safety30.xyz Open in urlscan Pro
2606:4700:3034::681c:ce7  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response safety30.xyz/jun60694/CHOM01010101010X0SH/	100 KB 43 KB	398ms 271ms	Document text/html	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15ed6d7dbe70790c0d60441f5623430b4df04937e1e1b998552c425bf0a29e1d Request headers :method GET :authority safety30.xyz :scheme https :path /jun60694/CHOM01010101010X0SH/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Wed, 08 Jul 2020 22:09:55 GMT content-type text/html set-cookie __cfduid=de939255fd04b2255b276e841873cb0651594246195; expires=Fri, 07-Aug-20 22:09:55 GMT; path=/; domain=.safety30.xyz; HttpOnly; SameSite=Lax; Secure last-modified Tue, 07 Jul 2020 05:13:54 GMT cf-cache-status DYNAMIC cf-request-id 03d2137f3c00001f2dc61ae200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5afd21deca181f2d-FRA content-encoding br
GET H2	200	alert.css safety30.xyz/jun60694/CHOM01010101010X0SH/	1 KB 573 B	13ms 12ms	Stylesheet text/css	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/alert.css Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efe90901547a23129ee054301b15ab531f9f0d909c749f45d5ea2755a28d7de7 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 22:09:55 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 Jun 2020 01:13:52 GMT server cloudflare age 2175 etag W/"41c-5a8659b2af400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5afd21e08cf91f2d-FRA cf-request-id 03d213805300001f2dc61b7200000001
GET H2	200	js Show response www.googletagmanager.com/gtag/	84 KB 33 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-xxx-x Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3621b9c7121c930f26495a9d821a0627b1528cc9a2ab125730470c8b47c0f5d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 22:09:55 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33609 x-xss-protection 0 last-modified Wed, 08 Jul 2020 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 08 Jul 2020 22:09:55 GMT
GET H2	404	jquery-3.js safety30.xyz/jun60694/CHOM01010101010X0SH/	0 0	262ms 261ms	Script text/html	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/jquery-3.js Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 22:09:55 GMT content-encoding br cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5afd21e08cfb1f2d-FRA cf-request-id 03d213805300001f2dc61b8200000001
GET H/1.1	200 OK	jquery-3.2.1.min.js Show response code.jquery.com/	85 KB 30 KB	29ms 6ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.min.js Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 08 Jul 2020 22:09:55 GMT Content-Encoding gzip Last-Modified Mon, 20 Mar 2017 19:01:15 GMT Server nginx ETag W/"58d026fb-15283" Vary Accept-Encoding X-HW 1594246195.dop051.fr8.t,1594246195.cds139.fr8.shn,1594246195.cds139.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30125
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-xxx-x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 4417 date Wed, 08 Jul 2020 20:56:18 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Wed, 08 Jul 2020 22:56:18 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 98 B	13ms 13ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2102227843&t=pageview&_s=1&dl=https%3A%2F%2Fsafety30.xyz%2Fjun60694%2FCHOM01010101010X0SH%2F&ul=en-us&de=UTF-8&dt=Helpline9881&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=739782702&gjid=1382288646&cid=1955539287.1594246195&tid=UA-xxx-x&_gid=1211225945.1594246195&_r=1&gtm=2ou6o0&z=485419008 Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 08 Jul 2020 22:09:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo.png safety30.xyz/jun60694/CHOM01010101010X0SH/	4 KB 4 KB	10ms 10ms	Image image/png	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/logo.png Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status HIT last-modified Fri, 19 Jun 2020 01:13:58 GMT server cloudflare age 2175 etag "fd6-5a8659b868180" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5afd21e1ef821f2d-FRA content-length 4054 cf-request-id 03d213813500001f2dc61c9200000001
GET H2	206	err.mp3 safety30.xyz/jun60694/CHOM01010101010X0SH/	14 KB 0	251ms 250ms	Media audio/mpeg	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/err.mp3 Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status DYNAMIC last-modified Fri, 19 Jun 2020 01:14:14 GMT server cloudflare etag "31080-5a8659c7aa580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg Content-Range bytes 0-200831/200832 accept-ranges bytes cf-ray 5afd21e278881f2d-FRA Content-Length 200832 cf-request-id 03d213818a00001f2dc61ce200000001
GET H2	404	Shfdfd.mp3 safety30.xyz/jun60694/CHOM01010101010X0SH/	237 B 313 B	242ms 242ms	Media text/html	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/Shfdfd.mp3 Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4e5c6ecab89b54555171c59815b60cf7a8d2f27409cb21b8f07003376537d2e Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=iso-8859-1 status 404 cf-ray 5afd21e288a61f2d-FRA cf-request-id 03d213819300001f2dc61d1200000001
GET H2	200	def.gif safety30.xyz/jun60694/CHOM01010101010X0SH/	166 KB 166 KB	11ms 11ms	Image image/gif	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/def.gif Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status HIT last-modified Fri, 19 Jun 2020 01:14:00 GMT server cloudflare age 2174 etag "29639-5a8659ba50600" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5afd21e2a8d31f2d-FRA content-length 169529 cf-request-id 03d21381a500001f2dc61d3200000001
GET H2	206	beep.mp3 safety30.xyz/jun60694/CHOM01010101010X0SH/	8 KB 8 KB	243ms 243ms	Media audio/mpeg	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/beep.mp3 Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status DYNAMIC last-modified Fri, 19 Jun 2020 01:14:10 GMT server cloudflare etag "20d5-5a8659c3d9c80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg Content-Range bytes 0-8404/8405 accept-ranges bytes cf-ray 5afd21e2a8db1f2d-FRA Content-Length 8405 cf-request-id 03d21381a600001f2dc61d4200000001
GET H2	206	err.mp3 safety30.xyz/jun60694/CHOM01010101010X0SH/	196 KB 196 KB	257ms 257ms	Media audio/mpeg	2606:4700:3034::681c:ce7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://safety30.xyz/jun60694/CHOM01010101010X0SH/err.mp3 Requested by Host: safety30.xyz URL: https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:ce7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65 Request headers Referer https://safety30.xyz/jun60694/CHOM01010101010X0SH/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Wed, 08 Jul 2020 22:09:55 GMT cf-cache-status DYNAMIC last-modified Fri, 19 Jun 2020 01:14:14 GMT server cloudflare etag "31080-5a8659c7aa580" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg Content-Range bytes 0-200831/200832 accept-ranges bytes cf-ray 5afd21e2a8dc1f2d-FRA Content-Length 200832 cf-request-id 03d21381a700001f2dc61d5200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| getURLParameter string| gourl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| move function| pop function| PopIt function| UnPopIt function| $ function| jQuery string| stroka function| toggleFullScreen number| idleTime function| timerIncrement boolean| is_chrome undefined| isChromium string| vendorName boolean| isOpera function| alertCall function| alertTimed function| alertLoop function| addEvent function| ajay function| openMultipleTabs function| poponload string| link_redirect undefined| ignoreHashChange object| msgAudioEl number| playMsgInt function| nocontextmenu function| norightclick function| reloadIFrame object| modal object| btn object| span

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.safety30.xyz/	1970-01-19 10:50:46	Name: _gat_gtag_UA_xxx_x Value: 1
			.safety30.xyz/	1970-01-19 10:52:12	Name: _gid Value: GA1.2.1211225945.1594246195
			.safety30.xyz/	1970-01-20 04:21:58	Name: _ga Value: GA1.2.1955539287.1594246195
			.safety30.xyz/	1970-01-19 11:33:58	Name: __cfduid Value: de939255fd04b2255b276e841873cb0651594246195

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
safety30.xyz
www.google-analytics.com
www.googletagmanager.com
2001:4de0:ac19::1:b:2a
2606:4700:3034::681c:ce7
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
15ed6d7dbe70790c0d60441f5623430b4df04937e1e1b998552c425bf0a29e1d
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
3621b9c7121c930f26495a9d821a0627b1528cc9a2ab125730470c8b47c0f5d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
e4e5c6ecab89b54555171c59815b60cf7a8d2f27409cb21b8f07003376537d2e
efe90901547a23129ee054301b15ab531f9f0d909c749f45d5ea2755a28d7de7
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955