www.2-spyware.com Open in urlscan Pro
2606:4700:20::ac43:4917  Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request remove-jscoinminer.html Show response www.2-spyware.com/	120 KB 26 KB	615ms 593ms	Document text/html	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 985769a8c8f78d49848656a635d5b44e44765fba5a455939dc45f8978429f52b Request headers :method GET :authority www.2-spyware.com :scheme https :path /remove-jscoinminer.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 05 Nov 2020 08:07:22 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d1528a0585f8c3a7da4de8cd7b396481b1604563642; expires=Sat, 05-Dec-20 08:07:22 GMT; path=/; domain=.2-spyware.com; HttpOnly; SameSite=Lax x-pingback https://www.2-spyware.com/news/xmlrpc.php vary Accept-Encoding x-varnish 19051261 age 0 via 1.1 varnish cf-cache-status DYNAMIC cf-request-id 06390b3f500000176694055000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M0SU6oQeP8d%2BoIkeQ3r27lnddaIVbaCEcqhdZFa0qYtwVfaqWreScYeIikcLP%2Fac%2FbEnpeMng1C5UF8vx%2F%2B%2ByoybEeInwresQ53SHKKMLIQlN58w9uEl5rM0knRXWQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5ed514abbf2b1766-FRA content-encoding br
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	134 KB 46 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 46518 x-xss-protection 0 server cafe etag 9272287904180736456 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 05 Nov 2020 08:07:22 GMT
GET H2	200	style_2s.min.css www.2-spyware.com/news/wp-content/themes/AskIt/css/	175 KB 29 KB	599ms 599ms	Stylesheet text/css	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/css/style_2s.min.css?ver=1600852040 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35c8dc891c15cd798cd1a1b2810d589dd56a49bcedb761ba0d660dd59b4147c9 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514af7ebd1766-FRA status 200 content-encoding br cf-request-id 06390b41a900001766a601b000000001 last-modified Thu, 24 Sep 2020 11:58:30 GMT server cloudflare etag W/"2ba3b-5b00deb29c580-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uo%2BKEB%2BuJ7s2FsCVtmHI7tYuGgJhs8yzsbr%2B2X7jTSyT2wena%2BNx7X%2BILcD81KK%2FWWtSMqsm%2BpXP2w5iyIoYHeG9pgCn%2BwlpXEVRRIiVcWoMK9Vw9PK6AjOjhwb%2BrA%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051264 cache-control max-age=15854400, public accept-ranges bytes content-type text/css
GET H2	200	js-coinminer-cpu-miner_en.jpg www.2-spyware.com/news/wp-content/uploads/virusai/	66 KB 67 KB	585ms 585ms	Image image/jpeg	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/virusai/js-coinminer-cpu-miner_en.jpg Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 558a694bcf7fcc37c96cf8ebc0890389190e674e1410f6a8b5cafd50a6034e8d Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514af7eca1766-FRA status 200 content-length 67801 cf-request-id 06390b41ad00001766a71e6000000001 last-modified Fri, 09 Feb 2018 13:02:10 GMT server cloudflare etag "108d9-564c722e6744a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6BCC7tBuQVPDOv%2FyQglY0QxrBvH%2BtvBhEuj%2Fn%2Bn98vNSEKG6ctTyz%2Bwv73Zbn2kcOEXFJZ4GkvjiLiugC7hCkjQZKBDU5kKJyVL4AMJzQdvQI4i7U5AMIMD72qgIUg%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051265 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/jpeg
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:815::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 1077 date Thu, 05 Nov 2020 07:49:25 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Thu, 05 Nov 2020 09:49:25 GMT
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 235211336c520e8d80067a428ccb5b0087f337f0f7d483882789b70162b009e3 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ffaf809cd4f321e6035360d478c941c2cea2b505538b3e6a868bb6a6aac9157 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be06a033e7263813982d2ae74b5641aa7b0e6d3d79ff68355cea3aac4a782071 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ccc509a392f11d8151a502e092695e4978bafdab6c2d6b035cdd9c77a8c146bb Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 099d87ff42af97e745add4fb3a175baeaacc047636d6b868e246696c5decd5ab Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0e40eca43632e189d313d63383275ed4e8f61a526d44b24b6bb1762ff99896de Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	116 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ce67966b3c896df941ba15a0cb64354818827f25e5f145e458e8026cdb4c506a Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	44 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash edd8076d1897300f954c3e2ff22561988017747a10983e2f34c613b3da103549 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	logo2x.png www.2-spyware.com/news/wp-content/themes/AskIt/langs/2-spyware.com/	6 KB 7 KB	128ms 128ms	Image image/png	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/langs/2-spyware.com/logo2x.png Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b29e71a8a2c4fe105520843c7a89104eef2e83629eae7587ab1668d75e515341 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:22 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514af8ee01766-FRA status 200 content-length 6472 cf-request-id 06390b41b400001766f8b0d000000001 last-modified Thu, 11 Jun 2020 12:55:56 GMT server cloudflare etag "1948-5a7ce7b392f00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=osASqi2wS0ZNKMJVh9JQwDmz795Fi9riDrhXN2cPlC6kxcMx472uw5GDBXoIomhqGk8rea1olv3d6EnRdXuJY4gmtljPXlYV7OleTKIv47QsQfxNwtW3Tcie%2BAvNHA%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051263 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/png
GET H2	200	sprites.png www.2-spyware.com/news/wp-content/themes/esolaskit/css/	47 KB 47 KB	581ms 581ms	Image image/png	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/themes/esolaskit/css/sprites.png?v=kff5si3g Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed6df869883f393464c2f4e971af651d37b6cfa3437e2d584786f7084190a096 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514af8ee21766-FRA status 200 content-length 47639 cf-request-id 06390b41b400001766ce227000000001 last-modified Thu, 24 Sep 2020 11:58:30 GMT server cloudflare etag "ba17-5b00deb29c580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gg0s1pwJl1jNXTRLaK0JOhqz6ilgNYFTmHD%2Bcp2G3LAMnNLxGo5rgKr5O7aoxRI0z067t9vFBBICP5F8uoGaJvnIPc09nVj8E0RsBSZtrt4wcjyh5OZN7MvX1RTTAg%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051266 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/png
GET DATA	200 OK	truncated /	410 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24799b6af2d844857a4585203539076f4d0534617397cb8bb442b770187eb7a4 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	213 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 08fb2690e59c3d9c8792720208d53650c1e2d3620a34b92c8b909d9f5c600874 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	embed-scroll.min.js Show response www.2-spyware.com/news/wp-content/plugins/disqus-conditional-load/assets/js/public/	1 KB 829 B	469ms 468ms	Script application/javascript	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/plugins/disqus-conditional-load/assets/js/public/embed-scroll.min.js?ver=11.0.1 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d37d8ff0bd13370c2f0dafa183723a48a0ffad4d93c62ea9d5daf8171370d040 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514afff9d1766-FRA status 200 content-encoding br cf-request-id 06390b41f900001766bf353000000001 last-modified Thu, 20 Dec 2018 01:24:52 GMT server cloudflare etag W/"48a-57d69ff4fa100-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rRVV9ikv44MdOebVVFlAz7FCajhOKW20gNB4hnBfw2LnsWlldY9pbGdprUye2LGZkVq3SSEQyRAdqW4cdI%2BA5feeyJ%2BWX3%2BqJ%2BFqV65SMdWwoE%2Fs9pD2RVKDk0gERg%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051268 cache-control max-age=15854400, public accept-ranges bytes content-type application/javascript
GET H2	200	jquery-3.5.1.min.js Show response www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/	87 KB 30 KB	592ms 591ms	Script application/javascript	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/jquery-3.5.1.min.js Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514afff9f1766-FRA status 200 content-encoding br cf-request-id 06390b41f9000017667fbfa000000001 last-modified Mon, 04 May 2020 23:02:39 GMT server cloudflare etag W/"15d84-5a4da870aa1c0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lqqNDGqO8%2FJX8ak2Eimc%2FsnugbFKkd1gB4zas223IbFqEkuG4sfp4m03jXFpgn8Tvw9rjP9lB519fB%2FAorV4xbAPqAmeY4tEoa2Qa9myiRZEirPzSO803pf0c8Vbwg%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051267 cache-control max-age=15854400, public accept-ranges bytes content-type application/javascript
GET H2	200	esol-email.js Show response www.2-spyware.com/news/wp-content/plugins/esol-email/public/js/	4 KB 1 KB	492ms 491ms	Script application/javascript	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/plugins/esol-email/public/js/esol-email.js?ver=1.0.1 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6ebf212edfaaf5d74025a919eebdd462feed26676999480891b7d9c3159e6d6 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514afffa01766-FRA status 200 content-encoding br cf-request-id 06390b41f9000017667e8d2000000001 last-modified Wed, 12 Feb 2020 09:59:55 GMT server cloudflare etag W/"ed2-59e5e08c81cc0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mFN99HiG6FTv4GELO4g63RK28FBH4lA%2FURwL9qP66%2BD%2Bse1EZaHaMQwGFbzUearpvV2ZR0%2Bevd%2FxaKvJRhnRc%2BLV4D%2FlHk1cubLCvZ3P1vqPVIwYsyxx6KB%2F7BDfdg%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051270 cache-control max-age=15854400, public accept-ranges bytes content-type application/javascript
GET H2	200	all.min.js Show response www.2-spyware.com/news/wp-content/themes/AskIt/js/	52 KB 15 KB	602ms 601ms	Script application/javascript	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.2-spyware.com/news/wp-content/themes/AskIt/js/all.min.js?ver=1603353183 Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/remove-jscoinminer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7cac0f42c2a20696e300d377ab1e5ff06e00aadd62cf9d92d4cfb0a6fd34f92 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514afffa21766-FRA status 200 content-encoding br cf-request-id 06390b41f900001766d1294000000001 last-modified Thu, 22 Oct 2020 10:32:24 GMT server cloudflare etag W/"ce96-5b23ffacd5e00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2VpuPZc%2FidXR%2FHcpNIBlEMp6KAdHe7YeKtQWpgkNaCArdSA01T7Bwnw437A%2FZKbZe2ltUddoDj%2Br0Bv%2F7j7LssYDXiMchxV8JAxk5qJu7Ymn0cLXksaZAbliZkp4%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051269 cache-control max-age=15854400, public accept-ranges bytes content-type application/javascript
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7909baf134ca656d1e4dbc68819638cc2e1e7bdbd8ccaaebc3cf86b3e7a9e4fd Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 411 B	46ms 13ms	XHR text/plain	2a00:1450:4001:815::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1325206954&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2-spyware.com%2Fremove-jscoinminer.html&ul=en-us&de=UTF-8&dt=Remove%20JS%2FCoinMiner%20(Virus%20Removal%20Instructions)%20-%20Tutorial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=793880068&gjid=1003390132&cid=1986712328.1604563643&tid=UA-60636-1&_gid=1842481196.1604563643&_r=1&_slc=1&z=1380824605 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 05 Nov 2020 08:07:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://www.2-spyware.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/	230 KB 86 KB	30ms 30ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 88237 x-xss-protection 0 server cafe etag 8916267561321754551 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 05 Nov 2020 08:07:22 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 2DA0	0 0	6ms 5ms	Document text/html	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20201029/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.2-spyware.com/remove-jscoinminer.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.2-spyware.com/remove-jscoinminer.html Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Thu, 05 Nov 2020 02:32:56 GMT expires Thu, 19 Nov 2020 02:32:56 GMT content-type text/html; charset=UTF-8 etag 5228831996244654541 x-content-type-options nosniff content-encoding gzip server cafe content-length 4745 x-xss-protection 0 age 20066 cache-control public, max-age=1209600 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	203 B 631 B	165ms 57ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.2-spyware.com&callback=_gfp_s_&client=ca-pub-8083807248066628 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software cafe / Resource Hash e3ad7e97b20c67b2e54d07cc9fff7fe935c419175fadd58c64a8ec32c5fd0356 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 status 200 cache-control private content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 832 B	33ms 15ms	Script application/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.2-spyware.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 832 B	35ms 15ms	Script application/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.2-spyware.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	200	ads googleads.g.doubleclick.net/pagead/ Frame F2F3	0 0	84ms 84ms	Document text/html	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8083807248066628&output=html&adk=1812271804&adf=3025194257&lmt=1604563643&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.2-spyware.com%2Fremove-jscoinminer.html&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604563642933&bpp=14&bdt=147&idt=94&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4939790053230&frm=20&pv=2&ga_vid=1986712328.1604563643&ga_sid=1604563643&ga_hid=1325206954&ga_fc=0&iag=0&icsg=142079&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1791129606491027&pem=866&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=113 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8083807248066628&output=html&adk=1812271804&adf=3025194257&lmt=1604563643&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.2-spyware.com%2Fremove-jscoinminer.html&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604563642933&bpp=14&bdt=147&idt=94&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4939790053230&frm=20&pv=2&ga_vid=1986712328.1604563643&ga_sid=1604563643&ga_hid=1325206954&ga_fc=0&iag=0&icsg=142079&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=1791129606491027&pem=866&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=113 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.2-spyware.com/remove-jscoinminer.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.2-spyware.com/remove-jscoinminer.html Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 05 Nov 2020 08:07:23 GMT server cafe content-length 34 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 05-Nov-2020 08:22:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" expires Thu, 05 Nov 2020 08:07:23 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1604493480950496" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27590 x-xss-protection 0 expires Thu, 05 Nov 2020 08:07:23 GMT
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	index.php Show response track.lt/visitapi/	116 B 715 B	100ms 75ms	XHR text/html	2606:4700:3037::681c:12c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://track.lt/visitapi/index.php?r= Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/news/wp-content/themes/esolaskit/js/min/jquery-3.5.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681c:12c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.3.3 Resource Hash be79ce60bc2200a2ce2c467ab82b48080af41be4ea43d071a2eabacb19b1c1a5 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.3.3 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bhv9fPHNwH7Uybi12x2N%2FlLE3ehFvaNef9lkgIEf4jIAn%2BSA0kWy1ha4MYL%2FN1Ph0affLRURE%2FMG3fRssjQMUxYpMtXqzG8df8A7TANmyY75rxIuNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin https://www.2-spyware.com cf-ray 5ed514b47f7b2c0d-FRA cf-request-id 06390b44c800002c0d443f6000000001
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a12f3e66061a3c4f8119cac62d0a4cb88073688a29791cb68f05634d7d283d61 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	count.php www.hey.lt/	459 B 837 B	110ms 35ms	Image image/png	109.235.67.100 RACKRAY UAB Rakrejus
General Check archive.org Show headers Download Go to Show image Full URL https://www.hey.lt/count.php?id=spyware Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 109.235.67.100 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT), Reverse DNS server.hey.lt Software Apache / Resource Hash 5cda43a3c2c1fa9be2196357ee32b24bf786c806dd0201772474f537b6e01748 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Nov 2020 08:07:23 GMT Server Apache P3P CP="NID" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close Content-Type image/png Content-Length 459 Expires Thu, 1 Jan 1970 00:00:00 GMT
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	45ms 32ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 019a193e944aa255e6401c7521395b45e6d0fce6754c666534536f4cdb460c33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6406 x-xss-protection 0
GET H2	200	sprites.png www.2-spyware.com/news/wp-content/themes/esolaskit/css/	47 KB 47 KB	127ms 127ms	Image image/png	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/themes/esolaskit/css/sprites.png?v=kff5si3g Requested by Host: www.2-spyware.com URL: https://www.2-spyware.com/news/wp-content/themes/AskIt/css/style_2s.min.css?ver=1600852040 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed6df869883f393464c2f4e971af651d37b6cfa3437e2d584786f7084190a096 Request headers Referer https://www.2-spyware.com/news/wp-content/themes/AskIt/css/style_2s.min.css?ver=1600852040 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514b4aa0f1766-FRA status 200 content-length 47639 cf-request-id 06390b44e900001766cb854000000001 last-modified Thu, 24 Sep 2020 11:58:30 GMT server cloudflare etag "ba17-5b00deb29c580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o89vxtbIXsVAKlWMMi%2B0q7AJB6hUK9MRuPy3CdXpCtMFhYUJBZFescz5fykbeWxpOnDB6SGjR%2F4KHVMRJ2O04tERv6o8I4sazOvdkf901TGsi32LK%2Bs%2Bch0XhqRyBw%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051272 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/png
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	16 KB 6 KB	32ms 13ms	Script text/javascript	2a00:1450:4001:825::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1603823857801521" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6015 x-xss-protection 0 expires Thu, 05 Nov 2020 08:07:23 GMT
GET H2	200	rubyminer-targets-to-infect-windows-and-linux-servers_en-300x168.jpg www.2-spyware.com/news/wp-content/uploads/news/	13 KB 13 KB	127ms 126ms	Image image/jpeg	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/news/rubyminer-targets-to-infect-windows-and-linux-servers_en-300x168.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85af84df1a4e76ec0f4d9eb70ad401f27afd4de90a63bdf2d87a3ca469fe4396 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:23 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514b4fa861766-FRA status 200 content-length 13433 cf-request-id 06390b451800001766940cc000000001 last-modified Tue, 16 Jan 2018 12:23:20 GMT server cloudflare etag "3479-562e3cbdb5fe8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z49aW%2BXDWpxYqo%2FHJFM4UbFU9HmDtcXfexf5Q4BUgVCv9USIkQ0z%2FBEh36jjpLmmlnvBOM9AhMKgM7KtHySITzHwU0bW3D189h9rLErCHrthpDm9vR0F%2BtxmHrqbUA%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051273 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/jpeg
GET H2	200	blackberry-mobile-site-is-infected-with-monero-mining-malware_en-300x168.jpg www.2-spyware.com/news/wp-content/uploads/news/	10 KB 10 KB	591ms 590ms	Image image/jpeg	2606:4700:20::ac43:4917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.2-spyware.com/news/wp-content/uploads/news/blackberry-mobile-site-is-infected-with-monero-mining-malware_en-300x168.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85ab53517255fbe94bd7613d945ed2e62d7f416af0cc80c75916405db4786990 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 08:07:24 GMT via 1.1 varnish cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} age 0 cf-ray 5ed514b4fa891766-FRA status 200 content-length 10298 cf-request-id 06390b451900001766b711c000000001 last-modified Tue, 09 Jan 2018 12:19:53 GMT server cloudflare etag "283a-56256ee9fa2cf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2BzaE6JdRvqY98kAxF%2FSa0m3ZP%2BY0gyn6%2BILRj3xF%2FHhmuYR2EUgxTaRYuOdMZxOhq1Vnx5KsdIbEKE01WEepIphiqKAYR5bN71a3qp4ksU%2BWsn7fmGm3D3qwwYe1g%3D%3D"}],"group":"cf-nel","max_age":604800} x-varnish 19051285 cache-control max-age=15854400, public accept-ranges bytes, bytes content-type image/jpeg
GET H3-Q050	200	runner.html tpc.googlesyndication.com/sodar/sodar2/219/ Frame E9FF	0 0	33ms 20ms	Document text/html	2a00:1450:4001:825::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/219/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.2-spyware.com/remove-jscoinminer.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.2-spyware.com/remove-jscoinminer.html Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4867 date Thu, 05 Nov 2020 07:39:22 GMT expires Fri, 05 Nov 2021 07:39:22 GMT last-modified Mon, 05 Oct 2020 22:33:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1681 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 32 B	15ms 15ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=1791129606491027&bg=!CAulCyvNAAU7ZAKtO1jMG3bXnAPJXwIAAABPUgAAAA1oAQcKAJVv9wWRP2XfcVZnv85z3z3RgolaOYfz4izb3J4zLgKPYNDYJ50AFAhGJeyPjBsfpLCJNiL7LesPrHyTjy-HcsPqEHKdDvzfwnjudw6_yf7j_hm6znIxkPigqNKAMF4InoSVnqFZCq07-nVw5L-HXB155SV3h6aTUU6Cx8k470RTDes-Sy90In-jIGbdekvCX4ovx-UilpkBqv6wAoLSMwEEzdnEwiDbJ_kg8mct8kwR56us_sezekqExbhqb1ZJz8JpG4b9HlHkTlAr4uz92cHCk66tMASiPJFQ2U_GGgOkl-CMxPmJw1it2d6nMlwuxm2dYjpF9ruRuAs1h7woF_aNMC7dKxBJ-dLPupswxEkDALyTkBJO_n1-07KZOpkjMG7se8RVHYqYV16hVDfHdg2oEwrcoEIDR7aS7VChwDTPMjkJogoB0srD_lN33VCMNgLUoOJ0Y6no97Mk1-9Pq_5bRmQcSX9ENK1BXsdQmS-e6_Ss9pOp4KMwwGLV9RUE9myjNolRIC9GlGDa6rHVDM41BUpE9zYmLneb-qRf_g_RpyxrfizNYcfbi-B36BmIvMAZBz9i-VVoC5-3g3WJm1lTFm0rOCWuYHe7Vr3tsU9AiY5os2vGhEnecUfstz_fRBsaeaK_r_ClFzfUaTZ3PAJPZsrAr43qaW267nGuG9aTOeUcp4-sfI6NlSEBgTdwoYAKUZqAXMDbU_Jt1qg_QGQGTDKFHcmXNHtjp22bF_O1uicoRKeuiR5a_p7MCMJMGsgO5g Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.2-spyware.com/remove-jscoinminer.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 05 Nov 2020 08:07:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| embedVars string| base_url string| eue_data object| adsbygoogle object| cookieconsent_options string| GoogleAnalyticsObject function| ga function| disqus_config number| floatDownloadButton object| countVars object| dclCustomVars function| hasClass function| show function| hide function| toggle function| togglemenu function| sidefix function| loadCSS object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_shortname string| disqus_title function| disqus_config_custom boolean| disqus_loaded string| current_url object| disqus_div function| disqus_comments function| $ function| jQuery function| isDateGreaterThan function| addDaysToDate function| initExitIntentModal function| enhance_user_experience function| Carousel function| cookies_enabled function| getParameterByName function| spyAfterDownload function| startDownload function| openinwindow function| getVisitorInformation function| saveVisitorInformation function| addVisitorNotice function| QRCode boolean| hasCookieConsent string| token function| update_cookieconsent_options object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.2-spyware.com/	1970-01-19 13:44:10	Name: _gid Value: GA1.2.1842481196.1604563643
			.doubleclick.net/	1970-01-19 13:42:44	Name: test_cookie Value: CheckForPermission
			.2-spyware.com/	1970-01-19 13:42:43	Name: _gat Value: 1
			.2-spyware.com/	1970-01-19 14:25:55	Name: __cfduid Value: d1528a0585f8c3a7da4de8cd7b396481b1604563642
			.2-spyware.com/	1970-01-20 07:13:55	Name: _ga Value: GA1.2.1986712328.1604563643
			.2-spyware.com/	1970-01-19 23:04:19	Name: __gads Value: ID=8b80a69ccada069c-22275aef1db90009:T=1604563643:RT=1604563643:S=ALNI_MYkYSVm7E1ip_iq_d-fpBcybmz2MA