safenote.co
Open in
urlscan Pro
192.99.70.154
Public Scan
Submitted URL: https://link.safenote.co/
Effective URL: https://safenote.co/private-link
Submission: On June 12 via automatic, source certstream-suspicious
Effective URL: https://safenote.co/private-link
Submission: On June 12 via automatic, source certstream-suspicious
Summary
This website contacted 10 IPs
in 4 countries
across 13 domains to perform 39 HTTP transactions.
The main IP is 192.99.70.154, located in
Montreal, Canada and
belongs to OVH, FR.
The main domain is safenote.co.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 18th 2020. Valid for: 3 months.
This is the only time safenote.co was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on April 18th 2020. Valid for: 3 months.
This is the only time safenote.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 8 | 192.99.70.154 192.99.70.154 | 16276 (OVH) (OVH) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 2 | 2606:4700::68... 2606:4700::6810:85e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:825::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 17 | 2a00:1450:400... 2a00:1450:4001:808::2002 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81b::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:820::2001 | 15169 (GOOGLE) (GOOGLE) | |
| 39 | 10 |
8
192.99.70.154
(Montreal, Canada)
ASN16276 (OVH, FR)
PTR: 154.ip-192-99-70.net
ASN16276 (OVH, FR)
PTR: 154.ip-192-99-70.net
| link.safenote.co | |
| safenote.co |
1
2a00:1450:4001:825::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
17
2a00:1450:4001:808::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| adservice.google.de | |
| adservice.google.com | |
| googleads.g.doubleclick.net | |
| www.googletagservices.com |
2
2a00:1450:4001:81b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
2a00:1450:4001:820::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
134 KB |
| 8 |
safenote.co
1 redirects
link.safenote.co safenote.co |
172 KB |
| 6 |
doubleclick.net
googleads.g.doubleclick.net |
|
| 4 |
fontawesome.com
use.fontawesome.com |
169 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
18 KB |
| 2 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com |
14 KB |
| 1 |
googletagservices.com
www.googletagservices.com |
27 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
10 KB |
| 1 |
google.com
adservice.google.com |
952 B |
| 1 |
google.de
adservice.google.de |
952 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
| 1 |
jquery.com
code.jquery.com |
30 KB |
| 39 | 13 |
| Domain | Requested by | |
|---|---|---|
| 8 | pagead2.googlesyndication.com |
safenote.co
pagead2.googlesyndication.com |
| 7 | safenote.co |
safenote.co
|
| 6 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 4 | use.fontawesome.com |
safenote.co
www.google-analytics.com pagead2.googlesyndication.com |
| 2 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
safenote.co |
| 2 | fonts.googleapis.com |
safenote.co
|
| 2 | cdnjs.cloudflare.com |
safenote.co
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | fonts.gstatic.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | www.googletagmanager.com |
safenote.co
|
| 1 | code.jquery.com |
safenote.co
|
| 1 | link.safenote.co | 1 redirects |
| 39 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| weboproxy.com |
| tempmail.altmails.com |
| altmails.com |
| devrolabs.com |
| www.facebook.com |
| twitter.com |
| github.com |
| www.linkedin.com |
| pinterest.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| safenote.co Let's Encrypt Authority X3 |
2020-04-18 - 2020-07-17 |
3 months | crt.sh |
| jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
| cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| *.google.de GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://safenote.co/private-link
Frame ID: 481CFDBCDA1D9649EC57245384DCE663
Requests: 32 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/zrt_lookup.html
Frame ID: BBA73FD1C33DB710C56C92F134B4FF8D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1150347576598742&output=html&adk=1812271804&adf=3025194257&lmt=1591980892&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsafenote.co%2Fprivate-link&ea=0&flash=0&pra=5&wgl=1&dt=1591980891926&bpp=16&bdt=213&idt=121&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8265559967919&frm=20&pv=2&ga_vid=166775309.1591980892&ga_sid=1591980892&ga_hid=1438301794&ga_fc=0&iag=0&icsg=8440490&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125&oid=3&pvsid=3766464004947911&pem=138&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=144
Frame ID: 3D7BEC262262303830977F49CB72DEEB
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1150347576598742&output=html&h=90&slotname=5783369010&adk=107188265&adf=243876893&w=728&fwrn=4&fwrnh=100&lmt=1591980892&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsafenote.co%2Fprivate-link&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1591980892076&bpp=2&bdt=363&idt=2&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8265559967919&frm=20&pv=1&ga_vid=166775309.1591980892&ga_sid=1591980892&ga_hid=1438301794&ga_fc=0&iag=0&icsg=167979690&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=762&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125&oid=3&pvsid=3766464004947911&pem=138&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=4&uci=a!4&fsb=1&xpc=o1HB5HLb6n&p=https%3A//safenote.co&dtd=8
Frame ID: 8A57C4C9B74137B238C997D461C7A8FE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1150347576598742&output=html&h=280&slotname=8058178568&adk=3249918004&adf=1960069833&w=336&fwrn=4&fwrnh=100&lmt=1591980892&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fsafenote.co%2Fprivate-link&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591980892035&bpp=3&bdt=323&idt=64&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8265559967919&frm=20&pv=1&ga_vid=166775309.1591980892&ga_sid=1591980892&ga_hid=1438301794&ga_fc=0&iag=0&icsg=671918762&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=271&ady=209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125&oid=3&pvsid=3766464004947911&pem=138&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HiiwdKmCCG&p=https%3A//safenote.co&dtd=84
Frame ID: 0A0EBBF04B44C82F39B0A1E7BBF30894
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1150347576598742&output=html&h=280&slotname=6587337655&adk=1148234825&adf=3839460298&w=336&fwrn=4&fwrnh=100&lmt=1591980892&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fsafenote.co%2Fprivate-link&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591980892038&bpp=1&bdt=325&idt=91&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=8265559967919&frm=20&pv=1&ga_vid=166775309.1591980892&ga_sid=1591980892&ga_hid=1438301794&ga_fc=0&iag=0&icsg=671918762&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125&oid=3&pvsid=3766464004947911&pem=138&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GbXQSFgdsd&p=https%3A//safenote.co&dtd=100
Frame ID: 8B537057C79E9C0FE1B3F1DC4C571C65
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1150347576598742&output=html&h=280&slotname=2017730773&adk=2351356607&adf=3527421581&w=336&fwrn=4&fwrnh=100&lmt=1591980892&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fsafenote.co%2Fprivate-link&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1591980892040&bpp=1&bdt=327&idt=128&shv=r20200608&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280%2C336x280&nras=1&correlator=8265559967919&frm=20&pv=1&ga_vid=166775309.1591980892&ga_sid=1591980892&ga_hid=1438301794&ga_fc=0&iag=0&icsg=671918762&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066125&oid=3&pvsid=3766464004947911&pem=138&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=m5bnZrOChD&p=https%3A//safenote.co&dtd=131
Frame ID: 5EAF86CB7E8029C7353E4A801D1DEE02
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 641247F93715D9C04718B6CC46426E38
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://link.safenote.co/
HTTP 302
https://safenote.co/private-link Page URL
Detected technologies
Ubuntu
(Operating Systems)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /Ubuntu/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
URL: https://weboproxy.com/?ref=safenote
Title: WEB PROXY
Title: WEB PROXY
Search URL Search Domain Scan URL
URL: https://tempmail.altmails.com/?ref=safenote
Title: TEMP EMAIL
Title: TEMP EMAIL
Search URL Search Domain Scan URL
URL: https://altmails.com/?ref=safenote
Title: altmails
Title: altmails
Search URL Search Domain Scan URL
URL: https://devrolabs.com/product-categories/privacy/?ref=safenote
Title: Privacy Tools
Title: Privacy Tools
Search URL Search Domain Scan URL
URL: https://devrolabs.com/?ref=safenote
Title: Company
Title: Company
Search URL Search Domain Scan URL
URL: https://devrolabs.com/products-landing-page/?ref=safenote
Title: Our Products
Title: Our Products
Search URL Search Domain Scan URL
URL: https://www.facebook.com/devrolabs
Search URL Search Domain Scan URL
URL: https://twitter.com/DevroLABS
Search URL Search Domain Scan URL
URL: https://github.com/devrolabs
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/devrolabs
Search URL Search Domain Scan URL
URL: https://pinterest.com/devrolabs
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://link.safenote.co/
HTTP 302
https://safenote.co/private-link Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
39 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
private-link
safenote.co/ Redirect Chain
|
28 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dropzone.min.js
cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/ |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
safenote.co/js/ |
326 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
83 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
109 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.5.0/css/ |
50 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
safenote.co/css/ |
153 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dropzone.min.css
cdnjs.cloudflare.com/ajax/libs/dropzone/5.5.1/min/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
safenote-logo.png
safenote.co/image/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
add-link.png
safenote.co/image/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
connect.png
safenote.co/image/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
delete-link.png
safenote.co/image/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200608/r20190131/ |
216 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v9/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200608/r20190131/ Frame BBA7 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 602 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ |
72 KB 73 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-regular-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 3D7B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 8A57 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ |
68 KB 68 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 0A0E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 8B53 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 5EAF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 118 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 6412 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
73 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| __guard__ function| __guardMethod__ function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| gaplugins object| gaGlobal object| gaData boolean| _gfp_p_ number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| options function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| _ function| Popper function| axios function| setImmediate function| clearImmediate function| Vue object| google_image_requests object| GoogleGcLKhOms7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmKIj1awyZoQxcnloVDKFdGGFtn9MhdtGnXfwYBkAvN-C-_a3PQPUC2G_Ks |
|
| safenote.co/ | Name: XSRF-TOKEN Value: eyJpdiI6IjJXdFJ1TTl6N00wNFBickM2R1NVcXc9PSIsInZhbHVlIjoiRGIySVRwVGxFczRLb2MwYjNLSDRjcnRoNjA2RXVYWUtXOUFuYitCK0NPYlVsVmVHeVwvZUlpbUxsYjdZR2tIV2IiLCJtYWMiOiI4MzYxNGRmZWZiNWI1OGYwNGUwN2UwZmY1MmUzMDgxYTkwMzYyYzJlYWVhOTM5YjRmOTBlOGQzYjBlNmQ3ZjNkIn0%3D |
|
| .safenote.co/ | Name: _gid Value: GA1.2.1829994132.1591980892 |
|
| .safenote.co/ | Name: _ga Value: GA1.2.166775309.1591980892 |
|
| safenote.co/ | Name: safenote_session Value: eyJpdiI6ImJcL2xSS0Q2MCt1QjJzYmFUMTl4T2pBPT0iLCJ2YWx1ZSI6IkIxTFMyOCtmWUgwWDk5MDF1VmlFVVJQVThoU3JQYSt5SnMzMkNjbzYzRUdhNDlabHQyYXh3OGFKVTdJb0RUUDIiLCJtYWMiOiI2OGQwYzVhOWRjN2UwOTMwYTEzZDY0OGJjNzMzYTYyMWZlOTI2Njg1N2I3ZDExMTJlNWY3Y2YyMjA0ZDk1MWNiIn0%3D |
|
| .doubleclick.net/ | Name: DSID Value: NO_DATA |
|
| .safenote.co/ | Name: _gat_gtag_UA_130084942_1 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
link.safenote.co
pagead2.googlesyndication.com
safenote.co
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
192.99.70.154
2001:4de0:ac19::1:b:1a
23.111.9.35
2606:4700::6810:85e5
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2001
2a00:1450:4001:825::2008
0065e71c9ca77af9aa15f95c78e5e4c5ae1aaa4d591d03c194001b9368e511ba
02172c86c491e5017d576e7efd2d79c4a839f21c7aae2952245868ad88821b98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ab742b71da5230564d7cc3a12ec18a2be7c57f3d020af9e2bb310986bf93643
21446224d68e092a5efc921a85841adfc457d649717c97904152fc60a8d74903
2d233c1838084b7e804e0e7a887190eeeb356132b1f625c7fa96ed3efd61e8b2
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
4eaaa03edf336e0a695620de5dd8e7d35ddb0ae907c4a37a995fd62b0c3681f0
72ce2d8528437e392a146939b362f18f7e6c81246be0c45cc9c7268b458aa823
761fd4ddf82cc08feb442d599b2f6e886a4229fa35a2b6157607c70643738a63
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7b8ef13a45ecd495c56e38e9a11af5fcb85572a4b34661a63eab2b510795b3e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e500d71b0d3e7ea2945c7421bb8d191ea081fce6d23c579e8a7c0540f472c3
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
9d15453db3933c69ec4e054632d7a126000f767218357881713f39c0bc6d1357
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
ba61e92bc0fb8c2a9e3fcd717e7d8f302e028d4ee31a43291ee5c7cf612292c9
d3697f191c20b57273f1e2d1321726aaa81178c3a4b8553f20f92d33a78ae6d6
d463a8c33d5fb5e983dd62f5bb28cd0959b1f0f2ffa7ec19acdea82d4b0b521b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
f795be39a29ed602f16d040044cf336bb95ad3c4ef4e513f1cd64af90a47615e