arconix-shortcodes.min.css
windowsbulletin.com/wp-content/plugins/arconix-shortcodes/includes/css/ 21 KB
3 KB 261ms
255ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/arconix-shortcodes/includes/css/arconix-shortcodes.min.css?ver=2.1.6
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e773f840072a7a6f8f877d8416ceb02a45ca8f70ccf1f48e03bf38c8e56ebd99

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 12 Nov 2018 12:05:32 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6753b83dfeb-FRA

GET
H/1.1 200
OK styles.css
windowsbulletin.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1006 B 69ms
64ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 05 Dec 2019 22:48:50 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67539379748-FRA

GET
H/1.1 200
OK unsemantic-grid.min.css
windowsbulletin.com/wp-content/themes/generatepress/css/ 12 KB
3 KB 33ms
11ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/themes/generatepress/css/unsemantic-grid.min.css?ver=2.2.2
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 21:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67559c26359-FRA

GET
H/1.1 200
OK style.min.css
windowsbulletin.com/wp-content/themes/generatepress/ 26 KB
6 KB 32ms
10ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/themes/generatepress/style.min.css?ver=2.2.2
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42646711dec172b2e58db2f8168c08516754dcdf632565597e6ed5be4e4d737

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 21:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6755c7f6461-FRA

GET
H/1.1 200
OK mobile.min.css
windowsbulletin.com/wp-content/themes/generatepress/css/ 4 KB
1 KB 41ms
9ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/themes/generatepress/css/mobile.min.css?ver=2.2.2
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439998f94c96f632e0b3063b6e019709aa9b30b735cdff32f1dc35bd0a91a7c5

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 21:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6756c8c6461-FRA

GET
H/1.1 200
OK addthis_wordpress_public.min.css
windowsbulletin.com/wp-content/plugins/addthis/frontend/build/ 587 B
636 B 43ms
10ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 12 Jul 2019 12:11:24 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67569d16359-FRA

GET
H/1.1 200
OK style-frontend.css
windowsbulletin.com/wp-content/plugins/easy-custom-auto-excerpt/assets/ 911 B
699 B 51ms
9ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/easy-custom-auto-excerpt/assets/style-frontend.css?ver=2.4.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 30 Sep 2019 12:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6757c9f6461-FRA

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
windowsbulletin.com/wp-includes/js/ 12 KB
5 KB 11ms
10ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 02 Aug 2018 22:08:52 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67579e06359-FRA

GET
H/1.1 200
OK ecae-buttonskin-none.css
windowsbulletin.com/wp-content/plugins/easy-custom-auto-excerpt/buttons/ 304 B
507 B 19ms
17ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/easy-custom-auto-excerpt/buttons/ecae-buttonskin-none.css?ver=2.4.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 30 Sep 2019 12:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf6759cbd6461-FRA

GET
H/1.1 200
OK related.css
windowsbulletin.com/wp-content/plugins/yet-another-related-posts-plugin/style/ 647 B
670 B 13ms
9ms Stylesheet
text/css 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/yet-another-related-posts-plugin/style/related.css?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca28839ba7e005b11dcf8d6de4c24f13f2cc988393ed7a570c41ee88ab092fc

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 05 Dec 2019 22:49:22 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67589ec6359-FRA

GET
H/1.1 200
OK jquery.js Show response
windowsbulletin.com/wp-includes/js/jquery/ 95 KB
33 KB 297ms
285ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 05 Sep 2019 09:36:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf67599f56359-FRA

GET
H/1.1 200
OK jquery-migrate.min.js Show response
windowsbulletin.com/wp-includes/js/jquery/ 10 KB
4 KB 294ms
275ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf675a9c69748-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 82ms
29ms Script
application/javascript 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=4.9.10

Requested by

Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 30 Oct 2019 19:35:04 GMT
server: nginx/1.15.8
etag: "5db9e5e8-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 02 Jan 2020 10:13:51 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H/1.1 200
OK virus-malware.png
windowsbulletin.com/images/ 37 KB
37 KB 23ms
22ms Image
image/png 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsbulletin.com/images/virus-malware.png
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: adaba8cdc0b447df12be9ddc53985e2f3f7c028489922b12a28eeba27bea6e8e

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 02 Apr 2019 15:48:40 GMT
Server: cloudflare
Age: 2510
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54ebf675acda6461-FRA
Content-Length: 37989

GET
H/1.1 200
OK download.png
windowsbulletin.com/images/ 9 KB
9 KB 253ms
253ms Image
image/png 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windowsbulletin.com/images/download.png
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c24696c17d0e59eec12476e3936140f4be08b08585b1860ab3972cbb73967db3

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 24 Sep 2018 21:01:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54ebf67649d8c2ef-FRA
Content-Length: 9133

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 31 KB
10 KB 66ms
24ms Script
application/x-javascript 104.20.2.47
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.2.47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d6c69a7d6fcc15c0ae9ea9fa00f9829e6fcc0f61f06d33827ad6a9dc9c1a44f

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Sep 2019 13:52:34 GMT
server: cloudflare
age: 7336
etag: W/"5d9208a2-7c88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200
cf-ray: 54ebf6769af3c83f-AMS
expires: Thu, 02 Jan 2020 20:11:35 GMT

GET
H/1.1 200
OK scripts.js Show response
windowsbulletin.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 05 Dec 2019 22:48:50 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf676bdf56461-FRA

GET
H/1.1 200
OK comment_count.js Show response
windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/ 889 B
805 B 259ms
259ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:52 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 14 Mar 2019 11:02:47 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf676ce066461-FRA

GET
H/1.1 200
OK comment_embed.js Show response
windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/ 1 KB
869 B 10ms
9ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 14 Mar 2019 11:02:47 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf677dc4d6359-FRA

GET
H/1.1 200
OK menu.min.js Show response
windowsbulletin.com/wp-content/themes/generatepress/js/ 4 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/themes/generatepress/js/menu.min.js?ver=2.2.2
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 21:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf677dcf49748-FRA

GET
H/1.1 200
OK a11y.min.js Show response
windowsbulletin.com/wp-content/themes/generatepress/js/ 2 KB
1 KB 11ms
10ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-content/themes/generatepress/js/a11y.min.js?ver=2.2.2
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 10 Oct 2019 21:20:46 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf677d9fc96bc-FRA

GET
H/1.1 200
OK comment-reply.min.js Show response
windowsbulletin.com/wp-includes/js/ 1 KB
955 B 10ms
9ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-includes/js/comment-reply.min.js?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 18 Nov 2015 19:15:28 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf677db60dfeb-FRA

GET
H/1.1 200
OK wp-embed.min.js Show response
windowsbulletin.com/wp-includes/js/ 1 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:30::681c:1c28
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://windowsbulletin.com/wp-includes/js/wp-embed.min.js?ver=4.9.10
Requested by: Host: windowsbulletin.com
URL: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1c28 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 13 Dec 2018 09:36:14 GMT
Server: cloudflare
Age: 2511
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 54ebf677de76c2ef-FRA

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 56ms
18ms Script
application/x-javascript 95.100.197.246
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=4.9.10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: D4240DA2AA46DA12
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=30920
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: Fr7GkCibvNM2X1qKF6ZxSEYmqLUvxOjmKIPUt5OHHnaxUA9JpjKDPQYHIpQ1Y0JKoSZGAdm2N8k=

POST
H/1.1 200
OK t.php
c.statcounter.com/ 49 B
788 B 352ms
338ms Other
image/gif 104.20.2.47
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://c.statcounter.com/t.php?sc_project=11629149&java=1&security=e0d6e757&u1=F4FD2955D78F4F023FBAB087705CFA24&sc_rum_f_s=0&sc_rum_f_e=626&sc_rum_e_s=843&sc_rum_e_e=847&sc_random=0.09725871095898597&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe&t=What%20is%20LZ.EXE%3F%20Is%20it%20Safe%20or%20a%20Virus%3F%20How%20to%20remove%20or%20fix%20it&sc_snum=1&sc_ev_author=edmoyes&sess=3ca678&p=0&invisible=1
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: HTTP/1.1
Server: 104.20.2.47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Origin: http://windowsbulletin.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 02 Jan 2020 10:13:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 54ebf6783d50c82f-AMS
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK count.js Show response
windowsbulletin.disqus.com/ 1 KB
1 KB 81ms
20ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsbulletin.disqus.com/count.js

Requested by

Host: windowsbulletin.com
URL: http://windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1255332
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 17 Dec 2019 21:28:40 GMT
Server: nginx
ETag: "5df94888-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
windowsbulletin.disqus.com/ 66 KB
22 KB 82ms
21ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsbulletin.disqus.com/embed.js

Requested by

Host: windowsbulletin.com
URL: http://windowsbulletin.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.17

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

adab5def1f5c4282cffaf08c4b4e1fb4a407afa4f6cf8fbb2c9acc87caf7a751

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 02 Jan 2020 10:13:52 GMT
Content-Encoding: gzip
Server: openresty
Age: 66
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22060

GET
H2 200 lounge.91c71242b4acaa0ee7f9db125ef21f90.css
c.disquscdn.com/next/embed/styles/ 0
21 KB 34ms
14ms Other
text/css 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.91c71242b4acaa0ee7f9db125ef21f90.css

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2455101
cf-ray: 54ebf6793a7cdfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 21500
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Dec 2019 00:06:09 GMT
server: cloudflare
etag: "5de849f1-53fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Dec 2020 00:15:29 GMT

GET
H2 200 common.bundle.0b9bbdb3bc568241a5d1d7626947e8b0.js
c.disquscdn.com/next/embed/ 0
89 KB 36ms
17ms Other
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.0b9bbdb3bc568241a5d1d7626947e8b0.js

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1858320
cf-ray: 54ebf6793a80dfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 90481
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Dec 2019 22:20:20 GMT
server: cloudflare
etag: "5df01a24-16171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Dec 2020 22:01:51 GMT

GET
H2 200 lounge.bundle.0523614fef9787c3e3459e0602078385.js
c.disquscdn.com/next/embed/ 0
108 KB 44ms
24ms Other
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.0523614fef9787c3e3459e0602078385.js

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1076165
cf-ray: 54ebf6793a83dfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 110313
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Dec 2019 23:07:17 GMT
server: cloudflare
etag: "5dfd5425-1aee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Dec 2020 23:17:44 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
6 KB 58ms
20ms Other
application/javascript 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 02 Jan 2020 10:13:52 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 56
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 5263
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 91D5 0
0 322ms
322ms Document
text/html 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=windowsbulletin&t_i=core-publishing-inc%2Fmaster-hacker%2Flz-exe%20http%3A%2F%2Fwindowsbulletin.com%2Ffiles%2Fexe%2Fcore-publishing-inc%2Fmaster-hacker%2Flz-exe&t_u=http%3A%2F%2Fwindowsbulletin.com%2F%2Ffiles%2Fexe%2Fcore-publishing-inc%2Fmaster-hacker%2Flz-exe&t_e=LZ.EXE&t_d=What%20is%20LZ.EXE%3F%20Is%20it%20Safe%20or%20a%20Virus%3F%20How%20to%20remove%20or%20fix%20it&t_t=LZ.EXE&s_o=default

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Last-Modified: Thu, 02 Jan 2020 10:13:52 GMT
ETag: W/"lounge:view:7794466156.137fc1a2462ae0c3c963d9fb00d5d349.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 2561
Date: Thu, 02 Jan 2020 10:13:52 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 13ms
13ms Script
application/javascript 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13919169
cf-ray: 54ebf67d784bdfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 6605
x-xss-protection: 1; mode=block
last-modified: Wed, 15 May 2019 00:01:52 GMT
server: cloudflare
etag: "5cdb56f0-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 May 2020 02:07:22 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 17CE 337 B
309 B 34ms
33ms Stylesheet
text/css 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19986778
cf-ray: 54ebf67d7866dfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 19:32:13 GMT
server: cloudflare
etag: "5c2528bd-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2020 01:16:35 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame F552 337 B
396 B 12ms
12ms Stylesheet
text/css 2606:4700::6810:50a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: windowsbulletin.disqus.com
URL: https://windowsbulletin.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Jan 2020 10:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19986778
cf-ray: 54ebf67d7874dfc7-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 19:32:13 GMT
server: cloudflare
etag: "5c2528bd-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2020 01:16:35 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 282 B
910 B 110ms
59ms XHR
text/javascript 151.101.12.64
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=http%3A%2F%2Fwindowsbulletin.com%2Ffiles%2Fexe%2Fcore-publishing-inc%2Fmaster-hacker%2Flz-exe&subId=5614082&v=1&jsonp=vglnk_jsonp_15779600328840
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0d1275f45ed6c51f7ebe7ea2cdae7a8f01c9ec5f41f5881d7331b51d3e8ffbc3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://windowsbulletin.com/files/exe/core-publishing-inc/master-hacker/lz-exe
Origin: http://windowsbulletin.com

Response headers

Pragma: no-cache
Date: Thu, 02 Jan 2020 10:13:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://windowsbulletin.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 282
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windowsbulletin.com/	1970-01-19 06:19:21	Name: __atuvs Value: 5e0dc25f1f3a0121000
windowsbulletin.com/	1970-01-19 15:51:00	Name: __atuvc Value: 1%7C1
.windowsbulletin.com/	1970-01-19 23:50:32	Name: sc_is_visitor_unique Value: rx11629149.1577960032.F4FD2955D78F4F023FBAB087705CFA24.1.1.1.1.1.1.1.1.1
.windowsbulletin.com/	1970-01-19 07:02:32	Name: __cfduid Value: df9c2f3ec3179951ac9616b37f9a98a171577960031

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://windowsbulletin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.disquscdn.com
c.statcounter.com
disqus.com
links.services.disqus.com
s7.addthis.com
secure.statcounter.com
windowsbulletin.com
windowsbulletin.disqus.com
z.moatads.com
104.20.2.47
151.101.112.134
151.101.12.64
151.101.64.134
23.210.248.44
2606:4700:30::681c:1c28
2606:4700::6810:50a6
95.100.197.246
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0d1275f45ed6c51f7ebe7ea2cdae7a8f01c9ec5f41f5881d7331b51d3e8ffbc3
0f39d3bfd77bd9b83cebee50aa8b613675f2482ec939d86abff740ad3babead7
1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
2682757391a011314306df2c712bf76cc920792dd27ebfbbeb4debf7bd2dd029
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
439998f94c96f632e0b3063b6e019709aa9b30b735cdff32f1dc35bd0a91a7c5
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5c2838b480b2a83d43e5383a1c8a5244cd53437bee0d7760ca39fbea7a9a30d3
6ca28839ba7e005b11dcf8d6de4c24f13f2cc988393ed7a570c41ee88ab092fc
6f005368978df37b680de2dc8a22007a600378ba5568a573432a3fdeb8bdb674
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
7cfc4fc30b49cef0b76b9c731d0bf879687932922c86ea49942e1d62e959886d
8d6c69a7d6fcc15c0ae9ea9fa00f9829e6fcc0f61f06d33827ad6a9dc9c1a44f
9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56
a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1
adab5def1f5c4282cffaf08c4b4e1fb4a407afa4f6cf8fbb2c9acc87caf7a751
adaba8cdc0b447df12be9ddc53985e2f3f7c028489922b12a28eeba27bea6e8e
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
c24696c17d0e59eec12476e3936140f4be08b08585b1860ab3972cbb73967db3
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c42646711dec172b2e58db2f8168c08516754dcdf632565597e6ed5be4e4d737
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e773f840072a7a6f8f877d8416ceb02a45ca8f70ccf1f48e03bf38c8e56ebd99
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
f055e217bde76d711bd8b42af773f9f99b8a29d81ad9ed10b6379cc7e6c60452
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

windowsbulletin.com Open in urlscan Pro 2606:4700:30::681c:1c28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

35 %HTTPS

25 %IPv6

6 Domains

9 Subdomains

8 IPs

4 Countries

518 kBTransfer

806 kBSize

4 Cookies

8 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

windowsbulletin.com Open in urlscan Pro
2606:4700:30::681c:1c28 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

35 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

518 kB
Transfer

806 kB
Size

4
Cookies

40 HTTP transactions
0 data transactions