www.2-spyware.com Open in urlscan Pro
2606:4700:20::681a:442  Public Scan

33 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.bing.com/ck/a?!&&p=cbf03a89deb2191eJmltdHM9MTY3OTQ0MzIwMCZpZ3VpZD0xZDE3N2MyYS1hMGI3LTY4YjAtMGY1ZS02ZWYwYTE0NjY5MzMmaW5zaWQ9NTE4MA&ptn=3&hsh=3&fclid=1d177c2a-a0b7-68b0-0f5e-6ef0a1466933&psq=adware.zugo%2fwhitesmoke&u=a1aHR0cHM6Ly93d3cuMi1zcHl3YXJlLmNvbS9yZW1vdmUtd2hpdGVzbW9rZS12aXJ1cy5odG1s&ntb=1 Page URL
2. https://www.2-spyware.com/remove-whitesmoke-virus.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	a www.bing.com/ck/	2 KB 2 KB	125ms 53ms	Document text/html	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bing.com/ck/a?!&&p=cbf03a89deb2191eJmltdHM9MTY3OTQ0MzIwMCZpZ3VpZD0xZDE3N2MyYS1hMGI3LTY4YjAtMGY1ZS02ZWYwYTE0NjY5MzMmaW5zaWQ9NTE4MA&ptn=3&hsh=3&fclid=1d177c2a-a0b7-68b0-0f5e-6ef0a1466933&psq=adware.zugo%2fwhitesmoke&u=a1aHR0cHM6Ly93d3cuMi1zcHl3YXJlLmNvbS9yZW1vdmUtd2hpdGVzbW9rZS12aXJ1cy5odG1s&ntb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-origin * cache-control no-cache, must-revalidate content-encoding gzip content-length 1246 content-type text/html; charset=UTF-8 date Wed, 22 Mar 2023 19:44:19 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache vary Accept-Encoding x-cache CONFIG_NOCACHE x-msedge-ref Ref A: C0463F9F93584D5480A70E0E7F974D77 Ref B: DUS30EDGE0409 Ref C: 2023-03-22T19:44:20Z
GET H2	200	Primary Request remove-whitesmoke-virus.html Show response www.2-spyware.com/	140 KB 31 KB	999ms 944ms	Document text/html	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/remove-whitesmoke-virus.html Requested by Host: www.bing.com URL: https://www.bing.com/ck/a?!&&p=cbf03a89deb2191eJmltdHM9MTY3OTQ0MzIwMCZpZ3VpZD0xZDE3N2MyYS1hMGI3LTY4YjAtMGY1ZS02ZWYwYTE0NjY5MzMmaW5zaWQ9NTE4MA&ptn=3&hsh=3&fclid=1d177c2a-a0b7-68b0-0f5e-6ef0a1466933&psq=adware.zugo%2fwhitesmoke&u=a1aHR0cHM6Ly93d3cuMi1zcHl3YXJlLmNvbS9yZW1vdmUtd2hpdGVzbW9rZS12aXJ1cy5odG1s&ntb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c25036b8b44d59ce9cba7e743608842cd245aca6255f8b426d34a2020bd8ffd1 Request headers Referer https://www.bing.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 cf-cache-status DYNAMIC cf-ray 7ac0edbf4ba82bc3-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 22 Mar 2023 19:44:21 GMT link <https://www.2-spyware.com/?p=15791>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7aaAG2%2BJZipGTBYvTSSXiqBuoKRVsv95XKXNY36bw3nc1vRl0MzOnVEpsZssGTVw3u2SuSx%2BIdAvLzBuz743y9o4XzzVHpw%2BIxcX5dTQxOF8hCNtZhGM4Cu5mk6SugYeWttL5rOw%2FubVbzuv830"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding via 1.1 varnish x-pingback https://www.2-spyware.com/news/xmlrpc.php x-varnish 1127795338
GET H2	200	style_2s.min.css www.2-spyware.com/news/wp-content/themes/AskIt/css/	102 KB 26 KB	38ms 38ms	Stylesheet text/css	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/css/style_2s.min.css?ver=1654079379 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f108e1d5678eb11a3af690b9aca312a485fa5315292dafdfdc23968ab1cf433 Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish content-encoding br cf-cache-status HIT last-modified Wed, 01 Jun 2022 10:29:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1058018 etag W/"198b5-5e0605d0a6d80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA%2BPS%2FUU7HGLfnEsIR797xkcgl25LGVTR9%2BiE6gD8CtzxpLjMxFE9O2TCAoMt%2FgNQEDwzCOPWrwYNC7nMICMErf3UbKjc0aAtIZTqdru7X%2B%2Fc%2B2k0QkWMSGOxOB%2F%2Fe0fxXzoCmDndFKCng2ixT%2Bt"}],"group":"cf-nel","max_age":604800} x-varnish 384980753 380859982 content-type text/css cache-control max-age=15854400, public cf-ray 7ac0edc54c6e2bc3-FRA
GET H2	200	jquery-3.5.1.min.js Show response www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/	87 KB 32 KB	32ms 32ms	Script application/javascript	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/jquery-3.5.1.min.js Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish content-encoding br cf-cache-status HIT last-modified Mon, 04 May 2020 23:02:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6676750 etag W/"15d84-5a4da870aa1c0-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvPvU1O9aRfNZ%2F%2BWPQdaa9q37WdIWyV4tDFMm44kCItCAD1sX9Fw5l%2FCo8MYbbklW1oepd%2FAV3YIHqQq2zxogYBap%2F7fCvjgosaT73gqXsF%2Bh7EQnR53NgNkloUsggiwbJJNhYtV2nl0p%2BnQhEuP"}],"group":"cf-nel","max_age":604800} x-varnish 374444018 content-type application/javascript cache-control max-age=15854400, public cf-ray 7ac0edc54c712bc3-FRA
GET H2	200	esol-email.js Show response www.2-spyware.com/news/wp-content/plugins/esol-email/public/js/	2 KB 1 KB	37ms 36ms	Script application/javascript	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/plugins/esol-email/public/js/esol-email.js?ver=1.0.1 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16c7f1315f4fe5316debec23145568a7841f2c52943f806985ee6a5cc9f20f9f Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1058018 cf-polished origSize=3794 cf-bgj minify last-modified Wed, 12 Feb 2020 09:59:55 GMT server cloudflare etag W/"ed2-59e5e08c81cc0-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTVVFpvnnGBrBHSV6cpFr7T9C0OYZiAd9pLe9rq7RUYqoukiP88I7iMrM7byuQjiuCE2p6tmVSgsdA7nZSZTgN3rqAN6MqOdm1KgSH0WGrfu8E0rXH1IOJGx1%2F5xk9zWAZFflwWcuGhA%2F7VlxHJS"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-varnish 384980755 381161021 cache-control max-age=15854400, public cf-ray 7ac0edc55c782bc3-FRA
GET H2	200	all.min.js Show response www.2-spyware.com/news/wp-content/themes/AskIt/js/	23 KB 7 KB	38ms 37ms	Script application/javascript	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/js/all.min.js?ver=1649410853 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 456afc2c22b317a8508cba95c384388993f911de600fe2b4bc1fdfc7129d3202 Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish content-encoding br cf-cache-status HIT last-modified Wed, 01 Jun 2022 10:29:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6676750 etag W/"5ab9-5e0605e5a1f00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2ZmsM7PmbwZRStKzi%2FAkRawvGHQfoXvf%2BHFd5Nw%2FwXOFst%2FTme%2FN9tJmzdkcKcgvwmR%2F1JMIf%2BaqAL5sxlA3Cjv8%2Bt986liz1kK6SYbfi9v8QqZRQUhkLcpVMUEWjrHy9vZ77%2FyiaAcfVnPHEM6"}],"group":"cf-nel","max_age":604800} x-varnish 374444019 content-type application/javascript cache-control max-age=15854400, public cf-ray 7ac0edc55c7a2bc3-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	70ms 20ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 22 Mar 2023 18:05:11 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5950 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Wed, 22 Mar 2023 20:05:11 GMT
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 974dc1308695cbc5c659b0bc59cd7893190f9849736338cfd335049ebf84885f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	logo2x.png www.2-spyware.com/news/wp-content/themes/AskIt/langs/2-spyware.com/	6 KB 7 KB	40ms 40ms	Image image/png	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/langs/2-spyware.com/logo2x.png Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b29e71a8a2c4fe105520843c7a89104eef2e83629eae7587ab1668d75e515341 Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1058017 content-length 6472 last-modified Thu, 11 Jun 2020 12:55:56 GMT server cloudflare etag "1948-5a7ce7b392f00" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts7i43AkGBBDK4%2BLeh4HFY%2BQeIdUPlpqkZ4I%2Fp0rLGsoxD%2FbfxLhr9WnBDn8qWhrZPXN0%2FRLWFc2Np1%2BmVKZNjOkfCyBoTgruTd8f47cN2BL4FDj4053a0VUZgVT7Q434rc5Zi%2BYI8AgGOA25skZ"}],"group":"cf-nel","max_age":604800} x-varnish 384980756 381138568 content-type image/png cache-control max-age=15854400, public accept-ranges bytes cf-ray 7ac0edc56c8e2bc3-FRA
GET DATA	200 OK	truncated /	213 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 08fb2690e59c3d9c8792720208d53650c1e2d3620a34b92c8b909d9f5c600874 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	888 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e4d09d99c552a22d735e9914efd81d2f26ade9005154c04ee42470f88e39d5d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	whitesmoke-virus_en-400x161.png.webp www.2-spyware.com/news/wp-content/uploads/virusai/	3 KB 4 KB	492ms 491ms	Image image/webp	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/virusai/whitesmoke-virus_en-400x161.png.webp Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-whitesmoke-virus.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25564a56512bded9474649ee54dd788193c107db34a52147e6f191a4086607ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish cf-cache-status MISS last-modified Thu, 30 Jul 2020 13:58:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "d50-5aba91191fee0" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OydpOHKckSofupu3v1DZjueMC098Dr30gua%2Fq4XVhvIfNJ4JIVZbMbzWRFCxieaOyn9ERmV00%2Bi6AYHywRwBDuDaJxVIQmI9jxG3iKEDuK%2BbhWH82040JQcDChpn53LUdmeRLt3jO%2B1z9Yylnjzf"}],"group":"cf-nel","max_age":604800} x-varnish 1127795340 content-type image/webp cache-control max-age=15854400, public accept-ranges bytes cf-ray 7ac0edc5acf82bc3-FRA content-length 3408
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 210 B	27ms 27ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1806595989&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2-spyware.com%2Fremove-whitesmoke-virus.html&dr=https%3A%2F%2Fwww.bing.com%2F&ul=en-us&de=UTF-8&dt=Remove%20Whitesmoke%20virus%20-%20Jan%202021%20update&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=239705442&gjid=328147181&cid=2040122729.1679514261&tid=UA-60636-1&_gid=1492056831.1679514261&_r=1&_slc=1&z=2058954777 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.2-spyware.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Mar 2023 19:44:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.2-spyware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	count.php www.hey.lt/	457 B 1 KB	199ms 42ms	Image image/png	109.235.67.100 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Show image Full URL https://www.hey.lt/count.php?id=spyware Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 109.235.67.100 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS server.hey.lt Software Apache / Resource Hash f3cfc875d6eac49ab57646ac149fec31d26fc7bee798d837f3ce612c14a12e33 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Pragma no-cache Date Wed, 22 Mar 2023 19:44:21 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Referrer-Policy same-origin Server Apache Content-Security-Policy frame-ancestors 'self' X-Frame-Options SAMEORIGIN P3P CP="NID" Content-Type image/png Cache-Control max-age=604800 Permissions-Policy geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() Connection close Content-Length 457 Expires Thu, 1 Jan 1970 00:00:00 GMT
GET H2	200	visited-porn-sites-you-are-infected_en-300x169.jpg www.2-spyware.com/news/wp-content/uploads/news/	13 KB 13 KB	31ms 31ms	Image image/jpeg	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/news/visited-porn-sites-you-are-infected_en-300x169.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 883d9a29c0bd21f2e8472bce8248478330399b76c3a2aa8eb27c30c518eafa74 Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6664083 content-length 12969 cf-bgj h2pri last-modified Wed, 02 Jun 2021 07:20:06 GMT server cloudflare etag "32a9-5c3c349be379b" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Noh0aHTxIWG10jmWQrQIjV4FiU6DVC%2FLNndhhby%2FfsPnfaUPnLTHgL%2FGhhZgUCKLpSiu7Kz0izYxkQLe4Fel0FQ4%2B7jsNg6kj2d6iFiuToJdByFO%2BUFnxbvgtKOqA3f3tHP81Txpc1aov3vJlc8"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-varnish 374473403 373565130 cache-control max-age=15854400, public accept-ranges bytes cf-ray 7ac0edc5fd832bc3-FRA
GET H2	200	stay-home-stay-safe-use-vpn_en-300x169.jpg www.2-spyware.com/news/wp-content/uploads/news/	13 KB 14 KB	30ms 29ms	Image image/jpeg	2606:4700:20::681a:442 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/news/stay-home-stay-safe-use-vpn_en-300x169.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:442 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5c0bb759daea41dfbd90a739c37771c2711bd8851a3b68b0360ea7f2f871c4e Request headers accept-language de-DE,de;q=0.9 Referer https://www.2-spyware.com/remove-whitesmoke-virus.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:44:21 GMT via 1.1 varnish cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1057981 content-length 13613 cf-bgj h2pri last-modified Tue, 31 Mar 2020 14:32:30 GMT server cloudflare etag "352d-5a227700c2d9a" vary User-Agent, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pcLmfF5YfN8OX%2Fiq6ZQy6QjJKKSr3bEjLLmac6x4gPPuN%2Faq%2B%2BssS0wpMHKHFmxk0uN9Vy6O5GdDQNQMawpS%2BtHEclID7upnpmJIbjE%2B1KFS4arIzSbPKV4th%2B4BcpY92frK%2Bt3Hen0Kk6tzx%2FF"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-varnish 384980815 cache-control max-age=15854400, public accept-ranges bytes cf-ray 7ac0edc5fd862bc3-FRA

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| embedVars string| base_url string| eue_data function| setlocos object| cookieconsent_options string| GoogleAnalyticsObject function| ga number| floatDownloadButton function| hasClass function| show function| hide function| toggle function| togglemenu function| loadCSS function| $ function| jQuery function| isDateGreaterThan function| addDaysToDate function| initExitIntentModal function| enhance_user_experience function| Carousel function| cookies_enabled function| openinwindow boolean| hasCookieConsent string| token object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.2-spyware.com/	1970-01-20 20:07:54	Name: _ga Value: GA1.2.2040122729.1679514261
			.2-spyware.com/	1970-01-20 10:33:20	Name: _gid Value: GA1.2.1492056831.1679514261
			.2-spyware.com/	1970-01-20 10:31:54	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.2-spyware.com
www.bing.com
www.google-analytics.com
www.hey.lt
109.235.67.100
2606:4700:20::681a:442
2620:1ec:c11::200
2a00:1450:4001:827::200e
08fb2690e59c3d9c8792720208d53650c1e2d3620a34b92c8b909d9f5c600874
16c7f1315f4fe5316debec23145568a7841f2c52943f806985ee6a5cc9f20f9f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25564a56512bded9474649ee54dd788193c107db34a52147e6f191a4086607ed
456afc2c22b317a8508cba95c384388993f911de600fe2b4bc1fdfc7129d3202
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6e4d09d99c552a22d735e9914efd81d2f26ade9005154c04ee42470f88e39d5d
7f108e1d5678eb11a3af690b9aca312a485fa5315292dafdfdc23968ab1cf433
883d9a29c0bd21f2e8472bce8248478330399b76c3a2aa8eb27c30c518eafa74
974dc1308695cbc5c659b0bc59cd7893190f9849736338cfd335049ebf84885f
b29e71a8a2c4fe105520843c7a89104eef2e83629eae7587ab1668d75e515341
c25036b8b44d59ce9cba7e743608842cd245aca6255f8b426d34a2020bd8ffd1
c5c0bb759daea41dfbd90a739c37771c2711bd8851a3b68b0360ea7f2f871c4e
f3cfc875d6eac49ab57646ac149fec31d26fc7bee798d837f3ce612c14a12e33
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d