turapport-strience.icu Open in urlscan Pro
52.221.65.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoa...
Effective URL:
https://turapport-strience.icu/click
Submission: On November 10 via manual (November 10th 2022, 8:15:12 am UTC) from JP — Scanned from JP

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 52.221.65.161, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is turapport-strience.icu. The Cisco Umbrella rank of the primary domain is 730131.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.

This is the only time turapport-strience.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3030::ac43:acf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:2680	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::ac43:deef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.221.65.161 52.221.65.161	16509 (AMAZON-02) (AMAZON-02)
14	4

6 2606:4700:3030::ac43:acf6 (United States)

ASN13335 (CLOUDFLARENET, US)

safesecureprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:2680 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-nesciunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-nesciunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::ac43:deef (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-nesciunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
subscription.trk-nesciunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.65.161 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-65-161.ap-southeast-1.compute.amazonaws.com

turapport-strience.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	trk-nesciunt.com trk-nesciunt.com event.trk-nesciunt.com subscription.trk-nesciunt.com	3 KB
6	safesecureprotect.com safesecureprotect.com	41 KB
1	turapport-strience.icu turapport-strience.icu — Cisco Umbrella Rank: 730131	304 B
14	3

	Domain	Requested by
6	safesecureprotect.com	safesecureprotect.com
4	event.trk-nesciunt.com	trk-nesciunt.com
2	subscription.trk-nesciunt.com	trk-nesciunt.com
1	turapport-strience.icu	safesecureprotect.com
1	trk-nesciunt.com	safesecureprotect.com
14	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-30` - `2023-06-29`	a year	crt.sh
turapport-strience.icu R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://turapport-strience.icu/click
Frame ID: 477D36BCDB8E66B90CD3BB0B59954493
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

400 Bad Request

Page URL History Show full URLs

https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&... Page URL
https://turapport-strience.icu/click Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

44 kB
Transfer

108 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz Page URL
https://turapport-strience.icu/click Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
safesecureprotect.com/antivirus/ 1 KB
815 B 736ms
544ms Document
text/html 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d95f9aa6209923ce0dcb8bf50f0f2c9f59d07e97a9024b88f5c7333e9fa7b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767d56a90b82af64-NRT
content-encoding: br
content-type: text/html
date: Thu, 10 Nov 2022 08:15:08 GMT
last-modified: Fri, 08 Jul 2022 15:45:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12uQkoKOrBObHGAQAxKI4t1fN0Dh68ZGUbmlpCHKELu9bi8V%2B7foiQuM8oThRLdgDZg17VTzYzYuFp3r0%2BWG4h27a7zIZRyRdZTkPeBPjOH31ghQryejHlgYL0Kf2C%2Bvia9mtt7G5TKH0ZlEsIastQF82CQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
safesecureprotect.com/antivirus/assets/ 1 KB
929 B 541ms
537ms Stylesheet
text/css 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safesecureprotect.com/antivirus/assets/style.css
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0220977a9e090ea0a91b3448f20ff0944178a45814ed4d0500610beed6067ef1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Jun 2022 22:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVWyC%2BU%2FEokYRJrWQu%2FZNJfFJIKCy2ekKey2XWSsPO2uYwl%2BaNteGFZVhpBxPQHRbkeX9MnDhbTnfRzyK%2BL%2Brz35nrNUBg7NqxIDI%2FQIgHP43PeMCU77hKKVXX8tLQHC2TDWD6s7rfnREiL%2FGeugDh56Oto%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 767d56ac8efbaf64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
safesecureprotect.com/antivirus/ 85 KB
31 KB 549ms
546ms Script
application/javascript 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safesecureprotect.com/antivirus/jquery.min.js
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Jun 2022 22:23:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzmC6XUrQWgP79MCIR1Jc%2FlS0Rq%2BxFCGQFo1mlCMRUhQopRre5sHoYkuxi9MAiKL6B6tV3PV9eHDrXshKe3uXxqc%2F5B%2Bv6OyhkGdVFXSC4SQyNKd87awI2bidaWJ64vqeOs3xOZBqYnXmn6rvLc28VWtVIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767d56ac8effaf64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dynamic-assets.js Show response
safesecureprotect.com/antivirus/assets/ 7 KB
3 KB 544ms
542ms Script
application/javascript 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safesecureprotect.com/antivirus/assets/dynamic-assets.js
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d38d2c87afc1971f3689be641958d4a034c6a6c3ab450b3e41189bf2258dc99

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:08 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Jul 2022 17:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJJLWQ6jZ%2FnXUemCAjQZGefvc6sL5zCU0LFv9m1rAiccouzcqrhpO160JM7Q4g36BXTHU4E6X0ahIAdFs7sw1f4VqcPazK7ktv0O87JVJHLji37Y%2BX9XOxjFBQ%2Fq8zeS%2BXtqwvJidB%2BcoANUs6%2FTf5vkyPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767d56ac8f00af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page-script-auto.js Show response
safesecureprotect.com/antivirus/ 3 KB
1 KB 11ms
10ms Script
application/javascript 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://safesecureprotect.com/antivirus/page-script-auto.js
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6340928be660e5796f821658f88d2f5cc8bcb5f96eddf07690b52cfb84449e69

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 22:24:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6924
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm1dxP2WpiqRx3tkkUpq3aagAgwy2ZTRTBPJESzayx6plic8jyNQI9Om5dTiO3OjSg6n1KC6PrbW57d5K6stizwrxKgzxqpn%2BaWbCraQ%2FjzzMbdajHsZugQLhronMvZwG6EnNvv63h0m39Lbcv6G6UPPw1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 767d56ac8f01af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 57dkr26ew8 Show response
trk-nesciunt.com/scripts/push/script/ 7 KB
3 KB 542ms
379ms Script
application/javascript 2606:4700:3035::6815:2680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-nesciunt.com/scripts/push/script/57dkr26ew8?url=safesecureprotect.com

Requested by

Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/page-script-auto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ed04d3c788063fbd1f4c112930081b5d27702ed11172564017ff79350c93b22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:09 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocm7dHaS%2BjaeU253xCvdIswgTy7JyGgyAwNtyS2bOTovcfJenMHxcMn9PRr8qmfuour57XxhSOw90jkB6yNGs8LBzXUdVph8l%2F0GbAMgcTaDjKws%2FkKbg4DbXTEmcUTYVMDpnnDOqRKr5fd7zPr4"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 767d56b14dddafff-NRT
expires: 0

GET
H3 200 av.png
safesecureprotect.com/antivirus/assets/ 4 KB
4 KB 9ms
9ms Image
image/png 2606:4700:3030::ac43:acf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://safesecureprotect.com/antivirus/assets/av.png
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:acf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705a3998b77a14d23dabfb93e872b9c3995a1788665bc6bdc82e4c6364846b2d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:15:08 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 22:24:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5808
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnaVhOD59psel%2FJVfYQe9DPScKOTW7tSD78SfjEkQBkoacUvmw8Xj0DWqDHDRyOOcKCdBycAYJX3QXy3kPap%2BuLI%2BKACxI8Iwz9j%2FjHYVpA2QKjaxhO3ZqaJ7a4nqmo2v8Q1I2CzYxTQXe7Drrs9OBcvRt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 767d56b05bafafeb-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3896

POST
H3 200 q2goojpygr
event.trk-nesciunt.com/register/event_log/ 0
0 390ms
389ms Fetch 2606:4700:3034::ac43:deef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-nesciunt.com/register/event_log/q2goojpygr

Requested by

Host: trk-nesciunt.com
URL: https://trk-nesciunt.com/scripts/push/script/57dkr26ew8?url=safesecureprotect.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:deef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safesecureprotect.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 10 Nov 2022 08:15:10 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjbcNLcbT7Q%2BQ0Sp0YJ1FbQhv4uBp2bGqxC0XH3XwrH0W5%2FpSlbisPD5MB4H6QGpH53EezZ%2Bn3OEhDr4ddhIBMO1rfn03ePqu5LpiRUUsIsqs%2F7AB5kTj4zeaI%2BwfRsAxTNHydww%2BZX6Fs1j7NKrG0dNDcj5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 767d56ba3ea31f27-NRT
x-pushplatformapp-params

POST
H3 400 q2goojpygr
subscription.trk-nesciunt.com/register/push/ 0
0 390ms
383ms Fetch 2606:4700:3034::ac43:deef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subscription.trk-nesciunt.com/register/push/q2goojpygr

Requested by

Host: trk-nesciunt.com
URL: https://trk-nesciunt.com/scripts/push/script/57dkr26ew8?url=safesecureprotect.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:deef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safesecureprotect.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 10 Nov 2022 08:15:10 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PT9K7zZykhlMMdu7wv31gYdScddqDpMb4KYS7RyfiZD%2Bchmb7Qq%2F%2BDThEQouOJp1%2BYBr%2BJGwTPyYIh9sCMtLRvKfqbKvNuVPWJnKGKq6oqRqiK1TDfx0ITM6N0yZn47CHFS4uyfZPIpjsrSpybsotXkED4d0Z6EzzhftHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 767d56ba1e941f27-NRT
expires: 0

OPTIONS
H2 200 q2goojpygr
event.trk-nesciunt.com/register/event_log/ 0
0 396ms
384ms Preflight 2606:4700:3035::6815:2680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-nesciunt.com/register/event_log/q2goojpygr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2680 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://safesecureprotect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767d56b7df56e378-NRT
content-length: 0
date: Thu, 10 Nov 2022 08:15:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Dhc%2FbQ625%2BA8yOycsO6Ed3ZEdZRcF3aTBLwOI6yJ5gDLyGsxkUf4wdA7LydWX98OJwiP%2FX8bQODIKhaC0Hwx5w27LIiNQfEqrDJFXB6%2B6s73klDD2%2FtWTU%2BdyMErAN%2B6sGGoOzQY59UqIgkfwqrsuGR%2B%2FoO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H2 200 q2goojpygr
subscription.trk-nesciunt.com/register/push/ 0
0 373ms
361ms Preflight 2606:4700:3034::ac43:deef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://subscription.trk-nesciunt.com/register/push/q2goojpygr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:deef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://safesecureprotect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767d56b7d96bf645-NRT
content-length: 0
date: Thu, 10 Nov 2022 08:15:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7XSG18XRDEHI3EB6kquChFtNrFvq1acMMdXPEH5kMjsGkCOLYAUcO0eqdwBsSHgprCcC6YoZuEvEb8qh3VGuB99n7kqCyorfXaRneRqYvdxH%2Bsw16975F%2BGqVp9YgwAljBfvHLAywn%2F%2Bq%2F2sEzC8TYEiRXEZgurt0Ad0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 q2goojpygr
event.trk-nesciunt.com/register/event_log/ 0
0 193ms
193ms Fetch 2606:4700:3034::ac43:deef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-nesciunt.com/register/event_log/q2goojpygr

Requested by

Host: trk-nesciunt.com
URL: https://trk-nesciunt.com/scripts/push/script/57dkr26ew8?url=safesecureprotect.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:deef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safesecureprotect.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Thu, 10 Nov 2022 08:15:11 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD9kb4pMii2OFgw5b5yCGfBDMtRpgRbXnBoq3jaC%2FU6QNW8VAFvYNxx6%2FKvzqsYje8DxBraiYCwiAoBc1%2BjW4WVJb3BEIE4bTbmWL4Qd2DEOyqG%2B%2B517jCsJKdxcLqKyNpMAxobQhoC2DIcZNZwj8NmH9vVK"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray: 767d56bed9a21f27-NRT
x-pushplatformapp-params

GET
H2 400 Primary Request click Show response
turapport-strience.icu/ 152 B
304 B 584ms
72ms Document
text/html 52.221.65.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turapport-strience.icu/click
Requested by: Host: safesecureprotect.com
URL: https://safesecureprotect.com/antivirus/page-script-auto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.221.65.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-65-161.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4

Request headers

Referer: https://safesecureprotect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 152
content-type: text/html
date: Thu, 10 Nov 2022 08:15:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

OPTIONS
H3 200 q2goojpygr
event.trk-nesciunt.com/register/event_log/ 0
0 368ms
368ms Preflight 2606:4700:3034::ac43:deef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-nesciunt.com/register/event_log/q2goojpygr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:deef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://safesecureprotect.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://safesecureprotect.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767d56bc88131f27-NRT
content-length: 0
date: Thu, 10 Nov 2022 08:15:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clQZxq2f%2BTnu0NFxnU2nvNyMCNV4cqcqtrRwiozYtAlZihycV8uPkpJrMd8bn96sDCEbppWlzkjuj3ELgMgVtaL5sqolcWH8LEabYK6lecHGSMiVyqHkOjQT9M9hNprycEfMHXMAX7vcV91hw1guja1bI8hV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://safesecureprotect.com/antivirus/?utm_source=94249903-af39-4b74-881d-b93d26e0a70e&utm_medium=10416&source_one=wsu8qhfoao17vubkidigslaa&offer_id=8482&psid=pushsubscription_id&lang=jp&cep=VSXLaka6DclY3PLnIL7jtyMCXWkAy41VbqSYZPnDtrjOm5k-uslbQUxzJbOQ8laCpIkUAoCgMhANkeHxpTIcZxjY94ekNNlXTyKW0nNhsVpfDc9Od4ik7iIhsTkDPVUt-9Cbt-n40CXkj-eu0se5kgxUkG8QXv6HcZoR17rB0J6APpfjlLm9kpGWXE8SJZfBVQuxaf5SRa7erspfDq9Mh5y--nfA65eIkdwwbfnp9R2QQ7PE0udeXoxsORT14Sml7Ftczc6o-KJjz1orKIPaLie7DRLlzQaP_9vxPTV14b0okZQl6vsSbQ_7qK5mfoz Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://subscription.trk-nesciunt.com/register/push/q2goojpygr Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://turapport-strience.icu/click Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-nesciunt.com
safesecureprotect.com
subscription.trk-nesciunt.com
trk-nesciunt.com
turapport-strience.icu
2606:4700:3030::ac43:acf6
2606:4700:3034::ac43:deef
2606:4700:3035::6815:2680
52.221.65.161
0220977a9e090ea0a91b3448f20ff0944178a45814ed4d0500610beed6067ef1
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
4ed04d3c788063fbd1f4c112930081b5d27702ed11172564017ff79350c93b22
6340928be660e5796f821658f88d2f5cc8bcb5f96eddf07690b52cfb84449e69
705a3998b77a14d23dabfb93e872b9c3995a1788665bc6bdc82e4c6364846b2d
85d95f9aa6209923ce0dcb8bf50f0f2c9f59d07e97a9024b88f5c7333e9fa7b2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9d38d2c87afc1971f3689be641958d4a034c6a6c3ab450b3e41189bf2258dc99

turapport-strience.icu Open in urlscan Pro 52.221.65.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

75 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

44 kBTransfer

108 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

turapport-strience.icu Open in urlscan Pro
52.221.65.161 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

44 kB
Transfer

108 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions