URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Submission: On March 05 via manual from KW

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 59 HTTP transactions. The main IP is 2606:4700:30::6812:3da8, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.vir.us.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on February 13th 2019. Valid for: 6 months.
This is the only time www.vir.us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:401... 15169 (GOOGLE)
6 6 2606:4700:30:... 13335 (CLOUDFLAR...)
2 104.20.2.47 13335 (CLOUDFLAR...)
1 192.0.77.32 2635 (AUTOMATTIC)
3 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
59 7
Domain Requested by
53 www.vir.us.com 6 redirects www.vir.us.com
3 fonts.gstatic.com www.vir.us.com
3 secure.gravatar.com www.vir.us.com
1 pixel.wp.com www.vir.us.com
1 c.statcounter.com www.vir.us.com
1 stats.wp.com www.vir.us.com
1 s0.wp.com www.vir.us.com
1 www.statcounter.com www.vir.us.com
1 fonts.googleapis.com www.vir.us.com
59 9

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
twitter.com
wordpress.org
www.designlabthemes.com
Subject Issuer Validity Valid
sni167899.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-02-13 -
2019-08-22
6 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.statcounter.com
Go Daddy Secure Certificate Authority - G2
2018-11-18 -
2020-01-17
a year crt.sh
*.wp.com
Go Daddy Secure Certificate Authority - G2
2018-04-10 -
2020-05-11
2 years crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Frame ID: 24E35968D658CAA2B882AC905FFF8E65
Requests: 59 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-includes\//i
  • meta generator /WordPress( [\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^Gravatar$/i

Overall confidence: 50%
Detected patterns
  • env /^head$/i

Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

59
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

9
Subdomains

7
IPs

2
Countries

2239 kB
Transfer

2504 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.vir.us.com/wp-content/uploads/3.gif HTTP 301
  • https://www.vir.us.com/wp-content/uploads/3.gif
Request Chain 35
  • http://www.vir.us.com/wp-content/uploads/4.gif HTTP 301
  • https://www.vir.us.com/wp-content/uploads/4.gif
Request Chain 36
  • http://www.vir.us.com/wp-content/uploads/lookhere.gif HTTP 301
  • https://www.vir.us.com/wp-content/uploads/lookhere.gif
Request Chain 37
  • http://www.vir.us.com/wp-content/uploads/scn.png HTTP 301
  • https://www.vir.us.com/wp-content/uploads/scn.png
Request Chain 38
  • http://www.vir.us.com/wp-content/uploads/cpmtbl.jpg HTTP 301
  • https://www.vir.us.com/wp-content/uploads/cpmtbl.jpg
Request Chain 39
  • http://www.vir.us.com/wp-content/uploads/disclr.jpg HTTP 301
  • https://www.vir.us.com/wp-content/uploads/disclr.jpg

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
www.vir.us.com/
40 KB
10 KB
Document
General
Full URL
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
5e427ed89c5673d0506a84fd9ca06d2f92474b3ab5d2e62c409cb12ea0e97e80

Request headers

:method
GET
:authority
www.vir.us.com
:scheme
https
:path
/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 05 Mar 2019 08:13:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613; expires=Wed, 04-Mar-20 08:13:33 GMT; path=/; domain=.vir.us.com; HttpOnly; Secure
x-powered-by
PHP/5.6.40
x-cache-handler
wp
last-modified
Sat, 02 Mar 2019 03:24:56 GMT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b2aa19b0bb9c2a1-FRA
content-encoding
br
styles.css
www.vir.us.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
653 B
Stylesheet
General
Full URL
https://www.vir.us.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Nov 2018 09:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2ef5c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
css
fonts.googleapis.com/
13 KB
1001 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%2C400italic%2C700italic%7COxygen%3A400%2C700%2C300&subset=latin%2Clatin-ext
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4016:80a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e1507ca0da139184487a4498268838f6ff2bf9773f176941a5e49a3e4a21cf7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 05 Mar 2019 08:13:33 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 05 Mar 2019 08:13:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Tue, 05 Mar 2019 08:13:33 GMT
fa-icons.min.css
www.vir.us.com/wp-content/themes/the-box/fonts/
3 KB
950 B
Stylesheet
General
Full URL
https://www.vir.us.com/wp-content/themes/the-box/fonts/fa-icons.min.css?ver=1.7
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3bb46581296ce2df25c9e29223b8260fbccc9984c417f029e3f15c198e3b62

Request headers

:path
/wp-content/themes/the-box/fonts/fa-icons.min.css?ver=1.7
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2018 04:33:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2ef6c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
style.css
www.vir.us.com/wp-content/themes/the-box/
37 KB
8 KB
Stylesheet
General
Full URL
https://www.vir.us.com/wp-content/themes/the-box/style.css?ver=1.4.9.1
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e1defa7624523df9bc7d6e5f9317318e0963244785078f587fa99da632d96e

Request headers

:path
/wp-content/themes/the-box/style.css?ver=1.4.9.1
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Feb 2018 04:33:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2ef7c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
jetpack.css
www.vir.us.com/wp-content/plugins/jetpack/css/
67 KB
12 KB
Stylesheet
General
Full URL
https://www.vir.us.com/wp-content/plugins/jetpack/css/jetpack.css?ver=6.7
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90387d412d57482be51e3dd166eb2d172fe71025eeab69aafd6c27921cb30b38

Request headers

:path
/wp-content/plugins/jetpack/css/jetpack.css?ver=6.7
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Nov 2018 09:57:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2ef9c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
jquery.js
www.vir.us.com/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://www.vir.us.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2016 11:00:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2efac2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
jquery-migrate.min.js
www.vir.us.com/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.vir.us.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2016 11:00:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f2efbc2a1-FRA
expires
Tue, 05 Mar 2019 12:13:33 GMT
1-1-768x283.png
www.vir.us.com/wp-content/uploads/
81 KB
81 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/1-1-768x283.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60984bb95aac6a517ee2f306f13a94f9509390f3bfa12f298605befa7ff31a0a

Request headers

:path
/wp-content/uploads/1-1-768x283.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:36:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f2efcc2a1-FRA
content-length
82528
expires
Tue, 05 Mar 2019 12:13:34 GMT
2-1-768x576.png
www.vir.us.com/wp-content/uploads/
52 KB
52 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/2-1-768x576.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
208404789854521f21e537869cf4338b2dd677a70e823293a8de95219dd4c671

Request headers

:path
/wp-content/uploads/2-1-768x576.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:36:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f3efdc2a1-FRA
content-length
53576
expires
Tue, 05 Mar 2019 12:13:34 GMT
3.gif
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/3.gif
  • https://www.vir.us.com/wp-content/uploads/3.gif
41 KB
41 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/3.gif
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3142a70b4d1e6bb21ddffcf0fc0de3f67f0ddbb3b827853b7ed33e570f777315

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8c8c2a1-FRA
content-length
42015
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/3.gif
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f995e272c-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
4-1-768x524.png
www.vir.us.com/wp-content/uploads/
282 KB
283 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/4-1-768x524.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a96c89b1e1aae95dfd6fd9fbf2291c18ac2ea61c39114657a42e4bb8d0f009c

Request headers

:path
/wp-content/uploads/4-1-768x524.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8ffdc2a1-FRA
content-length
289064
expires
Tue, 05 Mar 2019 12:13:34 GMT
5.png
www.vir.us.com/wp-content/uploads/
19 KB
19 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/5.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
740d90f3f90072531f45ee8bcdb4ed6fb49e3a29dda1224c44add064ea435154

Request headers

:path
/wp-content/uploads/5.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8ffec2a1-FRA
content-length
19075
expires
Tue, 05 Mar 2019 12:13:34 GMT
6.png
www.vir.us.com/wp-content/uploads/
23 KB
23 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/6.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35be823b36a9240daad55f2ddbcd8c2f2e331be3f6aca49ec13ae638c79561d6

Request headers

:path
/wp-content/uploads/6.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8800c2a1-FRA
content-length
23045
expires
Tue, 05 Mar 2019 12:13:34 GMT
7.png
www.vir.us.com/wp-content/uploads/
45 KB
45 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/7.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57cd6bb138a7770ac7d96c1623d55b1d9b5b7310ee0a0951b2cf7e7bda07304

Request headers

:path
/wp-content/uploads/7.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:35:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8804c2a1-FRA
content-length
46082
expires
Tue, 05 Mar 2019 12:13:34 GMT
8.png
www.vir.us.com/wp-content/uploads/
189 KB
189 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/8.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd23345dbc2fad0660fd6d5c892ed25c102bdf612665d5a05268df30e58e2e0

Request headers

:path
/wp-content/uploads/8.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8807c2a1-FRA
content-length
193476
expires
Tue, 05 Mar 2019 12:13:34 GMT
9.jpg
www.vir.us.com/wp-content/uploads/
56 KB
57 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/9.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1cddf307308c4ed81b89954413b455ca424b911eaac4c59e6fd427d7f16e28

Request headers

:path
/wp-content/uploads/9.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8811c2a1-FRA
content-length
57750
expires
Tue, 05 Mar 2019 12:13:34 GMT
10.png
www.vir.us.com/wp-content/uploads/
84 KB
84 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/10.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
750aebf6f686e0e71d771c4a110d6e31d10dac97b89437e7c878990faa39066b

Request headers

:path
/wp-content/uploads/10.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8813c2a1-FRA
content-length
85507
expires
Tue, 05 Mar 2019 12:13:34 GMT
11-1.png
www.vir.us.com/wp-content/uploads/
31 KB
31 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/11-1.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0898b99ab9084d849de9c7ce68d74deb51f192757487bdf784ecec6494e4f6

Request headers

:path
/wp-content/uploads/11-1.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:35:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8815c2a1-FRA
content-length
31939
expires
Tue, 05 Mar 2019 12:13:34 GMT
12-1-768x512.jpg
www.vir.us.com/wp-content/uploads/
77 KB
77 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/12-1-768x512.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7deb5812fc932e381342c9a80fbd4e2a922d45667aafd64759b5ec7d09054f55

Request headers

:path
/wp-content/uploads/12-1-768x512.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8817c2a1-FRA
content-length
78756
expires
Tue, 05 Mar 2019 12:13:34 GMT
13.jpg
www.vir.us.com/wp-content/uploads/
25 KB
25 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/13.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cb27d38140a82b370dc3da831d9d00d67215039c08865dc9df99f55bac2a91

Request headers

:path
/wp-content/uploads/13.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:35:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8818c2a1-FRA
content-length
25213
expires
Tue, 05 Mar 2019 12:13:34 GMT
14.png
www.vir.us.com/wp-content/uploads/
158 KB
158 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/14.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0cc52cb52d73d662e6e53d0b93d5e61bb9f44fee77b8e571751e1fa847ea0e

Request headers

:path
/wp-content/uploads/14.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f881bc2a1-FRA
content-length
161749
expires
Tue, 05 Mar 2019 12:13:34 GMT
15.png
www.vir.us.com/wp-content/uploads/
30 KB
30 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/15.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b012c035ece140766aca00b742e58c3838ae59629d720c5c8d2321a33da70f25

Request headers

:path
/wp-content/uploads/15.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f881cc2a1-FRA
content-length
30644
expires
Tue, 05 Mar 2019 12:13:34 GMT
16.jpg
www.vir.us.com/wp-content/uploads/
37 KB
37 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/16.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8c25c5e11d044f17344d0ac4c2825e921146a665fdbf76b63af791ede40042

Request headers

:path
/wp-content/uploads/16.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:35:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f881dc2a1-FRA
content-length
37880
expires
Tue, 05 Mar 2019 12:13:34 GMT
17.png
www.vir.us.com/wp-content/uploads/
30 KB
31 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/17.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8537a68fac560e7e0bdd5f23b4d0decd442d3db6f2fdf2c90b86c2b781bcb7f9

Request headers

:path
/wp-content/uploads/17.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8820c2a1-FRA
content-length
31208
expires
Tue, 05 Mar 2019 12:13:34 GMT
18.jpg
www.vir.us.com/wp-content/uploads/
15 KB
15 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/18.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cc50134aad7a397555ff2a4a3bc623b5d40224d906143c4db48368687c760b

Request headers

:path
/wp-content/uploads/18.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:35:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8821c2a1-FRA
content-length
15472
expires
Tue, 05 Mar 2019 12:13:34 GMT
19-768x534.jpg
www.vir.us.com/wp-content/uploads/
43 KB
43 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/19-768x534.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5247c2ec2e1a91dca79c8f5a77461bf6cabc5bbb99d1881157a848e9ed724071

Request headers

:path
/wp-content/uploads/19-768x534.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8823c2a1-FRA
content-length
43884
expires
Tue, 05 Mar 2019 12:13:34 GMT
20.jpg
www.vir.us.com/wp-content/uploads/
25 KB
26 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/20.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ba58ae7e79cf3e15e2ed13a7016a709058830e7f277a0908c55757df5ded87

Request headers

:path
/wp-content/uploads/20.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8824c2a1-FRA
content-length
26031
expires
Tue, 05 Mar 2019 12:13:34 GMT
21.png
www.vir.us.com/wp-content/uploads/
27 KB
27 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/21.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
483e1d27bb94cfbe721a0b5845dda78254ccbde538c4d40358a4cd463c958783

Request headers

:path
/wp-content/uploads/21.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8825c2a1-FRA
content-length
27629
expires
Tue, 05 Mar 2019 12:13:34 GMT
22.jpg
www.vir.us.com/wp-content/uploads/
39 KB
39 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/22.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62eaa03f47a354c70e51f45105f8edaccdc48fe16ce7a1ba9143d4d81031f175

Request headers

:path
/wp-content/uploads/22.jpg
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8826c2a1-FRA
content-length
39650
expires
Tue, 05 Mar 2019 12:13:34 GMT
23.png
www.vir.us.com/wp-content/uploads/
62 KB
62 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/23.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d53011d57a49c3feb76a770ff6230d830e0774094f3478a97ed5c66839d7af6

Request headers

:path
/wp-content/uploads/23.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8827c2a1-FRA
content-length
63000
expires
Tue, 05 Mar 2019 12:13:34 GMT
24-768x563.png
www.vir.us.com/wp-content/uploads/
80 KB
80 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/24-768x563.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e49cc51199b716cdf08cdfa9211000056b0fbd869b6321e5df01ff06cae67bc

Request headers

:path
/wp-content/uploads/24-768x563.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f882dc2a1-FRA
content-length
82134
expires
Tue, 05 Mar 2019 12:13:34 GMT
25.png
www.vir.us.com/wp-content/uploads/
96 KB
96 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/25.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba06a338904e38e8b2e767853f4de9878ed1e5139f5916700e5db6269195a01

Request headers

:path
/wp-content/uploads/25.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:35:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8830c2a1-FRA
content-length
97952
expires
Tue, 05 Mar 2019 12:13:34 GMT
26-768x627.png
www.vir.us.com/wp-content/uploads/
182 KB
183 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/26-768x627.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f302af1665718b3093476c4c0aabd8208a1cd419c61e858fc471171d6252b4f

Request headers

:path
/wp-content/uploads/26-768x627.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:35 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:34:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8833c2a1-FRA
content-length
186806
expires
Tue, 05 Mar 2019 12:13:34 GMT
27.png
www.vir.us.com/wp-content/uploads/
36 KB
36 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/27.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
555c2e0a12801888271e2d3a94e2328b3217a3627fdee628cfa90432c22a2af2

Request headers

:path
/wp-content/uploads/27.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:34:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8834c2a1-FRA
content-length
36635
expires
Tue, 05 Mar 2019 12:13:34 GMT
28.png
www.vir.us.com/wp-content/uploads/
37 KB
38 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/28.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d03ae1e78492fcff5c110b9e6631850db63f156e87a4fbd6bf2cc4ed9535e07

Request headers

:path
/wp-content/uploads/28.png
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Apr 2017 05:34:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f8836c2a1-FRA
content-length
38392
expires
Tue, 05 Mar 2019 12:13:34 GMT
4.gif
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/4.gif
  • https://www.vir.us.com/wp-content/uploads/4.gif
7 KB
7 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/4.gif
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
240f8c06a8a9c41f4a543c04c80b5d604f309660c8c0288657f55e3e71cc72d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Apr 2017 05:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8ccc2a1-FRA
content-length
7127
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/4.gif
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f9ad22744-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
lookhere.gif
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/lookhere.gif
  • https://www.vir.us.com/wp-content/uploads/lookhere.gif
24 KB
24 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/lookhere.gif
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 02 Sep 2012 10:42:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8c3c2a1-FRA
content-length
24442
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/lookhere.gif
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f9913bea8-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
scn.png
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/scn.png
  • https://www.vir.us.com/wp-content/uploads/scn.png
24 KB
24 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/scn.png
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1cffa228bac7f5d5814e5957b6738c85de135722e1dbdebe6ef1472cce8da3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Apr 2017 04:56:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8cac2a1-FRA
content-length
24948
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/scn.png
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f995f272c-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
cpmtbl.jpg
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/cpmtbl.jpg
  • https://www.vir.us.com/wp-content/uploads/cpmtbl.jpg
10 KB
11 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/cpmtbl.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48505f7745b9f1f8699a08242ea48e9984e61bb2a2630ea9b1e9a0d53407706e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Apr 2017 04:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8c7c2a1-FRA
content-length
10707
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/cpmtbl.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f9f7c274a-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
disclr.jpg
www.vir.us.com/wp-content/uploads/
Redirect Chain
  • http://www.vir.us.com/wp-content/uploads/disclr.jpg
  • https://www.vir.us.com/wp-content/uploads/disclr.jpg
117 KB
117 KB
Image
General
Full URL
https://www.vir.us.com/wp-content/uploads/disclr.jpg
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1257bee13325162baff8ef8e998df05f55cf6fba34b0c6038ec8bc04c16dd6ec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Apr 2017 04:47:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19fc8c0c2a1-FRA
content-length
119983
expires
Tue, 05 Mar 2019 12:13:34 GMT

Redirect headers

Date
Tue, 05 Mar 2019 08:13:34 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://www.vir.us.com/wp-content/uploads/disclr.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4b2aa19f988f273e-FRA
Expires
Tue, 05 Mar 2019 09:13:34 GMT
email-decode.min.js
www.vir.us.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
839 B
Script
General
Full URL
https://www.vir.us.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 25 Feb 2019 16:46:36 GMT
server
cloudflare
etag
W/"5c741bec-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800 public
cf-ray
4b2aa19f8fefc2a1-FRA
expires
Thu, 07 Mar 2019 08:13:34 GMT
counter.js
www.statcounter.com/counter/
28 KB
11 KB
Script
General
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Dec 2018 15:56:10 GMT
server
cloudflare
etag
W/"5c06a39a-71d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=43200
cf-ray
4b2aa1a00f23bc26-LHR
expires
Tue, 05 Mar 2019 20:13:34 GMT
scripts.js
www.vir.us.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://www.vir.us.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Nov 2018 09:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f8ff0c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:34 GMT
devicepx-jetpack.js
s0.wp.com/wp-content/js/
10 KB
3 KB
Script
General
Full URL
https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201909
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 32
date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
server
nginx
etag
W/"5867460b-52b6"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.fra _dfw
expires
Mon, 24 Feb 2020 03:37:47 GMT
gprofiles.js
secure.gravatar.com/js/
20 KB
7 KB
Script
General
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=2019Maraa
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 15:01:14 GMT
server
nginx
etag
W/"5b7ecc3a-50bc"
content-type
application/x-javascript
status
200
cache-control
max-age=604800
expires
Tue, 12 Mar 2019 08:13:34 GMT
wpgroho.js
www.vir.us.com/wp-content/plugins/jetpack/modules/
1015 B
496 B
Script
General
Full URL
https://www.vir.us.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.9.9
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440

Request headers

:path
/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.9.9
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Nov 2018 09:57:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f8ff6c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:34 GMT
navigation.js
www.vir.us.com/wp-content/themes/the-box/js/
836 B
379 B
Script
General
Full URL
https://www.vir.us.com/wp-content/themes/the-box/js/navigation.js?ver=20170220
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbf6870c906d25e653d16327783fa9e03fee1349927e6ce928e25b9244f33cc

Request headers

:path
/wp-content/themes/the-box/js/navigation.js?ver=20170220
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Feb 2018 04:33:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f8ff8c2a1-FRA
expires
Tue, 05 Mar 2019 12:13:34 GMT
wp-embed.min.js
www.vir.us.com/wp-includes/js/
1 KB
752 B
Script
General
Full URL
https://www.vir.us.com/wp-includes/js/wp-embed.min.js?ver=4.9.9
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.9.9
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Dec 2018 03:16:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f8ffbc2a1-FRA
expires
Tue, 05 Mar 2019 12:13:34 GMT
e-201909.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-201909.js
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Mon, 24 Feb 2020 06:59:29 GMT
wp-emoji-release.min.js
www.vir.us.com/wp-includes/js/
12 KB
4 KB
Script
General
Full URL
https://www.vir.us.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.9
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.9.9
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
:scheme
https
:method
GET
Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Aug 2018 01:16:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4b2aa19f883ac2a1-FRA
expires
Tue, 05 Mar 2019 12:13:34 GMT
2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v8/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oxygen/v8/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%2C400italic%2C700italic%7COxygen%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin
https://www.vir.us.com

Response headers

date
Fri, 22 Feb 2019 16:18:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:39:07 GMT
server
sffe
age
921330
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10332
x-xss-protection
1; mode=block
expires
Sat, 22 Feb 2020 16:18:04 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%2C400italic%2C700italic%7COxygen%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin
https://www.vir.us.com

Response headers

date
Tue, 12 Feb 2019 11:42:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:26:10 GMT
server
sffe
age
1801839
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12600
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 11:42:55 GMT
fa-webfont.woff
www.vir.us.com/wp-content/themes/the-box/fonts/
12 KB
12 KB
Font
General
Full URL
https://www.vir.us.com/wp-content/themes/the-box/fonts/fa-webfont.woff
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3da8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
288851bf1d1c608951ae77b294c9a2cbab3ba1870a3e1e532cc432af0847a40e

Request headers

:path
/wp-content/themes/the-box/fonts/fa-webfont.woff
pragma
no-cache
cookie
__cfduid=d0971ebb899529888fc62741fd28d671a1551773613
origin
https://www.vir.us.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.vir.us.com
referer
https://www.vir.us.com/wp-content/themes/the-box/fonts/fa-icons.min.css?ver=1.7
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.vir.us.com/wp-content/themes/the-box/fonts/fa-icons.min.css?ver=1.7
Origin
https://www.vir.us.com

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Feb 2018 04:33:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4b2aa19f983fc2a1-FRA
content-length
12572
expires
Tue, 05 Mar 2019 12:13:34 GMT
2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v8/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oxygen/v8/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C700%2C400italic%2C700italic%7COxygen%3A400%2C700%2C300&subset=latin%2Clatin-ext
Origin
https://www.vir.us.com

Response headers

date
Thu, 21 Feb 2019 04:06:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:39:00 GMT
server
sffe
age
1051649
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10280
x-xss-protection
1; mode=block
expires
Fri, 21 Feb 2020 04:06:05 GMT
t.php
c.statcounter.com/
49 B
371 B
Image
General
Full URL
https://c.statcounter.com/t.php?sc_project=11599168&java=1&security=59175fcc&u1=4C38389F045E4FC2285992AB81E8D033&sc_random=0.10094064319929075&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8&t=Step%20By%20Step%20Guide%20To%20Get%20Rid%20Of%20Infostealer.Jscoffe%20from%20Windows%208%20%E2%80%93%20Virus%20Removal&sc_snum=1&sess=4ea83c&p=0&invisible=1
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
server
cloudflare
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
4b2aa1a04f50bc26-LHR
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
hovercard.min.css
secure.gravatar.com/dist/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2019Maraa
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-1a2e"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Tue, 12 Mar 2019 08:13:34 GMT
services.min.css
secure.gravatar.com/dist/css/
3 KB
564 B
Stylesheet
General
Full URL
https://secure.gravatar.com/dist/css/services.min.css?ver=2019Maraa
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Mar 2019 08:13:34 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-a54"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Tue, 12 Mar 2019 08:13:34 GMT
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A6.7&blog=127830295&post=28947&tz=0&srv=www.vir.us.com&host=www.vir.us.com&ref=&fcp=809&rand=0.10802711594151848
Requested by
Host: www.vir.us.com
URL: https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.vir.us.com/step-by-step-guide-to-get-rid-of-infostealer-jscoffe-from-windows-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 05 Mar 2019 08:13:34 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery number| sc_project number| sc_invisible string| sc_security object| wpcf7 number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int object| _sc_epoch_now number| _sc_epoch_days number| _sc_days_elapsed number| _sc_fix_threshold number| _sc_fix_min_threshold boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors object| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call object| wpcom_img_zoomer object| detectZoom function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz object| WPGroHo object| wp object| _stq string| new_css object| jQuery112402737048293867781 function| st_go function| linktracker_init object| wpcom object| twemoji

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.vir.us.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
fonts.googleapis.com
fonts.gstatic.com
pixel.wp.com
s0.wp.com
secure.gravatar.com
stats.wp.com
www.statcounter.com
www.vir.us.com
104.20.2.47
192.0.76.3
192.0.77.32
2606:4700:30::6812:3ca8
2606:4700:30::6812:3da8
2a00:1450:4001:808::2003
2a00:1450:4016:80a::200a
2a04:fa87:fffe::c000:4902
0a96c89b1e1aae95dfd6fd9fbf2291c18ac2ea61c39114657a42e4bb8d0f009c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1257bee13325162baff8ef8e998df05f55cf6fba34b0c6038ec8bc04c16dd6ec
1f0898b99ab9084d849de9c7ce68d74deb51f192757487bdf784ecec6494e4f6
1f302af1665718b3093476c4c0aabd8208a1cd419c61e858fc471171d6252b4f
208404789854521f21e537869cf4338b2dd677a70e823293a8de95219dd4c671
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
240f8c06a8a9c41f4a543c04c80b5d604f309660c8c0288657f55e3e71cc72d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
288851bf1d1c608951ae77b294c9a2cbab3ba1870a3e1e532cc432af0847a40e
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3142a70b4d1e6bb21ddffcf0fc0de3f67f0ddbb3b827853b7ed33e570f777315
33ba58ae7e79cf3e15e2ed13a7016a709058830e7f277a0908c55757df5ded87
35be823b36a9240daad55f2ddbcd8c2f2e331be3f6aca49ec13ae638c79561d6
483e1d27bb94cfbe721a0b5845dda78254ccbde538c4d40358a4cd463c958783
48505f7745b9f1f8699a08242ea48e9984e61bb2a2630ea9b1e9a0d53407706e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5247c2ec2e1a91dca79c8f5a77461bf6cabc5bbb99d1881157a848e9ed724071
555c2e0a12801888271e2d3a94e2328b3217a3627fdee628cfa90432c22a2af2
58c7edea7429f960e3cc03b3452b271fcab02ac139ac6026d62e38191b1cafa1
5c1cddf307308c4ed81b89954413b455ca424b911eaac4c59e6fd427d7f16e28
5e427ed89c5673d0506a84fd9ca06d2f92474b3ab5d2e62c409cb12ea0e97e80
60984bb95aac6a517ee2f306f13a94f9509390f3bfa12f298605befa7ff31a0a
62eaa03f47a354c70e51f45105f8edaccdc48fe16ce7a1ba9143d4d81031f175
64cc50134aad7a397555ff2a4a3bc623b5d40224d906143c4db48368687c760b
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
6cd23345dbc2fad0660fd6d5c892ed25c102bdf612665d5a05268df30e58e2e0
740d90f3f90072531f45ee8bcdb4ed6fb49e3a29dda1224c44add064ea435154
750aebf6f686e0e71d771c4a110d6e31d10dac97b89437e7c878990faa39066b
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
7ba06a338904e38e8b2e767853f4de9878ed1e5139f5916700e5db6269195a01
7deb5812fc932e381342c9a80fbd4e2a922d45667aafd64759b5ec7d09054f55
8537a68fac560e7e0bdd5f23b4d0decd442d3db6f2fdf2c90b86c2b781bcb7f9
8bbf6870c906d25e653d16327783fa9e03fee1349927e6ce928e25b9244f33cc
8d03ae1e78492fcff5c110b9e6631850db63f156e87a4fbd6bf2cc4ed9535e07
8d3bb46581296ce2df25c9e29223b8260fbccc9984c417f029e3f15c198e3b62
8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440
90387d412d57482be51e3dd166eb2d172fe71025eeab69aafd6c27921cb30b38
97cb27d38140a82b370dc3da831d9d00d67215039c08865dc9df99f55bac2a91
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
9d53011d57a49c3feb76a770ff6230d830e0774094f3478a97ed5c66839d7af6
9e49cc51199b716cdf08cdfa9211000056b0fbd869b6321e5df01ff06cae67bc
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
a7e1defa7624523df9bc7d6e5f9317318e0963244785078f587fa99da632d96e
b012c035ece140766aca00b742e58c3838ae59629d720c5c8d2321a33da70f25
cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
da1cffa228bac7f5d5814e5957b6738c85de135722e1dbdebe6ef1472cce8da3
db0cc52cb52d73d662e6e53d0b93d5e61bb9f44fee77b8e571751e1fa847ea0e
de8c25c5e11d044f17344d0ac4c2825e921146a665fdbf76b63af791ede40042
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
e1507ca0da139184487a4498268838f6ff2bf9773f176941a5e49a3e4a21cf7a
e57cd6bb138a7770ac7d96c1623d55b1d9b5b7310ee0a0951b2cf7e7bda07304
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e