urlscan.io logo urlscan.io
SecurityTrails logo

snip.ly Open in urlscan Pro
2606:4700:20::681a:720  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://snip.ly/x0noc7
Submission: On September 26 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:720, located in United States and belongs to CLOUDFLARENET, US. The main domain is snip.ly.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.
This is the only time snip.ly was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sharepoint (Online)

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 169.46.89.154 36351 (SOFTLAYER)
1 206.190.215.254 32354 (UNWIRED)
2 2a00:1450:400... 15169 (GOOGLE)
2 2.18.233.88 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
18 9
5    2606:4700:20::681a:720 (United States)

ASN13335 (CLOUDFLARENET, US)
snip.ly
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    169.46.89.154 (Irving, United States)

ASN36351 (SOFTLAYER, US)
PTR: 9a.59.2ea9.ip4.static.sl-reverse.com
j0i433i512j69i59j0i512l2j69i60l-4384j0j9sourceid.us-south.cf.appdomain.cloud
1    206.190.215.254 (United States)

ASN32354 (UNWIRED, US)
PTR: s3.us-west-002.backblazeb2.com
034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com
ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
backblazeb2.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ssl.cf1.rackcdn.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://snip.ly/x0noc7
Frame ID: C6B1D23C56960E7BA4CFC0C02EFE0351
Requests: 5 HTTP requests in this frame

Frame: https://034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/index.html
Frame ID: 9E1F8C11A1D89214B219F34BC6D31102
Requests: 10 HTTP requests in this frame

Frame: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Frame ID: F3089F166E96476CDE17EBF78083B01C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Share Point

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

1120 kB
Transfer

2044 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://j0i433i512j69i59j0i512l2j69i60l-4384j0j9sourceid.us-south.cf.appdomain.cloud/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply HTTP 302
  • https://034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/index.html

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request x0noc7
snip.ly/ 		325 KB
225 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://snip.ly/x0noc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0b9f04158e35c886fb6e31a2913a80015f4448db3397e46d44f7fe2f6da1ff

Request headers

:method
GET
:authority
snip.ly
:scheme
https
:path
/x0noc7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 26 Sep 2021 01:53:15 GMT
content-type
text/html; charset=utf-8
link
<https://j0i433i512j69i59j0i512l2j69i60l-4384j0j9sourceid.us-south.cf.appdomain.cloud/index.html>; rel="canonical"
x-robots-tag
noindex, follow
sniply-cache
HIT
vary
Cookie
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rYrfhcs3so57PE%2FXXhRHK8pgZUIsOBu7%2FyrsXCya2i9TLs9CD0Y6X%2FJC9yN4l617i7I8SjAE6ukswVcY%2FudbWUxlTTX%2FMO%2BahPLRlN4ceFTSmC9IZNLxzAPEGMCW40AIhKgMeU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6948db840efc6928-FRA
content-encoding
br
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 		242 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1119879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61737
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-3c72d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViEoNHZC%2B6Js9k5TEBc22Pv7f%2FJJORLdQoI5ErF2ZAKQgZmx%2FIT3J%2FtKweLA%2FxWGbX2m%2BENpJAizMK4p0FrQRPDWQppIkguu%2FFvmGA2F%2BzBbSstVSfVAV2llJ%2FOP54PVPhCv7XNrMq5LojNJvDgenXJW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6948db85fe295c85-FRA
expires
Fri, 16 Sep 2022 01:53:15 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 00:02:21 GMT
server
ESF
date
Sun, 26 Sep 2021 01:53:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 01:53:15 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
16172490
cdn-cachedat
2021-03-11 11:58:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7219a71e1a7a7eb05ee584b5cc841e2d
cf-ray
6948db8619c505bb-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
site.js
snip.ly/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snip.ly/site.js?on=sniply
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1357b6d937fe72d653b7d0f2f637578a5ae1010799d407af6b6c773a2d2ca2d

Request headers

:path
/site.js?on=sniply
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
snip.ly
referer
https://snip.ly/x0noc7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/x0noc7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Sep 2021 01:44:57 GMT
server
cloudflare
age
499
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3ziBB1WgkWxGPr0W9aKuvYhmo12m3dGWt6MxHzkLhnHfe6vPBzp7ws9MUHYaX8Oq8ACdPoSBusEFYc08kluBgcXPrkly9MePUNwI6XH0o1PorGKvdYKzNxjpQLBidvaaQ9y9XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6948db8e69ff6928-FRA
index.html
034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/ Frame 9E1F
Redirect Chain
  • https://j0i433i512j69i59j0i512l2j69i60l-4384j0j9sourceid.us-south.cf.appdomain.cloud/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply
  • https://034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/index.html
609 KB
610 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/index.html
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.190.215.254 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
s3.us-west-002.backblazeb2.com
Software
/
Resource Hash
9c51fd79e449c2d98fda0b1e8c225c08cbdd7d8368d96611e6641a1af758a38b

Request headers

Host
034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://snip.ly/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/

Response headers

Accept-Ranges
bytes
Last-Modified
Sat, 25 Sep 2021 15:57:54 GMT
ETag
"3e4f284174c8683da9f1c1416d43265f"
x-amz-meta-src_last_modified_millis
1632585458568
x-amz-request-id
519bd506c46059b5
x-amz-id-2
aYntlpmN5OT1mxmLcY84zEmYOOekz0Taw
x-amz-version-id
4_z7bae0cb9af9b1cd37fc90316_f113bcdfe5f9da2cf_d20210925_m155754_c002_v0001160_t0035
Content-Type
text/html
Content-Length
623779
Date
Sun, 26 Sep 2021 01:53:18 GMT
Keep-Alive
timeout=5
Connection
keep-alive

Redirect headers

X-Backside-Transport
OK OK
Connection
Keep-Alive
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Sep 2021 01:53:17 GMT
Location
https://034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com/index.html
Vary
Accept
X-Powered-By
Express
X-Global-Transaction-ID
0d28ff5e614fd28d567eff13
/
snip.ly/render/x0noc7/ Frame F308 		47 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Requested by
Host: snip.ly
URL: https://snip.ly/site.js?on=sniply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c69057e725d997345b91c70929d8062c459a206b7b371e6ebb7a9475a1eeffc

Request headers

:method
GET
:authority
snip.ly
:scheme
https
:path
/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://snip.ly/x0noc7
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/x0noc7

Response headers

date
Sun, 26 Sep 2021 01:53:16 GMT
content-type
text/html; charset=utf-8
vary
Cookie
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft98aI2yUfNlR2PySO9uobKBTVEXaxQB0Nznca9QDeatJAscTQeN1n68DqiUE3%2Fn72FwR5ROl%2BLgb0xgwjc7FmSoX%2FOb8YrPCuDzLG2q%2BJgKt7Lc9t03x98wcQvt1pPZkZhZWj0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6948db8e9a256928-FRA
content-encoding
br
css
fonts.googleapis.com/ Frame F308 		8 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600
Requested by
Host: snip.ly
URL: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 00:01:55 GMT
server
ESF
date
Sun, 26 Sep 2021 01:53:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 01:53:16 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ Frame F308 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Requested by
Host: snip.ly
URL: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
16172491
cdn-cachedat
2021-03-11 11:58:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7219a71e1a7a7eb05ee584b5cc841e2d
cf-ray
6948db90592805bb-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ Frame F308 		242 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js
Requested by
Host: snip.ly
URL: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1119880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61737
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-3c72d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WqLcFYaR9tJBDxkOzwbfFZ%2F9YfPureuv%2FP07MhNZhw52a584tqEt2P%2Fa7eY2V6dK29s1sDJtn%2FOcqj8yHezd6%2BZ6A4hZ9AyIajLLEpMWcQ2KwaPDkYUXVdkJU3vCIZnUCcNR90mgwIE1nS3eosBvTsj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6948db905a255c85-FRA
expires
Fri, 16 Sep 2022 01:53:16 GMT
analytics.js
www.google-analytics.com/ Frame F308 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: snip.ly
URL: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3676
date
Sun, 26 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 26 Sep 2021 02:52:00 GMT
logo_122x33.png
ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com/img/ Frame F308 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com/img/logo_122x33.png
Requested by
Host: snip.ly
URL: https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ebbdc22426e8f776202e9a014e2a32c02d3e751001f19d664e3dc2678defbb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:53:17 GMT
Last-Modified
Tue, 24 Jun 2014 20:32:26 GMT
X-Trans-Id
txbd2d54115f324d9787797-006081db14dfw1
ETag
4e88a376120297790af6dc41722badb8
Content-Type
image/png
X-Timestamp
1403641945.32705
Cache-Control
public, max-age=127194
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20351
Expires
Mon, 27 Sep 2021 13:13:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame F308 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://snip.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
204525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:04:31 GMT
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ Frame F308 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.min.css
Origin
https://snip.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
13675633
cdn-cachedat
2021-04-20 19:11:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44432
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
cc8272fc38d0011f055056bb8070e359
accept-ranges
bytes
cf-ray
6948db90bdc95b6e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
x0noc7
snip.ly/api/cta/ Frame F308 		957 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snip.ly/api/cta/x0noc7
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc96459284a4f270495a97bedfce6ec876f12d193633650bf760a45966992b2a

Request headers

:path
/api/cta/x0noc7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
snip.ly
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
:method
GET
Accept
*/*
Referer
https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:53:17 GMT
content-encoding
br
vary
Accept, Referer, Cookie
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, HEAD, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB5pZYQkoGh8HkSRxFwAcJe8gTQGwnsrMZqC6%2FgWfTrpXj8QKoJSRO7ZNgIM3mYqFDz8%2FU3zAaHqUgTn8riksLu%2B5j1o36QdrXyCqyBcVoExJgePVXEz3ktXh%2B8KXkhWS7sSufk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=20
cf-ray
6948db90ac4b6928-FRA
access-control-allow-headers
Authorization
expires
Sun, 26 Sep 2021 01:53:34 GMT
collect
www.google-analytics.com/j/ Frame F308 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1792772522&t=pageview&_s=1&dl=https%3A%2F%2Fsnip.ly%2Frender%2Fx0noc7%2F%3F_url%3Dhttps%253A%252F%252Fsnip.ly%252Fx0noc7%2523https%253A%252F%252F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%252Findex.html&ul=en-us&de=UTF-8&dt=Sniply%20Bar&sd=24-bit&sr=1600x1200&vp=1600x150&je=0&_u=YEBAAEABAAAAAC~&jid=1028826656&gjid=268281009&cid=1985664534.1632621197&tid=UA-48701732-1&_gid=1226842521.1632621197&_r=1&_slc=1&z=869574396
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://snip.ly/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://snip.ly
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile-placeholder.png
ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com/img/ Frame F308 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com/img/profile-placeholder.png
Requested by
Host: snip.ly
URL: https://snip.ly/x0noc7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b2f608e415cd292cb85d6199465f59fc88de24616ea2487a57034ca9f05587e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://snip.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:53:17 GMT
Last-Modified
Wed, 04 Jun 2014 01:48:41 GMT
X-Trans-Id
tx6ae67b2f0c3e4eada1c8c-0060819b8bdfw1
ETag
5a0ca145cd59e75337e41bf74cdce1b9
Content-Type
image/png
X-Timestamp
1401846520.52508
Cache-Control
public, max-age=125989
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11789
Expires
Mon, 27 Sep 2021 12:53:06 GMT
/
snip.ly/api/v2/views/ Frame F308 		218 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snip.ly/api/v2/views/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9bc9abc0b60e10f8aa36a18a8db172302ca9004b7834585ce51420281576e3

Request headers

sec-fetch-mode
cors
origin
https://snip.ly
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_ga=GA1.2.1985664534.1632621197; _gid=GA1.2.1226842521.1632621197; _gat=1
x-csrftoken
null
:path
/api/v2/views/
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
snip.ly
referer
https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
:scheme
https
sec-fetch-site
same-origin
content-length
50
:method
POST
Accept
*/*
Referer
https://snip.ly/render/x0noc7/?_url=https%3A%2F%2Fsnip.ly%2Fx0noc7%23https%3A%2F%2F034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com%2Findex.html
X-CSRFToken
null
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 26 Sep 2021 01:53:18 GMT
content-encoding
br
vary
Cookie
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alXXr8QlzApj9NZWH9AXUK%2BfGIe9Cx3o71NwbTuhfxooo4%2FYe5ZPV7jMci2g7iaGKCLAueftR7C8u%2B%2BfzVOhMkKCa%2BQS4gKNIsJcKZcUNeFVIeiCdKtqzOKTK89Ib9v%2BItrAsIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
6948db93c83f6928-FRA
access-control-allow-headers
Authorization
truncated
/ Frame 9E1F 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d99ab2bf7dde6169ec2c7ccc7adaad852d17d33d9c40e1a6f4be538f9b1478a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		238 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49cd32a9879d1d838209c2479057ec98c8db5a1151e0eea98ae3d405fe4aae28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03e701250890224c377b2c747ba9aef46b970682d5e5aca72f9dd037d5c89440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4c803337c3a62a637f8946d4a0f23fcf26de1276bdb5a1ca6b24690e09a0117

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bc072bee8f8653393501d1246e9ec6f47c317879594cc557b19e47270b3a3dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d28b1647011555b322ca6d78cda43aa12094e7ea3bb3adc2651edffd410132b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2668c50a423f55b36262bfd4bbd068261e9f06e86d226f0b42ab91dc11973c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9996d1cd780f411e637694c103886f81d2cef3acb58552e5674d285516ac52c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9E1F 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
670b9398865900d230eb044384791cdb5ba6bc1d5f16bca4111e908fd571cec7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sharepoint (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| content_frame object| afs_ads_div function| tryAvoidFilters object| content_frame_observer object| sniply

3 Cookies

Domain/Path Name / Value
.snip.ly/ Name: _ga
Value: GA1.2.1985664534.1632621197
.snip.ly/ Name: _gid
Value: GA1.2.1226842521.1632621197
.snip.ly/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

034543987656789876545673456544567765678.s3.us-west-002.backblazeb2.com
cdnjs.cloudflare.com
ffb2efd5105ff0aedbc9-9cdacdeebf0faa19b665bf427f0c8092.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
j0i433i512j69i59j0i512l2j69i60l-4384j0j9sourceid.us-south.cf.appdomain.cloud
netdna.bootstrapcdn.com
snip.ly
www.google-analytics.com
169.46.89.154
2.18.233.88
206.190.215.254
2606:4700:20::681a:720
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:831::200e
03e701250890224c377b2c747ba9aef46b970682d5e5aca72f9dd037d5c89440
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
2ebbdc22426e8f776202e9a014e2a32c02d3e751001f19d664e3dc2678defbb7
3d28b1647011555b322ca6d78cda43aa12094e7ea3bb3adc2651edffd410132b
49cd32a9879d1d838209c2479057ec98c8db5a1151e0eea98ae3d405fe4aae28
4e0b9f04158e35c886fb6e31a2913a80015f4448db3397e46d44f7fe2f6da1ff
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
57e18d40b40839e9a7a74d1fdcbe6983c5026354fb439b80d62a0c78aa7c8210
5d99ab2bf7dde6169ec2c7ccc7adaad852d17d33d9c40e1a6f4be538f9b1478a
670b9398865900d230eb044384791cdb5ba6bc1d5f16bca4111e908fd571cec7
6c69057e725d997345b91c70929d8062c459a206b7b371e6ebb7a9475a1eeffc
8b2f608e415cd292cb85d6199465f59fc88de24616ea2487a57034ca9f05587e
9bc072bee8f8653393501d1246e9ec6f47c317879594cc557b19e47270b3a3dc
9c51fd79e449c2d98fda0b1e8c225c08cbdd7d8368d96611e6641a1af758a38b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
c1357b6d937fe72d653b7d0f2f637578a5ae1010799d407af6b6c773a2d2ca2d
c4c803337c3a62a637f8946d4a0f23fcf26de1276bdb5a1ca6b24690e09a0117
d2668c50a423f55b36262bfd4bbd068261e9f06e86d226f0b42ab91dc11973c3
d9996d1cd780f411e637694c103886f81d2cef3acb58552e5674d285516ac52c
dc96459284a4f270495a97bedfce6ec876f12d193633650bf760a45966992b2a
fb9bc9abc0b60e10f8aa36a18a8db172302ca9004b7834585ce51420281576e3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62