bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__
135.148.232.223 163 B URL User Request GET bjlszyht.live/OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__
IP 135.148.232.223:0
File type HTML document, ASCII text, with no line terminators
Hash 12f9b624d99d45656640c5f0fec799a5
749b1d1cadf459042f7d93d33f69ce74be9ab7a1
fa2359745066ef5d6e2a823ef0952ebcab8353c162150d8d5084b01434e03183
Analyzer Verdict Alert quad9 Sinkholed
GET /OGo3Q1M5Nkg0ekVCY3k3bTlNVHMrc2xVQVV2MHppQmpnY0E2TllGUjlJeUlXV21HSDlPeU5JN3lDUlFYS3owV2ZidHZ2ZGtGcVpYYnBtZXRMMGQxR1E9PQ__ HTTP/1.1
Host: bjlszyht.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 30 May 2023 14:21:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Location: http://lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Content-Length: 163
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
104.227.210.248 138 B URL User Request GET lagoonearth.com/o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
IP 104.227.210.248:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /o/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d HTTP/1.1
Host: lagoonearth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 30 May 2023 14:11:36 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-9000201-8
142.250.74.168200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-9000201-8
IP 142.250.74.168:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (2271)
Hash acb2dd97aba42af59962b20594670533
7238404071b44b5073f37cfc23daf079a81b42eb
e723f81a1229c869b289fcbaa0798229571bc383fa96c2e1a7fbe9106e2c900e
GET /gtag/js?id=UA-9000201-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 May 2023 14:21:10 GMT
expires: Tue, 30 May 2023 14:21:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 May 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash b85157c1ca7989c7bf757e43d01632f7
e32bb00f069d897e00c56cec96155d2c351b5d67
e30b4636b7524d0ebbfa9ad57b4d5d9188420ff139437bf8664920391569286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ca8cca05e813856677c0ba3133770742
688ee02bc307e73cef39bb1f1747b3e8845cecef
9f6e94f2196a935cb4dfe085aa6a3528a310faf58816e949dca6130e6dc8a41a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 07:44:41 GMT
expires: Sun, 26 May 2024 07:44:41 GMT
cache-control: public, max-age=31536000
age: 282990
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 14:21:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
35.188.42.15200 OK 2 B URL POST HTTP/1.1 sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
IP 35.188.42.15:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerDigiCert Inc
Subjectsentry.io
Fingerprint15:B3:B3:F7:8C:AC:CA:4E:EA:C5:B0:56:6E:00:9F:3B:62:5F:2F:A4
ValidityFri, 03 Jun 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.safesecureremove.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 422
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 30 May 2023 14:21:11 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 3
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6db1a107e505b3a2704c5447e3bd30eb
2833d2953b37645c12c4534de19e4d022ce5c025
85d6f8c137556d3770b504be6be919158a9009c8e5aea8f1a614d71613f1e666
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Tue, 30 May 2023 14:21:11 GMT
Last-Modified: Tue, 30 May 2023 13:43:26 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fm7XCojdnAbfbmJlTuOrXXaNp0QdUCmM4Cqn5TESqnEBzZJZs9cGqg==
Age: 2265
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 6db1a107e505b3a2704c5447e3bd30eb
2833d2953b37645c12c4534de19e4d022ce5c025
85d6f8c137556d3770b504be6be919158a9009c8e5aea8f1a614d71613f1e666
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Tue, 30 May 2023 14:21:11 GMT
Last-Modified: Tue, 30 May 2023 13:38:50 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ccufSmvEUUuzmzvYuG8R6dJNRP7w-SoFUsmqfGAmOhcTTkFyP0rd5Q==
Age: 2541
api.optoutsystem.com/auth/legacy/optout-key
54.213.222.228200 OK 0 B URL POST HTTP/2 api.optoutsystem.com/auth/legacy/optout-key
IP 54.213.222.228:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.safesecureremove.com/
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 30 May 2023 14:21:11 GMT
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
X-Firefox-Spdy: h2
api.optoutsystem.com/auth/legacy/optout-key
54.213.222.228200 OK 396 B URL POST HTTP/2 api.optoutsystem.com/auth/legacy/optout-key
IP 54.213.222.228:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (396), with no line terminators
Hash 5cf45ee14f843a373f7f41438879e9e7
2f985d843f8f9d97e81bedd04aa156b83fab3dbd
1979f2174073b96849b2828002d31d1edb76c60b105e16b7408b5b61ebec9ac9
POST /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 95
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:11 GMT
content-type: application/json; charset=utf-8
content-length: 396
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1499
x-ratelimit-reset: 1685456531
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2
api.optoutsystem.com/campaigns/203375/optout-page
54.213.222.228204 No Content 0 B URL OPTIONS HTTP/2 api.optoutsystem.com/campaigns/203375/optout-page
IP 54.213.222.228:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /campaigns/203375/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://www.safesecureremove.com/
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 30 May 2023 14:21:12 GMT
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
X-Firefox-Spdy: h2
api.optoutsystem.com/campaigns/203375/optout-page
54.213.222.228204 No Content 172 B URL OPTIONS HTTP/2 api.optoutsystem.com/campaigns/203375/optout-page
IP 54.213.222.228:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerAmazon
Subject*.optoutsystem.com
Fingerprint0F:C6:BD:98:F0:B2:A3:23:10:8C:58:A7:11:C7:DA:FE:DE:35:C5:76
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 29 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f138aa519c0af778da470765aea3514e
3192ff5f13ccf822a1a4ed5f33d3ac695e26e318
dd6d49a44dc3392bc0c6b2e93705c201ed8c700962257cd7fb2b516cc0d76e09
GET /campaigns/203375/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3B0b3V0IiwiY2FtcGFpZ25faWQiOjIwMzM3NSwibWFpbGVyX2lkIjoxMjY3MTAsImNtYV9pZCI6NTE5NzI5NDgsImlhdCI6MTY4NTQ1NjQ3MSwiZXhwIjoxNjg3MjcwODcxfQ.XfPv2bcHDlUuDedyHVi2a07BGmr5oXGxIii8rXvzIBM
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:12 GMT
content-type: application/json; charset=utf-8
content-length: 172
vary: Origin
access-control-allow-origin: https://www.safesecureremove.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1498
x-ratelimit-reset: 1685456531
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.safesecureremove.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:39:40 GMT
expires: Wed, 22 May 2024 21:39:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 578492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 6.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (6530), with no line terminators
Hash feddc562097e437af08febef83792dbe
4d1d430f50e555657f1a135bcf655877597b38ca
284e88ea80c2a259fedfeb2cd060bd55616e22a73693c779061741385239c46b
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 May 2023 14:21:10 GMT
date: Tue, 30 May 2023 14:21:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.safesecureremove.com/static/css/main.3ec05bac.css
188.114.96.1200 OK 243 kB URL GET HTTP/3 www.safesecureremove.com/static/css/main.3ec05bac.css
IP 188.114.96.1:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT
Size 243 kB (242757 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/css/main.3ec05bac.css HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: text/css
cache-control: public, max-age=31536000, immutable
content-md5: lP7Dxph8Slmy9xlnKm6q9g==
last-modified: Thu, 20 Apr 2023 04:28:30 GMT
etag: W/"0x8DB4157B19B4B90"
x-cache: TCP_HIT
x-ms-request-id: 8eddca26-301e-00b8-7c5e-730960000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 09vNAZAAAAAA8YJhwZqeKQoAp3eVW8lyIQU1TMDRFREdFMTkxOQA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 03fxAZAAAAADDZ79hefcHQq6EpGLbLziOQlJVMzBFREdFMDQxNwA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
cf-cache-status: HIT
age: 3475833
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K88arxR8EQIrTYCY2ZMqEBGiu%2F8dYqtwP2Lzc0wBuGG9cE99DxEXg5ImIP%2Bu9dwH2%2FRdYg7u1lW68%2BGGMj1wnRXgf7JWHxra2VgnNjJ4w7WFqd79gcF3HKGvg2Y%2BNWMTUERSAkg%2FxOnU5jQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f3cca34b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
188.114.96.1200 OK 733 B URL User Request GET HTTP/2 www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (763), with no line terminators
Hash ae172e0582255375ec0e2d1bc076f180
ef0d1cba225a754c08fe858accad301182bdaabe
51a32d3779e5cda70e015c3398db8686d88815acb125484e2a7fde5772501f52
GET /o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: text/html
content-md5: zg0ZeREIKz7OeBkYemM90w==
last-modified: Tue, 30 May 2023 02:47:39 GMT
x-cache: TCP_REMOTE_HIT
x-ms-request-id: a3bb7df7-701e-0028-1ff2-92ee17000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 0VgZ2ZAAAAAC6x4zqZ696SKW4HiSLBbehQU1TMDRFREdFMTkxMQA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 0VgZ2ZAAAAADQ5zdo7stJQZvAFrcLoQasU1RPRURHRTEzMjEANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVGpfF%2Fqqd%2BOc7gR0CDJhwJ3JybelO%2Bz34sbR5fDcUXZi9IxPv6Jgf5amGPlg7WqNqf67kIvSDagtWIxI%2FFf0luaAbbR6aTIoEB24yBKVyTdhtOZN31W4Ujd7OAnmTGgvlSRvF6rQf0nBt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf79f3b1d31b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.safesecureremove.com/static/js/main.80b362da.js
188.114.96.1200 OK 1.5 MB URL GET HTTP/3 www.safesecureremove.com/static/js/main.80b362da.js
IP 188.114.96.1:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT
Size 1.5 MB (1517248 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/js/main.80b362da.js HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 May 2023 14:21:10 GMT
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
content-md5: j1qVIItf0gvmkuL11aGCYw==
last-modified: Tue, 30 May 2023 02:47:39 GMT
etag: W/"0x8DB60B83BC9E503"
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 22c2de82-f01e-00e0-5ca3-923242000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 08Gh1ZAAAAADeb4SowC5rS7uGU2dzgmTyQU1TMDRFREdFMTkwNwA2NDRiYzc2MC04Y2UxLTRjYTItYmIxNi04ODQxMWY5YTRkOGE=
domain-integrity-check: true
x-azure-ref: 08Gh1ZAAAAACuQbay6OPXQpb8CPwoaf1SU1RPRURHRTE4MTUANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: HIT
age: 40294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSXaactz7iXVxlyI4KC8690BNJDFf0NBdrjX58HvPlwBfnWPD6LQCNKSI37tIWmCG0dE2%2BQtFxLWA1H9M57X2lTjuh2dSMIaGp7RZCtY%2BJ5X%2BeKAASoVHJIGXIIAX0iQTgaEtfW60YIF%2FbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f3cca33b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.safesecureremove.com/favicon.ico
188.114.96.1404 Not Found 733 B URL GET HTTP/3 www.safesecureremove.com/favicon.ico
IP 188.114.96.1:443
Requested by https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Certificate IssuerGoogle Trust Services LLC
Subjectsafesecureremove.com
Fingerprint99:32:3B:94:74:EA:68:6D:58:E6:10:F4:C9:B8:B7:21:66:A0:EF:5F
ValidityThu, 20 Apr 2023 04:53:09 GMT - Wed, 19 Jul 2023 04:53:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (763), with no line terminators
Hash d6fc7d08f22a387650f6e015c634efb7
19d522a2b03b245454928871f6f31d6ee21e5995
c508746f0cbe6bde85a86c2a83ec96127bb11974f88021507757bb2ddb36a5dd
GET /favicon.ico HTTP/1.1
Host: www.safesecureremove.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.safesecureremove.com/o-wlcx-f12-14c8c2a3dcd589ed84c0bfbab4f86e6d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 30 May 2023 14:21:11 GMT
content-type: text/html
cache-control: public, max-age=31536000, immutable
x-cache: TCP_MISS
x-ms-error-code: WebContentNotFound
x-ms-request-id: f15cb032-901e-0062-1c65-733313000000
x-ms-version: 2018-03-28
x-azure-ref-originshield: 04PxAZAAAAABTR1GzN8yFTrMWpNt2l31lRlJBMjMxMDUwNDE4MDIzADY0NGJjNzYwLThjZTEtNGNhMi1iYjE2LTg4NDExZjlhNGQ4YQ==
domain-integrity-check: true
x-azure-ref: 04PxAZAAAAAD+Czyu+DW7QLnIykeuVZ4aU1RPRURHRTE5MTkANjQ0YmM3NjAtOGNlMS00Y2EyLWJiMTYtODg0MTFmOWE0ZDhh
cf-cache-status: HIT
age: 3475831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjwRgKyu1ZnxDqUp9RizjPA%2B179LjhmluQAURXTctpKUpUjfKsR2R2LWANVutoaS%2FTkbH6MccDbzHWRcgbebaNJu1OWPJ7IW8hA8PZy%2B2QoK%2B7tLANn%2Fc1zhKuwegeYnRJPk1q%2Fl6v8mMSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf79f414b17b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400