forums.spybot.info Open in urlscan Pro
95.217.134.178  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request showthread.php Show response forums.spybot.info/	18 KB 6 KB	246ms 103ms	Document text/html	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 55c604569c5f5d297e2f9bb30e07a01e4984025ef17024c81fe98decfee87d3e Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-encoding gzip content-length 5446 content-type text/html; charset=ISO-8859-1 date Thu, 14 Apr 2022 13:00:18 GMT pragma private referrer-policy same-origin server nginx strict-transport-security max-age=63072000 x-content-type-options nosniff x-frame-options sameorigin x-xss-protection 1; mode=block
GET H2	200	vbulletin-core.js Show response forums.spybot.info/clientscript/	51 KB 51 KB	43ms 42ms	Script application/javascript	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/vbulletin-core.js?v=425 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash ada61bc4c993b3bc058479977092fad506f5caa9a5fcb4de57d08e4aebdf63f3 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-cadc" x-frame-options sameorigin content-type application/javascript x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 51932 x-content-type-options nosniff
GET H2	200	main-rollup.css forums.spybot.info/clientscript/vbulletin_css/style00005l/	67 KB 67 KB	123ms 123ms	Stylesheet text/css	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 5940e17c86891191130b6a46dd1e16a5cdf462951c857e198042d5488730e0c1 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Fri, 12 May 2017 10:21:23 GMT server nginx etag "59158ca3-10b20" x-frame-options sameorigin content-type text/css x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 68384 x-content-type-options nosniff
GET H2	200	vbulletin_md5.js Show response forums.spybot.info/clientscript/	6 KB 6 KB	124ms 123ms	Script application/javascript	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/vbulletin_md5.js?v=425 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash dd468843ce823ccdbeed2f8858908ba2bd207372524078decc8578493369c765 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-1810" x-frame-options sameorigin content-type application/javascript x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 6160 x-content-type-options nosniff
GET H2	200	additional.css forums.spybot.info/clientscript/vbulletin_css/style00005l/	3 KB 3 KB	123ms 123ms	Stylesheet text/css	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/vbulletin_css/style00005l/additional.css?d=1494584479 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 20e2edc2c83557ba856e042b975598610ccaea97f595a7a692aae67e9da91cbc Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Fri, 12 May 2017 10:21:23 GMT server nginx etag "59158ca3-b87" x-frame-options sameorigin content-type text/css x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 2951 x-content-type-options nosniff
GET H2	200	header.gif forums.spybot.info/images/misc/	26 KB 26 KB	41ms 41ms	Image image/gif	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/misc/header.gif Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 98f8783b51642bbabf30c7c3a8c1a14b44ee7183dee1ce182f9767508dee568b Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Fri, 07 Aug 2015 11:37:33 GMT server nginx etag "55c4987d-674d" x-frame-options sameorigin content-type image/gif x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 26445 x-content-type-options nosniff
GET H2	200	search.png forums.spybot.info/images/buttons/	211 B 455 B	41ms 41ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/buttons/search.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash d960be83bbe3a3f674a200862b0d835a58d56a4b9cff2cbbdf6ac2360590ef00 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-d3" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 211 x-content-type-options nosniff
GET H2	200	navbit-home.png forums.spybot.info/images/misc/	241 B 485 B	41ms 41ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/misc/navbit-home.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash c85826f4126be1fbe84f09341f1c93e26c763854b672fc220374e3699e29390c Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-f1" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 241 x-content-type-options nosniff
GET H2	200	cron.php forums.spybot.info/	43 B 229 B	4128ms 4128ms	Image image/gif	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/cron.php?s=7e521b47ab06aa26a517a29b670e0a76&rand=1649941218 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:22 GMT referrer-policy same-origin server nginx x-frame-options sameorigin content-type image/gif x-xss-protection 1; mode=block strict-transport-security max-age=63072000 content-length 43 x-content-type-options nosniff
GET H2	200	yuiloader-dom-event.js Show response forums.spybot.info/clientscript/yui/yuiloader-dom-event/	60 KB 60 KB	123ms 123ms	Script application/javascript	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/yui/yuiloader-dom-event/yuiloader-dom-event.js?v=425 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash fb0768b04af92d670757d4b1289d6745e27b474e4fb15eff5306d9e57226d9b2 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-f0b3" x-frame-options sameorigin content-type application/javascript x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 61619 x-content-type-options nosniff
GET H2	200	connection-min.js Show response forums.spybot.info/clientscript/yui/connection/	13 KB 13 KB	123ms 123ms	Script application/javascript	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://forums.spybot.info/clientscript/yui/connection/connection-min.js?v=425 Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-33c9" x-frame-options sameorigin content-type application/javascript x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 13257 x-content-type-options nosniff
GET H2	200	newbtn_middle.png forums.spybot.info/images/buttons/	95 B 338 B	41ms 41ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/buttons/newbtn_middle.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 577531aa6d543e84e0fb30a24563d72f46ccbfe3c78a6fcd462a503e2708a4ff Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-5f" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 95 x-content-type-options nosniff
GET H2	200	arrow.png forums.spybot.info/images/misc/	116 B 360 B	41ms 41ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/misc/arrow.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 7821af474aa928dbf032a1989000c9ded519a5cb2fd1e095d115627c212d7149 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-74" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 116 x-content-type-options nosniff
GET H2	200	generic_button.png forums.spybot.info/images/gradients/	104 B 348 B	41ms 41ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/gradients/generic_button.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 95bd9333692538a45adb4357c4ef0f9280e7290a41275d2b80928dd02c021ee0 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-68" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 104 x-content-type-options nosniff
GET H2	200	black_downward_arrow.png forums.spybot.info/images/misc/	135 B 379 B	42ms 40ms	Image image/png	95.217.134.178 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://forums.spybot.info/images/misc/black_downward_arrow.png Requested by Host: forums.spybot.info URL: https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.134.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS forums.spybot.info Software nginx / Resource Hash 7e1c14caabc27a83ff5497a21e498e358595ee80ae0f1a63196813363cbaa5b0 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forums.spybot.info/clientscript/vbulletin_css/style00005l/main-rollup.css?d=1494584479 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT referrer-policy same-origin last-modified Thu, 11 May 2017 03:07:20 GMT server nginx etag "5913d568-87" x-frame-options sameorigin content-type image/png x-xss-protection 1; mode=block strict-transport-security max-age=63072000 accept-ranges bytes content-length 135 x-content-type-options nosniff
GET H2	200	piwik.js Show response stx.spybot.org/	64 KB 25 KB	86ms 10ms	Script application/javascript	2a01:4f8:1c0c:6855::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stx.spybot.org/piwik.js Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2a01:4f8:1c0c:6855::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT content-encoding gzip last-modified Wed, 21 Nov 2018 15:42:24 GMT server nginx etag W/"5bf57ce0-ffb2" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Sat, 14 May 2022 13:00:18 GMT
GET H2	200	piwik.php stx.spybot.org/	43 B 119 B	42ms 42ms	Image image/gif	2a01:4f8:1c0c:6855::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stx.spybot.org/piwik.php?action_name=Safer-Networking%20Forums&idsite=3&rec=1&r=680917&h=13&m=0&s=17&url=https%3A%2F%2Fforums.spybot.info%2Fshowthread.php%3F77654-remove-Generic-Ransom-VxLock-E31AD1D6%5Cu0026s%3D09e6e53c1c41e9882c60d9117e8fb2f5%5Cu0026p%3D486539%5Cu0026viewfull%3D1%23post486539&_id=4525714af6a796b3&_idts=1649941218&_idvc=1&_idn=0&_refts=0&_viewts=1649941218&cs=windows-1252&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=104&pv_id=ouj8tQ Requested by Host: forums.spybot.info URL: https://forums.spybot.info/showthread.php?77654-remove-Generic-Ransom-VxLock-E31AD1D6\u0026s=09e6e53c1c41e9882c60d9117e8fb2f5\u0026p=486539\u0026viewfull=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2a01:4f8:1c0c:6855::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 14 Apr 2022 13:00:18 GMT cache-control no-store server nginx content-type image/gif

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| yuipath string| yuicombopath boolean| remoteyui string| SESSIONURL string| SECURITYTOKEN string| IMGDIR_MISC string| IMGDIR_BUTTON number| vb_disable_ajax string| SIMPLEVERSION string| BBURL boolean| LOGGEDIN string| THIS_SCRIPT string| RELPATH object| PATHS string| AJAXBASEURL object| YAHOO undefined| names object| vbphrase object| vB_Editor boolean| ignorequotechars number| pagenavcounter boolean| is_regexp boolean| AJAX_Compatible object| viewport_info number| vB_Default_Timeout string| userAgent boolean| is_opera boolean| is_saf boolean| is_webtv boolean| is_ie boolean| is_ie4 boolean| is_ie7 boolean| is_ie6 boolean| is_ps3 boolean| is_moz boolean| is_kon boolean| is_ns boolean| is_ns4 boolean| is_mac string| pointer_cursor function| fetch_object function| fetch_tags function| crc32 function| fetch_tag_count function| do_an_e function| e_by_gum function| validatemessage function| stripcode function| truncate_to_word function| vB_PHP_Emulator function| vB_AJAX_Handler function| is_ajax_compatible function| vBulletin_AJAX_Error_Handler function| vB_Hidden_Form function| vB_Select_Overlay_Handler function| openWindow function| getBaseUrl function| js_open_help function| attachments function| who function| imwindow function| SendMSNMessage function| AddMSNContact function| detect_caps_lock function| log_out function| set_cookie function| set_subcookie function| fetch_subcookie function| delete_cookie function| fetch_cookie function| js_toggle_all function| js_select_all function| js_check_all function| js_check_all_option function| checkall function| checkall_option function| resize_textarea function| region_intersects function| fetch_viewport_info function| clear_viewport_info function| center_element function| fetch_all_stylesheets function| highlight_login_box function| toggle_collapse function| vBpagenav function| vbmenu_register function| string_to_node function| set_unselectable function| fetch_sessionhash function| previousSibling function| nextSibling function| construct_phrase function| switch_id function| child_img_alt_2_title function| img_alt_2_title function| do_securitytoken_replacement function| handle_securitytoken_response function| handle_securitytoken_error number| securitytoken_timeout number| securitytoken_errors function| fetch_ajax_url function| replace_securitytoken function| Comment_Init function| vBulletin_init function| vBulletin_Framework object| PHP object| vBulletin function| handle_dismiss_notice_error function| handle_dismiss_notice_ajax function| dismiss_notice function| page_jump function| loadVbCss object| vB_XHTML_Ready function| init_breadcrumb function| register_inlinemod function| register_inlinemod_checkboxes function| InlineModCollection function| InlineModControl function| init_searchboxes function| init_popupmenus function| PopupFactory function| PopupMenu function| init_collapsers function| vBCollapseFactory function| vBCollapse function| apply_collapses function| PostBit_Init function| init_restrain function| vBRestrain number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 function| str_to_ent function| trim function| md5hash function| navbar_username_focus function| navbar_username_blur function| navbar_password_hint function| navbar_password object| _paq string| cookie_name number| cookie_length number| cookie_begin number| value_begin object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			forums.spybot.info/	1969-12-31 23:59:59	Name: snl_sessionhash Value: 7e521b47ab06aa26a517a29b670e0a76
			forums.spybot.info/	1970-01-20 11:04:37	Name: snl_lastvisit Value: 1649941218
			forums.spybot.info/	1970-01-20 11:04:37	Name: snl_lastactivity Value: 0
			forums.spybot.info/	1970-01-20 11:44:56	Name: _pk_id.3.6d81 Value: 4525714af6a796b3.1649941218.1.1649941218.1649941218.
			forums.spybot.info/	1970-01-20 02:19:03	Name: _pk_ses.3.6d81 Value: *

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forums.spybot.info
stx.spybot.org
2a01:4f8:1c0c:6855::1
95.217.134.178
20e2edc2c83557ba856e042b975598610ccaea97f595a7a692aae67e9da91cbc
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c604569c5f5d297e2f9bb30e07a01e4984025ef17024c81fe98decfee87d3e
577531aa6d543e84e0fb30a24563d72f46ccbfe3c78a6fcd462a503e2708a4ff
5940e17c86891191130b6a46dd1e16a5cdf462951c857e198042d5488730e0c1
5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632
7821af474aa928dbf032a1989000c9ded519a5cb2fd1e095d115627c212d7149
7e1c14caabc27a83ff5497a21e498e358595ee80ae0f1a63196813363cbaa5b0
95bd9333692538a45adb4357c4ef0f9280e7290a41275d2b80928dd02c021ee0
98f8783b51642bbabf30c7c3a8c1a14b44ee7183dee1ce182f9767508dee568b
ada61bc4c993b3bc058479977092fad506f5caa9a5fcb4de57d08e4aebdf63f3
c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d
c85826f4126be1fbe84f09341f1c93e26c763854b672fc220374e3699e29390c
d960be83bbe3a3f674a200862b0d835a58d56a4b9cff2cbbdf6ac2360590ef00
dd468843ce823ccdbeed2f8858908ba2bd207372524078decc8578493369c765
fb0768b04af92d670757d4b1289d6745e27b474e4fb15eff5306d9e57226d9b2