Report - bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ_

Report Overview

Submitted URL
bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__
IP
135.148.232.223
ASN
#16276 OVH SAS
Submitted
2023-05-30 14:21:26
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-29	433 B	48 kB	142.250.74.168
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-29	680 B	1.9 kB	54.230.80.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-29	451 B	7.0 kB	142.250.74.106
www.safesecureremove.com	unknown	2022-03-07	2022-03-21	2023-05-30	2.0 kB	1.8 MB	188.114.96.1
api.optoutsystem.com	97848	2009-03-06	2018-11-08	2023-05-29	2.5 kB	2.0 kB	54.213.222.228
bjlszyht.live	unknown	2023-03-23	2023-05-30	2023-05-30	506 B	505 B	135.148.232.223
lagoonearth.com	unknown	2020-11-05	2023-05-21	2023-05-27	433 B	379 B	104.227.210.248
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-29	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-29	1.1 kB	33 kB	216.58.207.227
sentry.io	2743	2012-04-07	2016-08-31	2023-05-29	626 B	440 B	35.188.42.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-30 14:21:08	high	135.148.232.223	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)
2023-05-30 14:21:08	high	135.148.232.223	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-30	medium	bjlszyht.live

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d	152 B	2023-04-05	2023-06-20
Pretty URL www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 16:11:23 Last Seen2023-06-20 23:29:13 Times Seen626 Hash 5c404f75397bed86f752e0c45e5ddd3e cfcf21db474221ffcfa6c63d8f16ef03910aa638 ef17605f6c27aed4f550d170a828fd5582992b6dbab25010836def834057daf6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-9000201-8	120 kB	2023-05-30	2023-05-30
Pretty URL www.googletagmanager.com/gtag/js?id=UA-9000201-8 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 16:21:29 Last Seen2023-05-30 16:21:29 Times Seen2 Hash acb2dd97aba42af59962b20594670533 7238404071b44b5073f37cfc23daf079a81b42eb e723f81a1229c869b289fcbaa0798229571bc383fa96c2e1a7fbe9106e2c900e Loading...

	www.safesecureremove.com/sandbox%20eval%20code	147 B	2023-04-11	2024-04-27
Pretty URL www.safesecureremove.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 05:20:15 Times Seen342533 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.safesecureremove.com/static/js/main.80b362da.js	1.5 MB	2023-05-30	2023-05-30
Pretty URL www.safesecureremove.com/static/js/main.80b362da.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 11:30:40 Last Seen2023-05-30 16:21:29 Times Seen4 Hash 8f5a95208b5fd20be692e2f5d5a18263 951088f07eb049c16af4bf81ab5ac1d87139fcf9 a21ccb33d03997e1d80ff82633ff199fc45282956d120202b80e5a1a8cce7499 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-27 05:20:15 Times Seen342032 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (23)

URL IP Response Size

bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__

135.148.232.223

163 B

URL User Request GET
bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__
IP
135.148.232.223:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
12f9b624d99d45656640c5f0fec799a5
749b1d1cadf459042f7d93d33f69ce74be9ab7a1
fa2359745066ef5d6e2a823ef0952ebcab8353c162150d8d5084b01434e03183

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__ HTTP/1.1
Host: bjlszyht.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 30 May 2023 14:21:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Location: http://lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Content-Length: 163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d

104.227.210.248

138 B

URL User Request GET
lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
IP
104.227.210.248:0
ASN
#36352 AS-COLOCROSSING

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

HTTP Headers

GET /o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d HTTP/1.1
Host: lagoonearth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 30 May 2023 14:11:36 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-9000201-8

142.250.74.168

200 OK

47 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-9000201-8
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (2271)
Size
47 kB (46880 bytes)
Hash
acb2dd97aba42af59962b20594670533
7238404071b44b5073f37cfc23daf079a81b42eb
e723f81a1229c869b289fcbaa0798229571bc383fa96c2e1a7fbe9106e2c900e

HTTP Headers

GET /gtag/js?id=UA-9000201-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 14:21:10 GMT
expires: Tue, 30 May 2023 14:21:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 May 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 282990
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0

35.188.42.15

200 OK

2 B

URL POST HTTP/1.1
sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
IP
35.188.42.15:443
ASN
#15169 GOOGLE

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerDigiCert Inc
Subjectsentry.io
Fingerprint15:B3:B3:F7:8C:AC:CA:4E:EA:C5:B0:56:6E:00:9F:3B:62:5F:2F:A4
ValidityFri, 03 Jun 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safesecureremove.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 422
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 May 2023 14:21:11 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 3
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6db1a107e505b3a2704c5447e3bd30eb
2833d2953b37645c12c4534de19e4d022ce5c025
85d6f8c137556d3770b504be6be919158a9009c8e5aea8f1a614d71613f1e666

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Tue, 30 May 2023 14:21:11 GMT
Last-Modified: Tue, 30 May 2023 13:43:26 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fm7XCojdnAbfbmJlTuOrXXaNp0QdUCmM4Cqn5TESqnEBzZJZs9cGqg==
Age: 2265

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6db1a107e505b3a2704c5447e3bd30eb
2833d2953b37645c12c4534de19e4d022ce5c025
85d6f8c137556d3770b504be6be919158a9009c8e5aea8f1a614d71613f1e666

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Tue, 30 May 2023 14:21:11 GMT
Last-Modified: Tue, 30 May 2023 13:38:50 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ccufSmvEUUuzmzvYuG8R6dJNRP7w-SoFUsmqfGAmOhcTTkFyP0rd5Q==
Age: 2541

api.optoutsystem.com/auth/legacy/optout-key

54.213.222.228

200 OK

0 B

URL POST HTTP/2
api.optoutsystem.com/auth/legacy/optout-key
IP
54.213.222.228:443
ASN
#16509 AMAZON-02

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.safesecureremove.com/
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 30 May 2023 14:21:11 GMT
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
X-Firefox-Spdy: h2

api.optoutsystem.com/auth/legacy/optout-key

54.213.222.228

200 OK

396 B

URL POST HTTP/2
api.optoutsystem.com/auth/legacy/optout-key
IP
54.213.222.228:443
ASN
#16509 AMAZON-02

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (396), with no line terminators
Size
396 B (396 bytes)
Hash
5cf45ee14f843a373f7f41438879e9e7
2f985d843f8f9d97e81bedd04aa156b83fab3dbd
1979f2174073b96849b2828002d31d1edb76c60b105e16b7408b5b61ebec9ac9

HTTP Headers

POST /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 95
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:11 GMT
content-type: application/json; charset=utf-8
content-length: 396
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1499
x-ratelimit-reset: 1685456531
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2

api.optoutsystem.com/campaigns/203375/optout-page

54.213.222.228

204 No Content

0 B

URL OPTIONS HTTP/2
api.optoutsystem.com/campaigns/203375/optout-page
IP
54.213.222.228:443
ASN
#16509 AMAZON-02

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /campaigns/203375/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://www.safesecureremove.com/
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 30 May 2023 14:21:12 GMT
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
X-Firefox-Spdy: h2

api.optoutsystem.com/campaigns/203375/optout-page

54.213.222.228

204 No Content

172 B

URL OPTIONS HTTP/2
api.optoutsystem.com/campaigns/203375/optout-page
IP
54.213.222.228:443
ASN
#16509 AMAZON-02

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
f138aa519c0af778da470765aea3514e
3192ff5f13ccf822a1a4ed5f33d3ac695e26e318
dd6d49a44dc3392bc0c6b2e93705c201ed8c700962257cd7fb2b516cc0d76e09

HTTP Headers

GET /campaigns/203375/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3B0b3V0IiwiY2FtcGFpZ25faWQiOjIwMzM3NSwibWFpbGVyX2lkIjoxMjY3MTAsImNtYV9pZCI6NTE5NzI5NDgsImlhdCI6MTY4NTQ1NjQ3MSwiZXhwIjoxNjg3MjcwODcxfQ.XfPv2bcHDlUuDedyHVi2a07BGmr5oXGxIii8rXvzIBM
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 172
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1498
x-ratelimit-reset: 1685456531
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 578492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

6.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (6530), with no line terminators
Size
6.4 kB (6362 bytes)
Hash
feddc562097e437af08febef83792dbe
4d1d430f50e555657f1a135bcf655877597b38ca
284e88ea80c2a259fedfeb2cd060bd55616e22a73693c779061741385239c46b

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 May 2023 14:21:10 GMT
date: Tue, 30 May 2023 14:21:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.safesecureremove.com/static/css/main.3ec05bac.css

188.114.96.1

200 OK

243 kB

URL GET HTTP/3
www.safesecureremove.com/static/css/main.3ec05bac.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT

File type

Size
243 kB (242757 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/css/main.3ec05bac.css HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: text/css
cache-control: public, max-age=31536000, immutable
content-md5: lP7Dxph8Slmy9xlnKm6q9g==
last-modified: Thu, 20 Apr 2023 04:28:30 GMT
etag: W/"0x8DB4157B19B4B90"
x-cache: TCP_HIT
x-ms-request-id: 8eddca26-301e-00b8-7c5e-730960000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 09vNAZAAAAAA8YJhwZqeKQoAp3eVW8lyIQU1TMDRFREdFMTkxOQA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 03fxAZAAAAADDZ79hefcHQq6EpGLbLziOQlJVMzBFREdFMDQxNwA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
cf-cache-status: HIT
age: 3475833
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K88arxR8EQIrTYCY2ZMqEBGiu%2F8dYqtwP2Lzc0wBuGG9cE99DxEXg5ImIP%2Bu9dwH2%2FRdYg7u1lW68%2BGGMj1wnRXgf7JWHxra2VgnNjJ4w7WFqd79gcF3HKGvg2Y%2BNWMTUERSAkg%2FxOnU5jQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f3cca34b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d

188.114.96.1

200 OK

733 B

URL User Request GET HTTP/2
www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (763), with no line terminators
Size
733 B (733 bytes)
Hash
ae172e0582255375ec0e2d1bc076f180
ef0d1cba225a754c08fe858accad301182bdaabe
51a32d3779e5cda70e015c3398db8686d88815acb125484e2a7fde5772501f52

HTTP Headers

GET /o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: text/html
content-md5: zg0ZeREIKz7OeBkYemM90w==
last-modified: Tue, 30 May 2023 02:47:39 GMT
x-cache: TCP_REMOTE_HIT
x-ms-request-id: a3bb7df7-701e-0028-1ff2-92ee17000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0VgZ2ZAAAAAC6x4zqZ696SKW4HiSLBbehQU1TMDRFREdFMTkxMQA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 0VgZ2ZAAAAADQ5zdo7stJQZvAFrcLoQasU1RPRURHRTEzMjEANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVGpfF%2Fqqd%2BOc7gR0CDJhwJ3JybelO%2Bz34sbR5fDcUXZi9IxPv6Jgf5amGPlg7WqNqf67kIvSDagtWIxI%2FFf0luaAbbR6aTIoEB24yBKVyTdhtOZN31W4Ujd7OAnmTGgvlSRvF6rQf0nBt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf79f3b1d31b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.safesecureremove.com/static/js/main.80b362da.js

188.114.96.1

200 OK

1.5 MB

URL GET HTTP/3
www.safesecureremove.com/static/js/main.80b362da.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT

File type

Size
1.5 MB (1517248 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/main.80b362da.js HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
content-md5: j1qVIItf0gvmkuL11aGCYw==
last-modified: Tue, 30 May 2023 02:47:39 GMT
etag: W/"0x8DB60B83BC9E503"
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 22c2de82-f01e-00e0-5ca3-923242000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 08Gh1ZAAAAADeb4SowC5rS7uGU2dzgmTyQU1TMDRFREdFMTkwNwA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 08Gh1ZAAAAACuQbay6OPXQpb8CPwoaf1SU1RPRURHRTE4MTUANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: HIT
age: 40294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSXaactz7iXVxlyI4KC8690BNJDFf0NBdrjX58HvPlwBfnWPD6LQCNKSI37tIWmCG0dE2%2BQtFxLWA1H9M57X2lTjuh2dSMIaGp7RZCtY%2BJ5X%2BeKAASoVHJIGXIIAX0iQTgaEtfW60YIF%2FbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f3cca33b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.safesecureremove.com/favicon.ico

188.114.96.1

404 Not Found

733 B

URL GET HTTP/3
www.safesecureremove.com/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate
IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (763), with no line terminators
Size
733 B (733 bytes)
Hash
d6fc7d08f22a387650f6e015c634efb7
19d522a2b03b245454928871f6f31d6ee21e5995
c508746f0cbe6bde85a86c2a83ec96127bb11974f88021507757bb2ddb36a5dd

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 30 May 2023 14:21:11 GMT
content-type: text/html
cache-control: public, max-age=31536000, immutable
x-cache: TCP_MISS
x-ms-error-code: WebContentNotFound
x-ms-request-id: f15cb032-901e-0062-1c65-733313000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 04PxAZAAAAABTR1GzN8yFTrMWpNt2l31lRlJBMjMxMDUwNDE4MDIzADY0NGJjNzYwLThjZTEtNGNhMi1iYjE2LTg4NDExZjlhNGQ4YQ==
domain-integrity-check: true
x-azure-ref: 04PxAZAAAAAD+Czyu+DW7QLnIykeuVZ4aU1RPRURHRTE5MTkANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: HIT
age: 3475831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjwRgKyu1ZnxDqUp9RizjPA%2B179LjhmluQAURXTctpKUpUjfKsR2R2LWANVutoaS%2FTkbH6MccDbzHWRcgbebaNJu1OWPJ7IW8hA8PZy%2B2QoK%2B7tLANn%2Fc1zhKuwegeYnRJPk1q%2Fl6v8mMSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f414b17b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN