Report - grabify.world/NUM912.rar

Report Overview

Submitted URL
grabify.world/NUM912.rar
IP
104.21.15.56
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 20:50:32
Access
public
Website Title
SafeNote | Encrypt and send files and notes with a link that automatically destruct after being read.
Final URL
safenote.co/expired
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
safenote.co	117539	2018-11-29	2019-05-28	2023-11-27	6.4 kB	238 kB	192.99.70.154
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-19	456 B	17 kB	104.16.80.73
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-19	433 B	88 kB	151.101.194.137
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-19	869 B	163 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	876 B	20 kB	142.250.74.106
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-18	2.0 kB	213 kB	104.21.27.152
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	555 B	14 kB	216.58.207.227
grabify.world	unknown	2019-04-10	2020-03-11	2024-04-18	478 B	864 B	172.67.161.186
grabify.link	181878	2015-07-05	2015-07-08	2024-04-17	6.3 kB	159 kB	172.67.68.246
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-19	937 B	15 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-19 20:50:06	medium	Client IP	172.67.68.246	ET INFO Observed IP Tracking Domain (grabify .link in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	1.6 kB	2023-05-06	2024-05-02
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-02 21:09:27 Times Seen21193 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.googletagmanager.com/gtag/js?id=G-VLFN2PT7RM&l=dataLayer&cx=c	252 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-VLFN2PT7RM&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 22:50:33 Last Seen2024-04-19 22:50:33 Times Seen2 Hash 51424b4a74302a947c8841a8cceaa6de 5825bfe49c90a3c2084c4c4d66989224bb90e96c 8d15cdb5714185ad0350bbe6eae82b8f539d1c16166db1bd6cdd75ffe0f52dec Loading...

	safenote.co/sandbox%20eval%20code	128 B	2023-05-06	2024-05-02
Pretty URL safenote.co/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-02 21:09:27 Times Seen21330 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	safenote.co/js/app.js	333 kB	2023-03-12	2024-04-19
Pretty URL safenote.co/js/app.js IP 192.99.70.154 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:03:00 Last Seen2024-04-19 22:50:33 Times Seen15 Hash 5a7133a0db86cf88dedb815b140e1978 205b8069673bef93adcf26ab171ac37479ffaf4b ba61e92bc0fb8c2a9e3fcd717e7d8f302e028d4ee31a43291ee5c7cf612292c9 Loading...

	cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js	43 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:19 Last Seen2024-04-19 22:50:33 Times Seen29 Hash 33148c7d5e055ea747149d025cc9c0cf 7c8fadac2e33330b6f632075de1c9ff0f15da48b 72ce2d8528437e392a146939b362f18f7e6c81246be0c45cc9c7268b458aa823 Loading...

	www.googletagmanager.com/gtag/js?id=UA-130084942-1	203 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-130084942-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 22:50:33 Last Seen2024-04-19 22:50:33 Times Seen2 Hash 05b3f2eb3d2986acba7cc979e6d4dad3 42f3c3f0fa39555a208c64c01a74db25f427959b 0752721e8a3cf56f82de7c7d18fa164dbd3492c42c47bd0f19865bcb252006df Loading...

	unknown	54 B	2023-04-11	2024-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:34:44 Last Seen2024-05-02 18:06:25 Times Seen863 Hash 21ad6a5e027895d7fef5bee4de0a6c02 1997f8ca0f217c1001a42318dc5976a0d5a56469 6e97ed48cf9a0f9bf4e5199bc5546e24c1067a10e7a582b886143be40f479bb5 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-02
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 21:48:32 Times Seen343682 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-02
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-02 21:46:10 Times Seen107855 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	safenote.co/sandbox%20eval%20code	147 B	2023-04-11	2024-05-02
Pretty URL safenote.co/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 21:48:32 Times Seen344188 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	safenote.co/expired	183 B	2023-03-12	2024-04-19
Pretty URL safenote.co/expired IP 192.99.70.154 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:03:00 Last Seen2024-04-19 22:50:33 Times Seen9 Hash a5ad374a1a46e937bb355c22e76759a9 0f5b31d57711a22706eee8b960e982e9e090c9a7 3f02db33f51b2f40b0a12d6f62cf48cef9d48ccee90bc6323a0e1e43e057bb5b Loading...

	safenote.co/expired	64 B	2023-03-07	2024-04-19
Pretty URL safenote.co/expired IP 192.99.70.154 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27:28 Last Seen2024-04-19 22:50:33 Times Seen318 Hash 70957b6ae83bf1935f2916febf7391da fe30cd795d82f571f1a536490848ba717b62d2d3 cacff1f6e2c3732b8ae94335c5162b5a3291d6ae9cd72c6cc1acfa567f83ee5a Loading...

	safenote.co/expired	441 B	2023-03-12	2024-04-19
Pretty URL safenote.co/expired IP 192.99.70.154 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:02:59 Last Seen2024-04-19 22:50:33 Times Seen9 Hash f70ed9d06cd940c4d5cfc80980be9528 10ccdbf4e63f311630ccc54669ab020fe7021684 5bcdb119d27bd2308027a6f6d967cb9191b0583a9b1776dd998dcf69b4ece13a Loading...

HTTP Transactions (27)

	URL	IP	Response	Size
	grabify.world/NUM912.rar	172.67.161.186		143 B
URL grabify.world/NUM912.rar IP 172.67.161.186:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with CRLF line terminators Size 143 B (143 bytes) Hash cb7b8f439b04c00f4a2d78160ddfee8d 9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4 12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e HTTP Headers `GET /NUM912.rar HTTP/1.1 Host: grabify.world User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Fri, 19 Apr 2024 20:50:06 GMT content-type: text/html content-length: 143 location: https://grabify.link/NUM912.rar cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSuzmtgVvb7GbdqVQyTvtEntBwqCp1rixODoAxFft9wtGDfVMDFINHLh%2FfTh9ugYSAihXVmBuJkUIZRyAdsKALUs9MQtHS3Lq5pHurXWSnDeNyOyBP7stmSW3aK6Uxgl"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876fc3d5ce9b5687-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	grabify.link/js/ads.js	172.67.68.246		19 B
URL grabify.link/js/ads.js IP 172.67.68.246:0 ASN #13335 CLOUDFLARENET File type ASCII text, with no line terminators Size 19 B (19 bytes) Hash 14380b81da6c1f82d54ddad07bdca87c a72b216e23ce2fd0c275f0c66381255e2b34c1be 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a HTTP Headers GET /js/ads.js HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ik4zYlpSbXI2YWFDaWJ4ZW9MYzVJUXc9PSIsInZhbHVlIjoicUtRZkU2cmZyZExwWmFxa1RYOG5nYmhBQ2g2REhXenZMb1JmbW5WaVZiODd0ck9JUHA2WGVZNVNPSnVyYjRnSG44Nk5nekpjRThQWldoSnlla2liNTNZY0dveGc3aGdqUkRxSTJsTXBzaVlqbjk4OS9RWWEwTFNvSHpycXBBZXIiLCJtYWMiOiI2YzBkNTQzYzY2YTJmMjhhMzU1YmFlNjZkMzM5MmE4Y2RiOGY4MzNlNmNiNzU0MTEzNDVlOWU0NDJlNDRhYjhjIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IlBxVHZ3VlBsOC9iUnc4ck80V0hDZ1E9PSIsInZhbHVlIjoibWpTTEJacGpzdkx1Mjk2cjdaMWt4WEMzRDBPejR6dnA3aTdFSGFJRDQrQ2VOdUxpMmgvc2g0TEJCa1BwMjRaSzljdjhieGtpSDdOclE2MzVGSFNJVkFJcDV4c2lyV2IwRnVQWW9iRDl4QXFmbFpZeG9MTGt2N0ZTcTgyd09IdFkiLCJtYWMiOiIyMjJlZTgxMTkyMzhkMDY4MjU2MmJkZWM2NzBhNmQwYzAxNzJlMzlkZTg4ZWU2NGY4ZjZkY2JlMGFlNzQ5MjYzIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 20:50:08 GMT content-type: application/javascript content-length: 19 cf-bgj: minify cf-polished: origSize=22 etag: "16-60f850cd8071e" last-modified: Mon, 22 Jan 2024 08:59:40 GMT cf-cache-status: HIT age: 4792 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJ5T2%2B4HhMC1hoU8n%2FkgqWVTQzyune9CTVof35zH%2FChSGSsh%2F1RLc8wC2AW6vnP6SuGuTeUVMZHpm9foCaEs1h%2Fv%2BnK1Go4GZVyfocoeAvF9Go%2B8t5Zwcymk1HDaXg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 876fc3e528390b65-OSL alt-svc: h3=":443"; ma=86400

	grabify.link/cdn-cgi/rum?	172.67.68.246	204 No Content	0 B
URL POST HTTP/3 grabify.link/cdn-cgi/rum? IP 172.67.68.246:443 ASN #13335 CLOUDFLARENET Requested by https://grabify.link/NUM912.rar Certificate IssuerGoogle Trust Services LLC Subjectgrabify.link Fingerprint21:0E:1C:67:0B:C7:CA:94:A3:D8:EC:9A:76:1F:DC:2A:41:08:76:69 ValidityFri, 09 Feb 2024 16:12:49 GMT - Thu, 09 May 2024 16:12:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br content-type: application/json Content-Length: 1056 Origin: https://grabify.link DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ik4zYlpSbXI2YWFDaWJ4ZW9MYzVJUXc9PSIsInZhbHVlIjoicUtRZkU2cmZyZExwWmFxa1RYOG5nYmhBQ2g2REhXenZMb1JmbW5WaVZiODd0ck9JUHA2WGVZNVNPSnVyYjRnSG44Nk5nekpjRThQWldoSnlla2liNTNZY0dveGc3aGdqUkRxSTJsTXBzaVlqbjk4OS9RWWEwTFNvSHpycXBBZXIiLCJtYWMiOiI2YzBkNTQzYzY2YTJmMjhhMzU1YmFlNjZkMzM5MmE4Y2RiOGY4MzNlNmNiNzU0MTEzNDVlOWU0NDJlNDRhYjhjIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IlBxVHZ3VlBsOC9iUnc4ck80V0hDZ1E9PSIsInZhbHVlIjoibWpTTEJacGpzdkx1Mjk2cjdaMWt4WEMzRDBPejR6dnA3aTdFSGFJRDQrQ2VOdUxpMmgvc2g0TEJCa1BwMjRaSzljdjhieGtpSDdOclE2MzVGSFNJVkFJcDV4c2lyV2IwRnVQWW9iRDl4QXFmbFpZeG9MTGt2N0ZTcTgyd09IdFkiLCJtYWMiOiIyMjJlZTgxMTkyMzhkMDY4MjU2MmJkZWM2NzBhNmQwYzAxNzJlMzlkZTg4ZWU2NGY4ZjZkY2JlMGFlNzQ5MjYzIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 204 No Content date: Fri, 19 Apr 2024 20:50:11 GMT access-control-allow-origin: https://grabify.link access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 876fc3f3ba7b0b65-OSL x-frame-options: DENY x-content-type-options: nosniff`

	grabify.link/api/js	172.67.68.246		498 B
URL grabify.link/api/js IP 172.67.68.246:0 ASN #13335 CLOUDFLARENET File type JSON text data Size 498 B (498 bytes) Hash b36bd517e6bd757dea0fe824a0b11d31 7e86838ac0103a610de5fddb426c2f1ebeb01e42 25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3 HTTP Headers POST /api/js HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded User-Agents: ckJNeWtZekxwSnFIQUpFYnV0VTlKUWRtWlo4ZWJrOENXa002alc0bQ== X-CSRF-TOKEN: rBMykYzLpJqHAJEbutU9JQdmZZ8ebk8CWkM6jW4m Content-Length: 3374 Origin: https://grabify.link DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ik4zYlpSbXI2YWFDaWJ4ZW9MYzVJUXc9PSIsInZhbHVlIjoicUtRZkU2cmZyZExwWmFxa1RYOG5nYmhBQ2g2REhXenZMb1JmbW5WaVZiODd0ck9JUHA2WGVZNVNPSnVyYjRnSG44Nk5nekpjRThQWldoSnlla2liNTNZY0dveGc3aGdqUkRxSTJsTXBzaVlqbjk4OS9RWWEwTFNvSHpycXBBZXIiLCJtYWMiOiI2YzBkNTQzYzY2YTJmMjhhMzU1YmFlNjZkMzM5MmE4Y2RiOGY4MzNlNmNiNzU0MTEzNDVlOWU0NDJlNDRhYjhjIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IlBxVHZ3VlBsOC9iUnc4ck80V0hDZ1E9PSIsInZhbHVlIjoibWpTTEJacGpzdkx1Mjk2cjdaMWt4WEMzRDBPejR6dnA3aTdFSGFJRDQrQ2VOdUxpMmgvc2g0TEJCa1BwMjRaSzljdjhieGtpSDdOclE2MzVGSFNJVkFJcDV4c2lyV2IwRnVQWW9iRDl4QXFmbFpZeG9MTGt2N0ZTcTgyd09IdFkiLCJtYWMiOiIyMjJlZTgxMTkyMzhkMDY4MjU2MmJkZWM2NzBhNmQwYzAxNzJlMzlkZTg4ZWU2NGY4ZjZkY2JlMGFlNzQ5MjYzIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 20:50:11 GMT content-type: application/json cache-control: no-cache, private x-ratelimit-limit: 10 x-ratelimit-remaining: 8 access-control-allow-origin: * set-cookie: XSRF-TOKEN=eyJpdiI6IjRMaGRKdG5FM3pOMm9nK2xtVGhVcEE9PSIsInZhbHVlIjoiaTF5aGk3OHEvRi9mbXQzQVYrR1FXcjhnZ1ArT1RBcXphVWM2M2hzNk5VSEpaVjJKSTVhd2hZeUFXWS8wSkFKREpQOHJ6dUdxczQvV2plWjFvQXpUTllBcXpDTWY0ZXAxSXB0Yi85ZTBkMlUxYlFTcTVkaGZMZFV0Qk5oWkdOTGciLCJtYWMiOiJjMDkyOGZiOWEwZWQyNjk4YWVhYWZhNjA4NGZhMzhhN2Y5NmVmNjM4YTY2N2IzZTZiNTc5MDQwNmY4MmU3MDI2IiwidGFnIjoiIn0%3D; expires=Sat, 20 Apr 2024 01:50:11 GMT; Max-Age=18000; path=/; secure g_session=eyJpdiI6IndCdlBYaVZYUkwzd3laQ1Y4MUQraWc9PSIsInZhbHVlIjoiV3VZUXRyeTF4VUladFlHWW1pZzIzQnQ4RjBQclNOTDNYWDJuSUxEdVFrMUJMVTlNdy9kYXNCc0x5YWttV05QMGM1c3EwK01XTW04VHFZWng2dmdDQzM4cWdBV1VUOVlVWlpFTTF4eDE1YWJzeEFtMGhKRUdBQkMwRUxiVElFL3ciLCJtYWMiOiI3ODc3OTM1M2I3MDNmNjk4OTUxMzU1YzM2ZWE0NTIxNWQwY2I3ZWQ5ZjRiZmY1ZmZmZGIzODZmMzFkNzYyZTc5IiwidGFnIjoiIn0%3D; expires=Sat, 20 Apr 2024 01:50:11 GMT; Max-Age=18000; path=/; secure; httponly cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJQMoxKnxDn%2BXi60uE8kDd6BTEpIyhmKaAQT4sygOcdLGKGSPSwUcimuX56j26FMDuz6dl%2BakDWQIWLDmaUqn6NIA5DBClaGZkoiv2QPo88opyO7GmMaqvtqN7899g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3f51b5c0b65-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	safenote.co/open?reference=649b9d6d99f505@43692128	192.99.70.154	302 Found	354 B
URL User Request GET HTTP/1.1 safenote.co/open?reference=649b9d6d99f505@43692128 IP 192.99.70.154:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type HTML document, ASCII text Size 354 B (354 bytes) Hash 1f197d885a0c78481ecebd9cf77914d8 02a25f9e188bfd794d05f55e48e9bc27d7e58b23 b36215dba2e9d568f4934f4b326232ca9969f4ce6b4440c1781ea7d9833f8fa3 HTTP Headers GET /open?reference=649b9d6d99f505@43692128 HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ikh3c3lsZnVDdlNsaitxT0NRQTFTV1E9PSIsInZhbHVlIjoiVXFpTEd1T015ZTRndzl1SFJwQkFTWjkwRTJzZ1k1eG8xTWFGeW5RR0xYcW9UWTdDcjByOEJ3K0VZY3Qya2ZOUSIsIm1hYyI6ImIyNzQxZmNjNTVkYTQyNmVkYjA5YjVlNzMxYWQ4NGJhODU3MzVhYmNlN2M2MTdjZTMwZjcyNWQyOGM0ZGY1MWQifQ%3D%3D; safenote_session=eyJpdiI6InBVaVZPc3FxZXlWQVBwZ3Vac2ZIV1E9PSIsInZhbHVlIjoiNUZoUWFxd0liWG9VZjVjUUpuUFAxRDRFNDhDcE5tXC9La2o5YUdraTBSN040ZHF0N2lHSXN6WEptXC92SzVjbEpXIiwibWFjIjoiMzE5MTY3OTQ2MDU1YWNlMTg0ZWVlZWI4ODc3OWRjNTBiZWM2ZjMxMjliNDQzZTAyMjgyNDgxNGMwZTZkOGQzNSJ9 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Fri, 19 Apr 2024 20:50:46 GMT Server: Apache Cache-Control: no-cache, private Location: https://safenote.co/expired Set-Cookie: XSRF-TOKEN=eyJpdiI6IklnR0JTcE93Nk9WcGF2cllKNEFBVlE9PSIsInZhbHVlIjoibXVRK3dpQXhURUhuc1wvcXJ6NnByQURVcG1ocmtDWGdVaTA3TWorNUlEM00xSHZcL1BETExscG9NbUE1aWpWbzdBIiwibWFjIjoiOGM5NTEwM2Y1ZWQ2MWMyYWZhZWMzY2RlNzc5YzY3NzU1ZmU4ZTlmZmE2YmQ4OTYwNGRmYzliNDgxZmVjZmJhZSJ9; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/ safenote_session=eyJpdiI6ImRldERGdHR4S3NJMlhhMEZXTVhyMXc9PSIsInZhbHVlIjoiT2dcL2N3bWpUNnlQRlJtZTlLbGl5UktmM2s0bEg2WjMrVnFtSE9RNnU4UWhic21nUmdyQUhCbzhaSjdKY09RVlMiLCJtYWMiOiI2NmE5ZGIwMWVhYzEyZmJiODMwZmFlZGRkODdlM2NkMGIxZWIzYjdjZmIzYzAzOTc4NGI3MmUxYTE0ZTU4OGExIn0%3D; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/; httponly Content-Length: 354 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793	104.16.80.73		17 kB
URL static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP 104.16.80.73:0 ASN #13335 CLOUDFLARENET File type gzip compressed data, from Unix Size 17 kB (16667 bytes) Hash 12584f7074f9b08fdaff13fee5781c07 e2c2ada6eb304e0788c9aa3deb130c6e100b20d2 0ab270a35f87f3e2f2be8ba5014473ce8dbd74f8e647ebd4445968aef8209ad2 HTTP Headers `GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://grabify.link DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:08 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/"2024.4.0" last-modified: Mon, 15 Apr 2024 22:09:58 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 876fc3e548fa56b5-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	grabify.link/cdn-cgi/rum?	172.67.68.246	204 No Content	0 B
URL POST HTTP/3 grabify.link/cdn-cgi/rum? IP 172.67.68.246:443 ASN #13335 CLOUDFLARENET Requested by https://grabify.link/NUM912.rar Certificate IssuerGoogle Trust Services LLC Subjectgrabify.link Fingerprint21:0E:1C:67:0B:C7:CA:94:A3:D8:EC:9A:76:1F:DC:2A:41:08:76:69 ValidityFri, 09 Feb 2024 16:12:49 GMT - Thu, 09 May 2024 16:12:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/rum? HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 493 Origin: https://grabify.link DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6IjRMaGRKdG5FM3pOMm9nK2xtVGhVcEE9PSIsInZhbHVlIjoiaTF5aGk3OHEvRi9mbXQzQVYrR1FXcjhnZ1ArT1RBcXphVWM2M2hzNk5VSEpaVjJKSTVhd2hZeUFXWS8wSkFKREpQOHJ6dUdxczQvV2plWjFvQXpUTllBcXpDTWY0ZXAxSXB0Yi85ZTBkMlUxYlFTcTVkaGZMZFV0Qk5oWkdOTGciLCJtYWMiOiJjMDkyOGZiOWEwZWQyNjk4YWVhYWZhNjA4NGZhMzhhN2Y5NmVmNjM4YTY2N2IzZTZiNTc5MDQwNmY4MmU3MDI2IiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IndCdlBYaVZYUkwzd3laQ1Y4MUQraWc9PSIsInZhbHVlIjoiV3VZUXRyeTF4VUladFlHWW1pZzIzQnQ4RjBQclNOTDNYWDJuSUxEdVFrMUJMVTlNdy9kYXNCc0x5YWttV05QMGM1c3EwK01XTW04VHFZWng2dmdDQzM4cWdBV1VUOVlVWlpFTTF4eDE1YWJzeEFtMGhKRUdBQkMwRUxiVElFL3ciLCJtYWMiOiI3ODc3OTM1M2I3MDNmNjk4OTUxMzU1YzM2ZWE0NTIxNWQwY2I3ZWQ5ZjRiZmY1ZmZmZGIzODZmMzFkNzYyZTc5IiwidGFnIjoiIn0%3D Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/3 204 No Content date: Fri, 19 Apr 2024 20:50:12 GMT access-control-allow-origin: https://grabify.link access-control-allow-methods: POST,OPTIONS access-control-max-age: 86400 vary: Origin access-control-allow-credentials: true server: cloudflare cf-ray: 876fc3fbb8d10b65-OSL x-frame-options: DENY x-content-type-options: nosniff`

	cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.css	104.17.25.14	200 OK	1.3 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.css IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (9716) Size 1.3 kB (1274 bytes) Hash 2f735dbf472afcd77604ecf439319f7b e464a73ee11c8299b350071ee5332f1cd6214d73 7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8 HTTP Headers `GET /ajax/libs/dropzone/5.5.1/min/dropzone.min.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:12 GMT content-type: text/css; charset=utf-8 content-length: 1274 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e3e-25f5" last-modified: Mon, 04 May 2020 16:09:34 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 12933584 expires: Wed, 09 Apr 2025 20:50:12 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juvqcC5z4XtvXj7jnOrXYDhc%2Fr9IqR%2FCKmkH%2BsCX%2Bsk3GUTFvo9eopGHoavtFs4sYyFSa389hSxGVl6HDt03zN6X3o2XrzjaajhOgZ8pfNpjTMlvLENYzok1RSxjFyF5P%2BnI7%2B77"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876fc3fc8fc75685-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js	104.17.25.14	200 OK	11 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/dropzone.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (31998) Size 11 kB (11347 bytes) Hash 33148c7d5e055ea747149d025cc9c0cf 7c8fadac2e33330b6f632075de1c9ff0f15da48b 72ce2d8528437e392a146939b362f18f7e6c81246be0c45cc9c7268b458aa823 HTTP Headers `GET /ajax/libs/dropzone/5.5.1/min/dropzone.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:12 GMT content-type: application/javascript; charset=utf-8 content-length: 11347 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e3e-a7fb" last-modified: Mon, 04 May 2020 16:09:34 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 270094 expires: Wed, 09 Apr 2025 20:50:12 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NxkrHhlQvsA39jJqslTBbiymGdH5Syj7ydeyNpapWn8b5gdHtBPRXYveHQk9hQrV6smyUUQGCbXAhjkS1apzfUs0vY2MwGLUqEstJkZlo%2BlSqksENXWNE3nz4rwr6KKuWb6hoak"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 876fc3fc8fca5685-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	grabify.link/NUM912.rar	172.67.68.246		32 kB
URL grabify.link/NUM912.rar IP 172.67.68.246:0 ASN #13335 CLOUDFLARENET File type HTML document, Unicode text, UTF-8 text, with very long lines (370) Size 32 kB (32004 bytes) Hash d0d03bedc1b382b1de43cf7335a5d663 71cc30cdd0cd4853975b68049cc1631bf8499a16 9aca46fb410185b31860a4998c7901e628f50f974773355bb7dfccb3df55b854 HTTP Headers `GET /NUM912.rar HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:08 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private x-ratelimit-limit: 15 x-ratelimit-remaining: 14 vary: Accept-Encoding cf-cache-status: BYPASS set-cookie: XSRF-TOKEN=eyJpdiI6Ik4zYlpSbXI2YWFDaWJ4ZW9MYzVJUXc9PSIsInZhbHVlIjoicUtRZkU2cmZyZExwWmFxa1RYOG5nYmhBQ2g2REhXenZMb1JmbW5WaVZiODd0ck9JUHA2WGVZNVNPSnVyYjRnSG44Nk5nekpjRThQWldoSnlla2liNTNZY0dveGc3aGdqUkRxSTJsTXBzaVlqbjk4OS9RWWEwTFNvSHpycXBBZXIiLCJtYWMiOiI2YzBkNTQzYzY2YTJmMjhhMzU1YmFlNjZkMzM5MmE4Y2RiOGY4MzNlNmNiNzU0MTEzNDVlOWU0NDJlNDRhYjhjIiwidGFnIjoiIn0%3D; expires=Sat, 20 Apr 2024 01:50:08 GMT; Max-Age=18000; path=/; secure g_session=eyJpdiI6IlBxVHZ3VlBsOC9iUnc4ck80V0hDZ1E9PSIsInZhbHVlIjoibWpTTEJacGpzdkx1Mjk2cjdaMWt4WEMzRDBPejR6dnA3aTdFSGFJRDQrQ2VOdUxpMmgvc2g0TEJCa1BwMjRaSzljdjhieGtpSDdOclE2MzVGSFNJVkFJcDV4c2lyV2IwRnVQWW9iRDl4QXFmbFpZeG9MTGt2N0ZTcTgyd09IdFkiLCJtYWMiOiIyMjJlZTgxMTkyMzhkMDY4MjU2MmJkZWM2NzBhNmQwYzAxNzJlMzlkZTg4ZWU2NGY4ZjZkY2JlMGFlNzQ5MjYzIiwidGFnIjoiIn0%3D; expires=Sat, 20 Apr 2024 01:50:08 GMT; Max-Age=18000; path=/; secure; httponly report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCd0QI5%2FbSlop381jceAVwi0DH1Jqizrh5TsiM4QJWk7rBgC0FxiDnQV%2BYjSeZidF33DEaEqQAlKOwp%2FZJPir6ZJboECmWj8uSwpeYEv%2FCfRfhXDgg8Jdn2DdmyoiA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3d63cef5693-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=UA-130084942-1	142.250.74.168	200 OK	73 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-130084942-1 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://safenote.co/expired Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT File type JavaScript source, ASCII text, with very long lines (4179) Size 73 kB (73296 bytes) Hash 05b3f2eb3d2986acba7cc979e6d4dad3 42f3c3f0fa39555a208c64c01a74db25f427959b 0752721e8a3cf56f82de7c7d18fa164dbd3492c42c47bd0f19865bcb252006df HTTP Headers `GET /gtag/js?id=UA-130084942-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 19 Apr 2024 20:50:12 GMT expires: Fri, 19 Apr 2024 20:50:12 GMT cache-control: private, max-age=900 last-modified: Fri, 19 Apr 2024 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 73296 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-VLFN2PT7RM&l=dataLayer&cx=c	142.250.74.168	200 OK	89 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-VLFN2PT7RM&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://safenote.co/expired Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT File type JavaScript source, ASCII text, with very long lines (5955) Size 89 kB (88882 bytes) Hash 51424b4a74302a947c8841a8cceaa6de 5825bfe49c90a3c2084c4c4d66989224bb90e96c 8d15cdb5714185ad0350bbe6eae82b8f539d1c16166db1bd6cdd75ffe0f52dec HTTP Headers `GET /gtag/js?id=G-VLFN2PT7RM&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 19 Apr 2024 20:50:12 GMT expires: Fri, 19 Apr 2024 20:50:12 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 88882 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	safenote.co/js/app.js	192.99.70.154	200 OK	111 kB
URL GET HTTP/1.1 safenote.co/js/app.js IP 192.99.70.154:443 ASN #16276 OVH SAS Requested by https://safenote.co/expired Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size 111 kB (111339 bytes) Hash 5a7133a0db86cf88dedb815b140e1978 205b8069673bef93adcf26ab171ac37479ffaf4b ba61e92bc0fb8c2a9e3fcd717e7d8f302e028d4ee31a43291ee5c7cf612292c9 HTTP Headers GET /js/app.js HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/expired Cookie: XSRF-TOKEN=eyJpdiI6InlWYnMzclRmUllOTzR5d1QyRzNLSHc9PSIsInZhbHVlIjoia0pNU1g2XC9tXC9qSUV3dkZyNXc1dzNMcThsUlFvTGVicjMwb00xK0lsbGVIbXltd3R1b1U1RkJNRElyUlNPeXh1IiwibWFjIjoiN2FjMzUyNTA3NDNkYmViNmZkMjNkMjkwNzU5ZWMwYjI5OTcxZGM5MDAxNWY2Y2I4NThhZWY0NjA4Mjg1MGY2YSJ9; safenote_session=eyJpdiI6ImdDNFcyWjVNMzhtaHNPNm00VFpCOVE9PSIsInZhbHVlIjoib2FVTThBeFAzNllqZ3EwdVg0RkM0MUdjUjI0U2NSbm5RbjQraGEwRmpOYk5LV255TENMQ0lsUnFGakNcL0FlMXoiLCJtYWMiOiI3ZWU1ZGIzNmQ2ZjgwYTcwM2I5MWQzYWIyMGY1MDYwMWU2MTE0YmFjZTIzYWRjOTUwNDNhMTQyMzRjN2ZmOWQ5In0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 20:50:46 GMT Server: Apache Last-Modified: Fri, 23 Nov 2018 13:42:31 GMT ETag: "51633-57b5527a84ef7-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/javascript`

	safenote.co/css/app.css	192.99.70.154	200 OK	22 kB
URL GET HTTP/1.1 safenote.co/css/app.css IP 192.99.70.154:443 ASN #16276 OVH SAS Requested by https://safenote.co/expired Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type ASCII text, with very long lines (65264) Size 22 kB (21905 bytes) Hash 3dbb53663d049de74f8d846cf7b26afc bb89caf91dce7a45c1145a6fe65279a3737faf69 9d15453db3933c69ec4e054632d7a126000f767218357881713f39c0bc6d1357 HTTP Headers GET /css/app.css HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/expired Cookie: XSRF-TOKEN=eyJpdiI6InlWYnMzclRmUllOTzR5d1QyRzNLSHc9PSIsInZhbHVlIjoia0pNU1g2XC9tXC9qSUV3dkZyNXc1dzNMcThsUlFvTGVicjMwb00xK0lsbGVIbXltd3R1b1U1RkJNRElyUlNPeXh1IiwibWFjIjoiN2FjMzUyNTA3NDNkYmViNmZkMjNkMjkwNzU5ZWMwYjI5OTcxZGM5MDAxNWY2Y2I4NThhZWY0NjA4Mjg1MGY2YSJ9; safenote_session=eyJpdiI6ImdDNFcyWjVNMzhtaHNPNm00VFpCOVE9PSIsInZhbHVlIjoib2FVTThBeFAzNllqZ3EwdVg0RkM0MUdjUjI0U2NSbm5RbjQraGEwRmpOYk5LV255TENMQ0lsUnFGakNcL0FlMXoiLCJtYWMiOiI3ZWU1ZGIzNmQ2ZjgwYTcwM2I5MWQzYWIyMGY1MDYwMWU2MTE0YmFjZTIzYWRjOTUwNDNhMTQyMzRjN2ZmOWQ5In0%3D Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 20:50:47 GMT Server: Apache Last-Modified: Fri, 23 Nov 2018 13:42:31 GMT ETag: "2639a-57b5527a83f57-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 21905 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/css`

	fonts.googleapis.com/css?family=Nunito	142.250.74.106	200 OK	15 kB
URL GET HTTP/3 fonts.googleapis.com/css?family=Nunito IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://safenote.co/expired Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT File type gzip compressed data, max compression Size 15 kB (15366 bytes) Hash acd7b222a8927c66a431130d657ceb34 f707d026e234cf505528cc3057946a539721fcb2 53f78d159efe7c60b408b41dba4f9863a6636437f3624090aa92090b07088203 HTTP Headers `GET /css?family=Nunito HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 19 Apr 2024 20:50:12 GMT date: Fri, 19 Apr 2024 20:50:12 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2	104.21.27.152	200 OK	74 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2 IP 104.21.27.152:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0 Size 74 kB (73852 bytes) Hash fb493903265cad425ccdf8e04fc2de61 fef2f08d60e907750df0bc41ce64a7139642ddf0 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2 HTTP Headers GET /releases/v5.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:13 GMT content-type: font/woff2 content-length: 73852 access-control-allow-origin: * cache-control: max-age=31556926 etag: "fb493903265cad425ccdf8e04fc2de61" last-modified: Fri, 22 Sep 2023 01:45:38 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 131655 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQaWvs%2BsJ1j%2FuOCmtt%2Bf5pQVZfZgkYdM3CHrxxCkbZN26gfrplc8usRcqy2tVNkVMjElxPgfBWnaS4cm9szJEJBohhu2a4WrlbJoB0lDVVP1Vuwl14vBvyj%2BX9rtFjevrNqt8m4N"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3ff6d231bfa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	safenote.co/image/safenote-logo.png	192.99.70.154	200 OK	29 kB
URL GET HTTP/1.1 safenote.co/image/safenote-logo.png IP 192.99.70.154:443 ASN #16276 OVH SAS Requested by https://safenote.co/expired Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type PNG image data, 879 x 166, 8-bit/color RGBA, non-interlaced Size 29 kB (29204 bytes) Hash b1180ee8cb45783fc3dc0591c13d41fc 98497964e8b5f8b503d32d1d328153f526385ddf 0065e71c9ca77af9aa15f95c78e5e4c5ae1aaa4d591d03c194001b9368e511ba HTTP Headers GET /image/safenote-logo.png HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/expired Cookie: XSRF-TOKEN=eyJpdiI6InlWYnMzclRmUllOTzR5d1QyRzNLSHc9PSIsInZhbHVlIjoia0pNU1g2XC9tXC9qSUV3dkZyNXc1dzNMcThsUlFvTGVicjMwb00xK0lsbGVIbXltd3R1b1U1RkJNRElyUlNPeXh1IiwibWFjIjoiN2FjMzUyNTA3NDNkYmViNmZkMjNkMjkwNzU5ZWMwYjI5OTcxZGM5MDAxNWY2Y2I4NThhZWY0NjA4Mjg1MGY2YSJ9; safenote_session=eyJpdiI6ImdDNFcyWjVNMzhtaHNPNm00VFpCOVE9PSIsInZhbHVlIjoib2FVTThBeFAzNllqZ3EwdVg0RkM0MUdjUjI0U2NSbm5RbjQraGEwRmpOYk5LV255TENMQ0lsUnFGakNcL0FlMXoiLCJtYWMiOiI3ZWU1ZGIzNmQ2ZjgwYTcwM2I5MWQzYWIyMGY1MDYwMWU2MTE0YmFjZTIzYWRjOTUwNDNhMTQyMzRjN2ZmOWQ5In0%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 20:50:47 GMT Server: Apache Last-Modified: Sun, 20 Oct 2019 15:21:32 GMT ETag: "7214-595591f3c7867" Accept-Ranges: bytes Content-Length: 29204 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: image/png`

	grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2	172.67.68.246		121 kB
URL grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 IP 172.67.68.246:0 ASN #13335 CLOUDFLARENET File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 121 kB (120931 bytes) Hash 9adc5e5d7cb1b46aad37a902fcedd1fd 8325d4a777f625d0428f180c98a67a773db8836b c35a7a44bd9babd6b30cef4289a636689e037daebc33fbc918d9984c6d08623c HTTP Headers GET /js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 HTTP/1.1 Host: grabify.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ik4zYlpSbXI2YWFDaWJ4ZW9MYzVJUXc9PSIsInZhbHVlIjoicUtRZkU2cmZyZExwWmFxa1RYOG5nYmhBQ2g2REhXenZMb1JmbW5WaVZiODd0ck9JUHA2WGVZNVNPSnVyYjRnSG44Nk5nekpjRThQWldoSnlla2liNTNZY0dveGc3aGdqUkRxSTJsTXBzaVlqbjk4OS9RWWEwTFNvSHpycXBBZXIiLCJtYWMiOiI2YzBkNTQzYzY2YTJmMjhhMzU1YmFlNjZkMzM5MmE4Y2RiOGY4MzNlNmNiNzU0MTEzNDVlOWU0NDJlNDRhYjhjIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6IlBxVHZ3VlBsOC9iUnc4ck80V0hDZ1E9PSIsInZhbHVlIjoibWpTTEJacGpzdkx1Mjk2cjdaMWt4WEMzRDBPejR6dnA3aTdFSGFJRDQrQ2VOdUxpMmgvc2g0TEJCa1BwMjRaSzljdjhieGtpSDdOclE2MzVGSFNJVkFJcDV4c2lyV2IwRnVQWW9iRDl4QXFmbFpZeG9MTGt2N0ZTcTgyd09IdFkiLCJtYWMiOiIyMjJlZTgxMTkyMzhkMDY4MjU2MmJkZWM2NzBhNmQwYzAxNzJlMzlkZTg4ZWU2NGY4ZjZkY2JlMGFlNzQ5MjYzIiwidGFnIjoiIn0%3D Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 19 Apr 2024 20:50:09 GMT content-type: application/javascript last-modified: Sat, 13 Apr 2024 05:23:14 GMT etag: W/"2ab19-615f395c2cfcc-gzip" vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rlwbLcPJ231k2tSquhRU3MxJiNCl33Lx%2Fae8IA1NafAlu5j7ld%2FLRrVDlPeWUBVyLIgCl6qzkbgERV71tzBFGj9ryQFaA3AgIuZ1bjEF5LPhNB7mwztp2%2FIjX8GnA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3e5283a0b65-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	fonts.gstatic.com/s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2	216.58.207.227	200 OK	13 kB
URL GET HTTP/2 fonts.gstatic.com/s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://safenote.co/expired Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT File type Web Open Font Format (Version 2), TrueType, length 13336, version 1.0 Size 13 kB (13336 bytes) Hash b07180cf0f81951de10205e371bb7994 6e73dee82a9e2a3a50ecd76f44e0df99ace1871d 4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd HTTP Headers GET /s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 13336 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 18 Apr 2024 02:54:32 GMT expires: Fri, 18 Apr 2025 02:54:32 GMT cache-control: public, max-age=31536000 age: 150941 last-modified: Wed, 14 Feb 2024 22:28:26 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	safenote.co/image/safenote.png	192.99.70.154	200 OK	28 kB
URL GET HTTP/1.1 safenote.co/image/safenote.png IP 192.99.70.154:443 ASN #16276 OVH SAS Requested by https://safenote.co/expired Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type PNG image data, 573 x 574, 8-bit/color RGBA, non-interlaced Size 28 kB (28299 bytes) Hash b4fa32d209561c196b98a6083deb357e 472092787027eca962156a56743d01a6cb1eece8 449a2b9cf6b4c1c80defe75ab2f7cb542b02da5252fb6b6289a09b130133a62e HTTP Headers GET /image/safenote.png HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/expired Cookie: XSRF-TOKEN=eyJpdiI6InlWYnMzclRmUllOTzR5d1QyRzNLSHc9PSIsInZhbHVlIjoia0pNU1g2XC9tXC9qSUV3dkZyNXc1dzNMcThsUlFvTGVicjMwb00xK0lsbGVIbXltd3R1b1U1RkJNRElyUlNPeXh1IiwibWFjIjoiN2FjMzUyNTA3NDNkYmViNmZkMjNkMjkwNzU5ZWMwYjI5OTcxZGM5MDAxNWY2Y2I4NThhZWY0NjA4Mjg1MGY2YSJ9; safenote_session=eyJpdiI6ImdDNFcyWjVNMzhtaHNPNm00VFpCOVE9PSIsInZhbHVlIjoib2FVTThBeFAzNllqZ3EwdVg0RkM0MUdjUjI0U2NSbm5RbjQraGEwRmpOYk5LV255TENMQ0lsUnFGakNcL0FlMXoiLCJtYWMiOiI3ZWU1ZGIzNmQ2ZjgwYTcwM2I5MWQzYWIyMGY1MDYwMWU2MTE0YmFjZTIzYWRjOTUwNDNhMTQyMzRjN2ZmOWQ5In0%3D; _ga_VLFN2PT7RM=GS1.1.1713559812.1.0.1713559812.0.0.0; _ga=GA1.1.673661634.1713559813 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 20:50:47 GMT Server: Apache Last-Modified: Sun, 20 Oct 2019 15:21:32 GMT ETag: "6e8b-595591f3c7867" Accept-Ranges: bytes Content-Length: 28299 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: image/png`

	safenote.co/r/649b9d6d99f505@43692128	192.99.70.154	302 Found	22 kB
URL User Request GET HTTP/1.1 safenote.co/r/649b9d6d99f505@43692128 IP 192.99.70.154:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type Size 22 kB (21622 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /r/649b9d6d99f505@43692128 HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Date: Fri, 19 Apr 2024 20:50:46 GMT Server: Apache Cache-Control: no-cache, private Location: https://safenote.co/open?reference=649b9d6d99f505@43692128 Set-Cookie: XSRF-TOKEN=eyJpdiI6Ikh3c3lsZnVDdlNsaitxT0NRQTFTV1E9PSIsInZhbHVlIjoiVXFpTEd1T015ZTRndzl1SFJwQkFTWjkwRTJzZ1k1eG8xTWFGeW5RR0xYcW9UWTdDcjByOEJ3K0VZY3Qya2ZOUSIsIm1hYyI6ImIyNzQxZmNjNTVkYTQyNmVkYjA5YjVlNzMxYWQ4NGJhODU3MzVhYmNlN2M2MTdjZTMwZjcyNWQyOGM0ZGY1MWQifQ%3D%3D; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/ safenote_session=eyJpdiI6InBVaVZPc3FxZXlWQVBwZ3Vac2ZIV1E9PSIsInZhbHVlIjoiNUZoUWFxd0liWG9VZjVjUUpuUFAxRDRFNDhDcE5tXC9La2o5YUdraTBSN040ZHF0N2lHSXN6WEptXC92SzVjbEpXIiwibWFjIjoiMzE5MTY3OTQ2MDU1YWNlMTg0ZWVlZWI4ODc3OWRjNTBiZWM2ZjMxMjliNDQzZTAyMjgyNDgxNGMwZTZkOGQzNSJ9; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/; httponly Content-Length: 478 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2	104.21.27.152	200 OK	15 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2 IP 104.21.27.152:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 14844, version 1.0 Size 15 kB (14844 bytes) Hash bdadb6ce95c5a2e7b673940721450d3c f1e8cb035436d638da83d4696248cec831dcbe7a 92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841 HTTP Headers GET /releases/v5.5.0/webfonts/fa-regular-400.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:13 GMT content-type: font/woff2 content-length: 14844 access-control-allow-origin: * cache-control: max-age=31556926 etag: "bdadb6ce95c5a2e7b673940721450d3c" last-modified: Fri, 22 Sep 2023 01:45:39 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 131655 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYrI2fg5Uxr%2FCTk%2BI9Mb0SYBh5k8uwtrWHph6Du0YqrIui1E%2FXGS2MptjPzblmT8siAxgOdq9ZFx3LbHi%2FwEH2B0SqONu4PJuyZwmUbjWtG8He89HVQ0MCspnwWq4wJC40jMCHqk"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3ff4d151bfa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.3.1.min.js	151.101.194.137	200 OK	87 kB
URL GET HTTP/2 code.jquery.com/jquery-3.3.1.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://safenote.co/expired Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 87 kB (86927 bytes) Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef HTTP Headers `GET /jquery-3.3.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-1538f" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 19 Apr 2024 20:50:12 GMT age: 18759209 x-served-by: cache-lga13622-LGA, cache-hel1410022-HEL x-cache: HIT, HIT x-cache-hits: 36, 133794 x-timer: S1713559813.587494,VS0,VE0 vary: Accept-Encoding content-length: 30288 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Noto+Sans&display=swap	142.250.74.106	200 OK	3.2 kB
URL GET HTTP/2 fonts.googleapis.com/css?family=Noto+Sans&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://safenote.co/expired Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT File type ASCII text, with very long lines (3272), with no line terminators Size 3.2 kB (3192 bytes) Hash 3e15972e34db57f193696124445a1644 ff4b0708bdf3485af4b7e58a1a16ce8df13a4fc1 7e6944d56f8a2f198951ed53bb3d51bb012d1b724b6f6cf88258e82b2737b077 HTTP Headers `GET /css?family=Noto+Sans&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 19 Apr 2024 20:50:12 GMT date: Fri, 19 Apr 2024 20:50:12 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.5.0/css/all.css	104.21.27.152	200 OK	51 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css IP 104.21.27.152:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (51030) Size 51 kB (51215 bytes) Hash 1cc6c92172d124fbd305ba3d8e263333 d24f4d0e56617d3663d5a929500f05a17d71246e 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2 HTTP Headers `GET /releases/v5.5.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://safenote.co/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:12 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=31556926 etag: W/"1cc6c92172d124fbd305ba3d8e263333" last-modified: Fri, 22 Sep 2023 01:45:37 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 358383 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rogq0oHEuG2n%2BsJJPuKs3qwLwE4Aj7BSO104f0OzVnp1XIeuKdAMq0K5GgtGtH6m09ow5InxXzDR1nPxBB3j73K%2BHohT887MENVmkcGrT8fFwY4wlOuhYSvFceBmbfP9WNGf%2FRuR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3fc9b6b1bfa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2	104.21.27.152	200 OK	70 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2 IP 104.21.27.152:443 ASN #13335 CLOUDFLARENET Requested by https://safenote.co/expired Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 69608, version 1.0 Size 70 kB (69608 bytes) Hash 659c4d58b00226541ef95c3a76e169c5 333b0d6bb7e10601f4bd99e048608d5581be2a98 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c HTTP Headers GET /releases/v5.5.0/webfonts/fa-brands-400.woff2 HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://safenote.co DNT: 1 Connection: keep-alive Referer: https://use.fontawesome.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 19 Apr 2024 20:50:13 GMT content-type: font/woff2 content-length: 69608 access-control-allow-origin: * cache-control: max-age=31556926 etag: "659c4d58b00226541ef95c3a76e169c5" last-modified: Fri, 22 Sep 2023 01:45:38 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 131655 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHHE7QbUSeBVvP1VHC02ed7PS%2FubblThdhOx9oxLcdcf8idAVnke3raaP5pz7kNsZAij1YAMgiIneyQ1izsWKuzCUlzN1bLd%2F6j2TLmrRdUQvRkBzY%2F96nGjadueB7Z3h5i0p1Jr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 876fc3ff8d3e1bfa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	safenote.co/expired	192.99.70.154	200 OK	22 kB
URL User Request GET HTTP/1.1 safenote.co/expired IP 192.99.70.154:443 ASN #16276 OVH SAS Certificate IssuerLet's Encrypt Subjectsafenote.co Fingerprint6B:C2:24:18:FF:7F:60:50:65:4D:6E:D4:21:4E:6A:B9:19:54:7C:F5 ValidityThu, 04 Apr 2024 01:04:17 GMT - Wed, 03 Jul 2024 01:04:16 GMT File type Size 22 kB (21622 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /expired HTTP/1.1 Host: safenote.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6IklnR0JTcE93Nk9WcGF2cllKNEFBVlE9PSIsInZhbHVlIjoibXVRK3dpQXhURUhuc1wvcXJ6NnByQURVcG1ocmtDWGdVaTA3TWorNUlEM00xSHZcL1BETExscG9NbUE1aWpWbzdBIiwibWFjIjoiOGM5NTEwM2Y1ZWQ2MWMyYWZhZWMzY2RlNzc5YzY3NzU1ZmU4ZTlmZmE2YmQ4OTYwNGRmYzliNDgxZmVjZmJhZSJ9; safenote_session=eyJpdiI6ImRldERGdHR4S3NJMlhhMEZXTVhyMXc9PSIsInZhbHVlIjoiT2dcL2N3bWpUNnlQRlJtZTlLbGl5UktmM2s0bEg2WjMrVnFtSE9RNnU4UWhic21nUmdyQUhCbzhaSjdKY09RVlMiLCJtYWMiOiI2NmE5ZGIwMWVhYzEyZmJiODMwZmFlZGRkODdlM2NkMGIxZWIzYjdjZmIzYzAzOTc4NGI3MmUxYTE0ZTU4OGExIn0%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Fri, 19 Apr 2024 20:50:46 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6InlWYnMzclRmUllOTzR5d1QyRzNLSHc9PSIsInZhbHVlIjoia0pNU1g2XC9tXC9qSUV3dkZyNXc1dzNMcThsUlFvTGVicjMwb00xK0lsbGVIbXltd3R1b1U1RkJNRElyUlNPeXh1IiwibWFjIjoiN2FjMzUyNTA3NDNkYmViNmZkMjNkMjkwNzU5ZWMwYjI5OTcxZGM5MDAxNWY2Y2I4NThhZWY0NjA4Mjg1MGY2YSJ9; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/ safenote_session=eyJpdiI6ImdDNFcyWjVNMzhtaHNPNm00VFpCOVE9PSIsInZhbHVlIjoib2FVTThBeFAzNllqZ3EwdVg0RkM0MUdjUjI0U2NSbm5RbjQraGEwRmpOYk5LV255TENMQ0lsUnFGakNcL0FlMXoiLCJtYWMiOiI3ZWU1ZGIzNmQ2ZjgwYTcwM2I5MWQzYWIyMGY1MDYwMWU2MTE0YmFjZTIzYWRjOTUwNDNhMTQyMzRjN2ZmOWQ5In0%3D; expires=Fri, 19-Apr-2024 22:50:46 GMT; Max-Age=7200; path=/; httponly Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 5122 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL