![](/screenshots/e3ab0673-7125-4809-94f7-2a7cfcb50318.png)
www.2-spyware.com
Open in
urlscan Pro
209.126.117.72
Public Scan
Effective URL: https://www.2-spyware.com/methodist-hospitals-data-breach-may-has-involved-around-70k-potential-victims%7C
Submission: On October 10 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2019. Valid for: 3 months.
This is the only time www.2-spyware.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 209.126.117.72 209.126.117.72 | 30083 (HEG-US) (HEG-US - HEG US Inc.) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a00:1450:400... 2a00:1450:4001:815::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2606:4700:30:... 2606:4700:30::681c:12c5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
27 | 9 |
ASN30083 (HEG-US - HEG US Inc., US)
PTR: usloft4272.serverprofi24.eu
www.2-spyware.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
2-spyware.com
www.2-spyware.com |
139 KB |
5 |
facebook.net
connect.facebook.net |
178 KB |
3 |
facebook.com
staticxx.facebook.com www.facebook.com |
419 B |
2 |
twitter.com
platform.twitter.com |
29 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
track.lt
track.lt |
423 B |
1 |
gstatic.com
www.gstatic.com |
90 KB |
1 |
google.com
www.google.com |
556 B |
27 | 8 |
Domain | Requested by | |
---|---|---|
12 | www.2-spyware.com |
www.2-spyware.com
|
5 | connect.facebook.net |
www.2-spyware.com
connect.facebook.net |
2 | www.facebook.com |
www.2-spyware.com
|
2 | platform.twitter.com |
www.2-spyware.com
platform.twitter.com |
2 | www.google-analytics.com |
www.2-spyware.com
|
1 | track.lt |
www.2-spyware.com
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
www.2-spyware.com
|
27 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
2-spyware.com Let's Encrypt Authority X3 |
2019-09-17 - 2019-12-16 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-09-17 - 2019-12-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-09-22 - 2019-12-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-09-17 - 2019-12-10 |
3 months | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2018-11-19 - 2019-11-27 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2019-09-17 - 2019-12-10 |
3 months | crt.sh |
sni58442.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-09-04 - 2020-03-12 |
6 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.2-spyware.com/methodist-hospitals-data-breach-may-has-involved-around-70k-potential-victims%7C
Frame ID: 1B04A9794E02D7B402D49CBE1D17EBB3
Requests: 26 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=https%3A%2F%2Fwww.2-spyware.com
Frame ID: 8725F348519311F5BC9FBE6A546D1951
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 8409593DF5962F00602F38AD07DBC4ED
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/e3ab0673-7125-4809-94f7-2a7cfcb50318.png)
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
![](/vendor/wappa/icons/Ubuntu.png)
Detected patterns
- headers server /Ubuntu/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() www.2-spyware.com/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
esol-email.css
www.2-spyware.com/news/wp-content/plugins/esol-email/public/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spyware-removal-notifications.css
www.2-spyware.com/news/wp-content/plugins/esol-user-engagement/public/css/ |
10 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style_2s.min.css
www.2-spyware.com/news/wp-content/themes/AskIt/css/ |
207 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
esol-email.js
www.2-spyware.com/news/wp-content/plugins/esol-email/public/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spyware-removal-notifications.js
www.2-spyware.com/news/wp-content/plugins/esol-user-engagement/public/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re_en.jpg
www.2-spyware.com/news/wp-content/uploads/software/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sticky.sidebar.min.js
www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.min.js
www.2-spyware.com/news/wp-content/themes/AskIt/js/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
www.2-spyware.com/news/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
729 B 556 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
122 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2x.png
www.2-spyware.com/news/wp-content/themes/AskIt/langs/2-spyware.com/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
213 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/xw1jR43fRSpRG88iDviKn3qM/ |
253 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
186 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1074032489470605
connect.facebook.net/signals/config/ |
307 KB 78 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame 8725 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inferredEvents.js
connect.facebook.net/signals/plugins/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 8409 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 320 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
track.lt/visitapi/ |
116 B 423 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| base_url string| eue_data object| cookieconsent_options function| $ function| jQuery function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| togglemenu function| isDateGreaterThan function| addDaysToDate function| initExitIntentModal function| SpywareRemovalNotification function| createNotification object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| FB object| recaptcha object| __twttrll object| twttr object| __twttr function| enhance_user_experience function| Carousel function| cookies_enabled function| getParameterByName function| spyAfterDownload function| startDownload function| openinwindow function| addSupportPhone function| getVisitorInformation function| saveVisitorInformation function| addVisitorNotice function| QRCode boolean| hasCookieConsent object| wp string| token function| update_cookieconsent_options6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.facebook.com/ | Name: fr Value: 01MftpKoht9qcXLoM..BdnxQI...1.0.BdnxQI. |
|
.2-spyware.com/ | Name: _fbp Value: fb.1.1570706440363.1512429085 |
|
.2-spyware.com/ | Name: _gid Value: GA1.2.65096823.1570706440 |
|
.2-spyware.com/ | Name: _gat Value: 1 |
|
.2-spyware.com/ | Name: _ga Value: GA1.2.1731105280.1570706440 |
|
www.2-spyware.com/ | Name: 2swsid Value: 0sda490cor0e88nkt9uk9onv70 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
platform.twitter.com
staticxx.facebook.com
track.lt
www.2-spyware.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
209.126.117.72
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::681c:12c5
2a00:1450:4001:800::2004
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
08fb2690e59c3d9c8792720208d53650c1e2d3620a34b92c8b909d9f5c600874
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1675fb3b4ba1e5cdbdffb1fd8472f13324910f0369b741355e63d51b361e208f
2f6ef603274981039710189dea7b7e1f5bc7272e535c8ac4f57a550ea7086c9e
3f4e2f1e38c95fbea12585258e9a69ac4a0339f77242f459424da6c2291f918a
4eb20de8ac176f2c2c99d9a33f8838cf897464662904e216e89c20b8f3a10ae9
57148164b275bbd46c2d0ab437b1c2bf1c4da4a66d0f17ab08c4b9245e799a60
5fd9ccaea2286b43754b7f8303fb2d1a655b409afd6bf3d772366313802fe563
6a49a80c1d6bd5d04d8c24d9e432235dcc85228f7ef462d67c211acf74a1d3a6
6f33adecfa8dacb04b161289c89b2930d80324d5d0baa1c0da86ed08b9c1ebda
7dbb7dd70e19978c77e60e6743c972f6b9c912ae74547437cbb9c5801372d6f1
80a6bce01877600c6d03de14b04d056ad082836258e1800ba43443d7947be01b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21
8f4b6f5b6190eac5b2fe01cf06bfa713d1128c80f445b38e93f62ac810109c7c
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
a8d2b37337089d88bf1b45bf4933c3751419c8d37d667a6d8faf8c83d1c0c3a3
ac2feca4963ef256b5de3dc7f92cd215fe0c5aeb9b77c9326470fdbb52b66579
af30075dc9ac2129799f9fe20ef6f2e49d62d5e18148011415bda19cd504e9bb
b29e71a8a2c4fe105520843c7a89104eef2e83629eae7587ab1668d75e515341
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
be79ce60bc2200a2ce2c467ab82b48080af41be4ea43d071a2eabacb19b1c1a5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0