remove.guide Open in urlscan Pro
2606:4700:3034::6815:1e8a  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response remove.guide/remove-lqqw-ransomware/	102 KB 26 KB	420ms 336ms	Document text/html	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/remove-lqqw-ransomware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 993fa2c3c02ed822d6a047e899ae557e6c9838e765a9e31264bb3e5370439032 Request headers :method GET :authority remove.guide :scheme https :path /remove-lqqw-ransomware/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:10 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Wed, 01 Sep 2021 23:10:24 GMT x-cache-nxaccel BYPASS cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkQae%2Fo5GZ0YJmSICqjFWgWtZ%2BlHMjzKMA1ha7L1MAD2RVQ6DXZXHKrILaHaSUoLQmQXVATk7xHhWEld1VBrH2NNTNbWqzIzL01sp3wbbtloaOdWIti6fmQR86nO2pjHNxZBed6B%2Bf7UaVY%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 688448283a85cae4-ARN content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	/ remove.guide/	0 16 KB	319ms 286ms	Other text/html	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/ Requested by Host: remove.guide URL: https://remove.guide/remove-lqqw-ransomware/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path / pragma no-cache purpose prefetch accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept application/signed-exchange;v=b3;q=0.9,*/*;q=0.8 cache-control no-cache sec-fetch-dest empty :authority remove.guide referer https://remove.guide/remove-lqqw-ransomware/ :scheme https sec-fetch-site same-origin :method GET Referer https://remove.guide/remove-lqqw-ransomware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:10 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 01 Sep 2021 23:11:17 GMT server cloudflare x-cache-nxaccel BYPASS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkTDJXZzBUd7qKtAhrXJc4vLTNGusONO0AozA1UjFtX1POyeTG1hk3kR0G5skTdfDZPwAGWGaEe%2FBjAjGBEytWI7AfWRzBpbgl%2Fy7%2BlW56FYA%2BioSACdLnk5EW4%2FRldTh%2F1Qrai1QDzMe%2Bk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6884482a9926f134-ARN alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	css fonts.googleapis.com/	8 KB 721 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRaleway%3A500%7CRaleway%3A700%7CRoboto%20Slab%3A300&subset=latin&display=swap Requested by Host: remove.guide URL: https://remove.guide/remove-lqqw-ransomware/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 198facaccbd3ce2ef8c735c87b478de10e8ed822912522ded7d42be30e9cab55 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://remove.guide/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 02 Sep 2021 05:19:10 GMT server ESF date Thu, 02 Sep 2021 05:19:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 02 Sep 2021 05:19:10 GMT
GET H3-29	200	589bbbcea18299a3cd099c99a9abe847.css remove.guide/wp-content/cache/min/1/	216 KB 39 KB	484ms 460ms	Stylesheet text/css	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/wp-content/cache/min/1/589bbbcea18299a3cd099c99a9abe847.css Requested by Host: remove.guide URL: https://remove.guide/remove-lqqw-ransomware/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b5bf2e3a1681d2d9b55b9b521e3147874ef9c07e5a0280586e89d19c1afed17 Request headers :path /wp-content/cache/min/1/589bbbcea18299a3cd099c99a9abe847.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority remove.guide referer https://remove.guide/remove-lqqw-ransomware/ :scheme https sec-fetch-site same-origin :method GET Referer https://remove.guide/remove-lqqw-ransomware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:10 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Jul 2021 14:10:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHZYB6R7p0yE4CzZvQWarV89tk7hrWeKYaKWm09PzC%2F6c2qaxB4f%2F9QeTwzSPnpxzvBlWZdoFuWrXVjEu1IBxOMvQZwqlD9ZGaj49hI4CibYqhMLMtAISqde9NYOjM8TxIhQhf%2BSNiWtsXU%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6884482a9925f134-ARN alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Fri, 02 Sep 2022 05:19:10 GMT
GET H3-29	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v22/	46 KB 46 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRaleway%3A500%7CRaleway%3A700%7CRoboto%20Slab%3A300&subset=latin&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://remove.guide Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 01:34:40 GMT x-content-type-options nosniff age 531870 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47312 x-xss-protection 0 last-modified Tue, 29 Jun 2021 19:40:30 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Aug 2022 01:34:40 GMT
GET H3-29	200	BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 fonts.gstatic.com/s/robotoslab/v13/	39 KB 39 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3Anormal%7CRaleway%3A500%7CRaleway%3A700%7CRoboto%20Slab%3A300&subset=latin&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://remove.guide Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 06:57:38 GMT x-content-type-options nosniff age 426092 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39440 x-xss-protection 0 last-modified Thu, 28 Jan 2021 22:03:59 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 06:57:38 GMT
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3-29	200	email-decode.min.js Show response remove.guide/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	36ms 36ms	Script application/javascript	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: remove.guide URL: https://remove.guide/remove-lqqw-ransomware/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority remove.guide referer https://remove.guide/remove-lqqw-ransomware/ :scheme https sec-fetch-site same-origin :method GET Referer https://remove.guide/remove-lqqw-ransomware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 19 Aug 2021 12:03:41 GMT server cloudflare etag W/"611e489d-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IJjHjonmrExo4znMPBRTlwMeNF738K2hAtdbr3QmcAcBt9DAWD96BfQwp8gcTSnGwoYYo%2FMzJZIycyx7E23y3Tlj81fWf9AFO64C72bRrEnw4F%2B%2FSGxjPUvrEmztPYeBNJ1avKOs9g7HXE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6884482b3a57f134-ARN vary Accept-Encoding expires Sat, 04 Sep 2021 05:19:10 GMT
GET H3-29	200	lazyload.min.js Show response remove.guide/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/	8 KB 3 KB	286ms 286ms	Script application/javascript	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js Requested by Host: remove.guide URL: https://remove.guide/remove-lqqw-ransomware/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41 Request headers :path /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority remove.guide referer https://remove.guide/remove-lqqw-ransomware/ :scheme https sec-fetch-site same-origin :method GET Referer https://remove.guide/remove-lqqw-ransomware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:10 GMT content-encoding br cf-cache-status MISS last-modified Tue, 24 Aug 2021 09:35:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache-nxaccel MISS content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kU7QLkvL6UQKOCkFojrKtFCKLVvV3KW8BlLWF%2FB6EvZ378VYhMu5g95TOPS2gncuKeC%2FMH4MzOOpxLVGMwDCV02SEzNoaQiWeaVL%2BvxIbbML52cyljBTrcuQc%2Bq%2Bv02LF2HBdetsR72KS%2F8%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6884482b5a97f134-ARN alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Fri, 02 Sep 2022 05:19:10 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5ed3440760d018ec795b21a46a88e4b75385472020b8039bddbde8928fc9bae Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3-29	200	lqqw-ransomware-virus.webp remove.guide/wp-content/uploads/2021/09/	33 KB 33 KB	443ms 443ms	Image image/webp	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://remove.guide/wp-content/uploads/2021/09/lqqw-ransomware-virus.webp Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f218c1f258f68fff1d5b90fe73d4013d0317b47c52ebbd37c792f7a448252a6e Request headers :path /wp-content/uploads/2021/09/lqqw-ransomware-virus.webp pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority remove.guide referer https://remove.guide/remove-lqqw-ransomware/ :scheme https sec-fetch-site same-origin :method GET Referer https://remove.guide/remove-lqqw-ransomware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:11 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache-nxaccel BYPASS alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 33382 last-modified Wed, 01 Sep 2021 12:16:54 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzrAsZ8g1wZpDQ%2FWbJAkcMBabedJYn0lvJ07VEeOTCgTad%2BFWZb7EvEQVqkKGMO4KVbX6OAJgdlWE3dj0JOrtoVK%2FSm0ecFEPGKedLzbc7YIpnSGmkTw%2FSQIDCrQcLftBYMSbAx%2Bi%2BFCD0Q%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=10368000 accept-ranges bytes cf-ray 6884482d2e5af134-ARN expires Fri, 31 Dec 2021 05:19:11 GMT
GET H3-29	200	fontawesome-webfont.woff2 remove.guide/wp-content/plugins/wp-review-pro/public/fonts/	75 KB 76 KB	280ms 280ms	Font application/octet-stream	2606:4700:3034::6815:1e8a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://remove.guide/wp-content/plugins/wp-review-pro/public/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: remove.guide URL: https://remove.guide/wp-content/cache/min/1/589bbbcea18299a3cd099c99a9abe847.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1e8a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers :path /wp-content/plugins/wp-review-pro/public/fonts/fontawesome-webfont.woff2?v=4.7.0 pragma no-cache origin https://remove.guide accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority remove.guide referer https://remove.guide/wp-content/cache/min/1/589bbbcea18299a3cd099c99a9abe847.css :scheme https sec-fetch-site same-origin :method GET Origin https://remove.guide Referer https://remove.guide/wp-content/cache/min/1/589bbbcea18299a3cd099c99a9abe847.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:19:11 GMT cf-cache-status MISS last-modified Tue, 27 Oct 2020 09:14:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache-nxaccel BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foJ%2BIPfljDkRVPbwIH89ImVw568HawFIZqShrQMHej0lTZbp1HQ24UEj0X4h66sApFQRm%2BtlZCZXaIAbAgO%2F2%2BNLbNbCtjIqFfWkdyowkL2lIBGuC7FQLjKSB2IL3rLpblJzWw%2FhNRWKEII%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6884482dcf5cf134-ARN alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Sat, 02 Oct 2021 05:19:11 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| href object| RocketPreloadLinksConfig object| mts_customscript object| cnArgs object| _wpUtilSettings object| wpreview object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
remove.guide
2606:4700:3034::6815:1e8a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
198facaccbd3ce2ef8c735c87b478de10e8ed822912522ded7d42be30e9cab55
1b5bf2e3a1681d2d9b55b9b521e3147874ef9c07e5a0280586e89d19c1afed17
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
993fa2c3c02ed822d6a047e899ae557e6c9838e765a9e31264bb3e5370439032
a5ed3440760d018ec795b21a46a88e4b75385472020b8039bddbde8928fc9bae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f218c1f258f68fff1d5b90fe73d4013d0317b47c52ebbd37c792f7a448252a6e
f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505