urlscan.io logo urlscan.io
SecurityTrails logo

notepad.pw Open in urlscan Pro
2606:4700:30::681b:942f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notepad.pw/
Effective URL: https://notepad.pw/1ysons5y
Submission: On December 13 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2606:4700:30::681b:942f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is notepad.pw.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 29th 2018. Valid for: a year.
This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 9 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
20 4
1    2606:4700:30::681b:952f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
notepad.pw
9    2606:4700:30::681b:942f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
notepad.pw
live.notepad.pw
1    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
9    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
9 cdnjs.cloudflare.com notepad.pw
6 notepad.pw 2 redirects notepad.pw
4 live.notepad.pw cdnjs.cloudflare.com
2 fonts.gstatic.com notepad.pw
cdnjs.cloudflare.com
1 fonts.googleapis.com notepad.pw
20 5

This site contains links to these domains. Also see Links.

Domain
donorbox.org
about.notepad.pw
www.facebook.com
twitter.com
reddit.com
Subject Issuer Validity Valid
notepad.pw
CloudFlare Inc ECC CA-2		 2018-08-29 -
2019-08-29		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://notepad.pw/1ysons5y
Frame ID: 98F553646439A672654DD03F1EF3EC8F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://notepad.pw/ HTTP 301
    https://notepad.pw/ HTTP 307
    https://notepad.pw/1ysons5y Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /socket.io.*\.js/i
  • env /^io$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+(?:\-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
  • script /angular.*\.js/i
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • script /socket.io.*\.js/i
  • env /^io$/i
Overall confidence: 100%
Detected patterns
  • script /clipboard(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

349 kB
Transfer

626 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notepad.pw/ HTTP 301
    https://notepad.pw/ HTTP 307
    https://notepad.pw/1ysons5y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1ysons5y
notepad.pw/
Redirect Chain
  • http://notepad.pw/
  • https://notepad.pw/
  • https://notepad.pw/1ysons5y
9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05f33188bbab45d8461b3860d75c52c4396ff758d6d082e3c6eb42e967bc163

Request headers

:method
GET
:authority
notepad.pw
:scheme
https
:path
/1ysons5y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816; pad_cookie=d03b9fbce233c2ef28f96929d5514b8b7188044b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 13 Dec 2018 12:56:56 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
488897fb5d1e63bb-FRA
content-encoding
br

Redirect headers

status
307
date
Thu, 13 Dec 2018 12:56:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816; expires=Fri, 13-Dec-19 12:56:56 GMT; path=/; domain=.notepad.pw; HttpOnly pad_cookie=d03b9fbce233c2ef28f96929d5514b8b7188044b; expires=Fri, 14-Dec-2018 12:58:01 GMT; Max-Age=86400; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://notepad.pw/1ysons5y
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
488897fa2c6a63bb-FRA
css
fonts.googleapis.com/ 		5 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 13 Dec 2018 12:56:56 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 13 Dec 2018 12:56:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Thu, 13 Dec 2018 12:56:56 GMT
global.css
notepad.pw/content/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/css/global.css?229
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e82371b1f0e8c6f998dee7a0dd26077866f989a138908b11f4b03da47d31aa

Request headers

:path
/content/css/global.css?229
pragma
no-cache
cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816; pad_cookie=d03b9fbce233c2ef28f96929d5514b8b7188044b
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Oct 2017 03:48:05 GMT
server
cloudflare
etag
W/"59d1b6f5-1821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-polished
origSize=6177
cf-bgj
minify
cf-ray
488897fc1d7663bb-FRA
expires
Fri, 13 Dec 2019 12:56:56 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/ 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:24:31 GMT
server
cloudflare
etag
W/"5afd4a4f-8a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c02c27e-FRA
served-in-seconds
0.001
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:20:05 GMT
server
cloudflare
etag
W/"5afd4945-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c04c27e-FRA
served-in-seconds
0.004
logo-dark.png
notepad.pw/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad.pw/content/images/logo-dark.png
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda

Request headers

:path
/content/images/logo-dark.png
pragma
no-cache
cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816; pad_cookie=d03b9fbce233c2ef28f96929d5514b8b7188044b
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Aug 2018 21:59:20 GMT
server
cloudflare
etag
"5b8868b8-57f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
488897fc1d7763bb-FRA
content-length
22516
expires
Fri, 13 Dec 2019 12:56:56 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1499c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c06c27e-FRA
served-in-seconds
0.004
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:15:33 GMT
server
cloudflare
etag
W/"5afd4835-27130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c07c27e-FRA
served-in-seconds
0.004
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		1 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:15:35 GMT
server
cloudflare
etag
W/"5afd4837-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c08c27e-FRA
served-in-seconds
0.001
socket.io.min.js
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:26:47 GMT
server
cloudflare
etag
W/"5afd4ad7-10ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc1c09c27e-FRA
served-in-seconds
0.005
app.min.js
notepad.pw/content/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/js/app.min.js?366
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e

Request headers

:path
/content/js/app.min.js?366
pragma
no-cache
cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816; pad_cookie=d03b9fbce233c2ef28f96929d5514b8b7188044b
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Aug 2018 22:33:49 GMT
server
cloudflare
etag
W/"5b8870cd-2089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
488897fc1d7863bb-FRA
expires
Fri, 13 Dec 2019 12:56:56 GMT
store.min.js
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:26:51 GMT
server
cloudflare
etag
W/"5afd4adb-a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc3c87c27e-FRA
served-in-seconds
0.000
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/1ysons5y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:18:30 GMT
server
cloudflare
etag
W/"5afd48e6-2aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
cf-ray
488897fc3c89c27e-FRA
served-in-seconds
0.001
ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Origin
https://notepad.pw

Response headers

date
Thu, 13 Dec 2018 12:56:56 GMT
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
content-length
188508
last-modified
Thu, 17 May 2018 09:20:05 GMT
server
cloudflare
etag
"5afd4945-2e05c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Tue, 03 Dec 2019 12:56:56 GMT
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
488897fc3a6cc2b0-FRA
served-in-seconds
0.001
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: notepad.pw
URL: https://notepad.pw/1ysons5y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://notepad.pw

Response headers

date
Mon, 10 Dec 2018 15:37:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:32 GMT
server
sffe
age
249594
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9944
x-xss-protection
1; mode=block
expires
Tue, 10 Dec 2019 15:37:02 GMT
/
live.notepad.pw/socket.io/ 		101 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=MUdf3eE
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7fb72e078f2bdd28965679c090a0f0356a378f884ba60b054a3539e798a03a

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=MUdf3eE
pragma
no-cache
cookie
__cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816
origin
https://notepad.pw
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://notepad.pw/1ysons5y
Origin
https://notepad.pw

Response headers

date
Thu, 13 Dec 2018 12:56:57 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=pd2H7zMhmYt1yEiIAzcK
cf-ray
488897fd2e3263bb-FRA
content-length
101
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v7/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://notepad.pw

Response headers

date
Fri, 07 Dec 2018 21:39:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:42 GMT
server
sffe
age
487045
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9716
x-xss-protection
1; mode=block
expires
Sat, 07 Dec 2019 21:39:32 GMT
/
live.notepad.pw/socket.io/ 		5 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=MUdf3i7&sid=pd2H7zMhmYt1yEiIAzcK
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=MUdf3i7&sid=pd2H7zMhmYt1yEiIAzcK
pragma
no-cache
cookie
io=pd2H7zMhmYt1yEiIAzcK; __cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816
origin
https://notepad.pw
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://notepad.pw/1ysons5y
Origin
https://notepad.pw

Response headers

date
Thu, 13 Dec 2018 12:56:57 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=pd2H7zMhmYt1yEiIAzcK
cf-ray
488897fe7ee863bb-FRA
content-length
5
/
live.notepad.pw/socket.io/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=MUdf3l4&sid=pd2H7zMhmYt1yEiIAzcK
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=MUdf3l4&sid=pd2H7zMhmYt1yEiIAzcK
pragma
no-cache
cookie
io=pd2H7zMhmYt1yEiIAzcK; __cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816
origin
https://notepad.pw
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
content-length
29
:method
POST
Referer
https://notepad.pw/1ysons5y
Origin
https://notepad.pw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

cf-ray
488897ffafa263bb-FRA
date
Thu, 13 Dec 2018 12:56:57 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=pd2H7zMhmYt1yEiIAzcK
content-encoding
br
/
live.notepad.pw/socket.io/ 		4 B
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=MUdf3l4.0&sid=pd2H7zMhmYt1yEiIAzcK
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:942f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=MUdf3l4.0&sid=pd2H7zMhmYt1yEiIAzcK
pragma
no-cache
cookie
io=pd2H7zMhmYt1yEiIAzcK; __cfduid=def8ca208a2257ed9f6f252fea3e4b7631544705816
origin
https://notepad.pw
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/1ysons5y
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://notepad.pw/1ysons5y
Origin
https://notepad.pw

Response headers

date
Thu, 13 Dec 2018 12:56:57 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=pd2H7zMhmYt1yEiIAzcK
cf-ray
488897ffafa363bb-FRA
content-length
4

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| angular function| io boolean| note_created boolean| password_set number| caret string| pad_key string| url_key number| version function| checkEnter function| swapsheets object| app object| store function| initiate_localStorage function| update_localStorage string| input_value

3 Cookies

Domain/Path Name / Value
notepad.pw/ Name: typography
Value: %7B%22sp_class%22%3A%22not-active%22%7D
notepad.pw/ Name: pad_cookie
Value: d03b9fbce233c2ef28f96929d5514b8b7188044b
.notepad.pw/ Name: __cfduid
Value: def8ca208a2257ed9f6f252fea3e4b7631544705816

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
live.notepad.pw
notepad.pw
2606:4700:30::681b:942f
2606:4700:30::681b:952f
2606:4700::6813:c797
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
06e82371b1f0e8c6f998dee7a0dd26077866f989a138908b11f4b03da47d31aa
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ad7fb72e078f2bdd28965679c090a0f0356a378f884ba60b054a3539e798a03a
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e
d05f33188bbab45d8461b3860d75c52c4396ff758d6d082e3c6eb42e967bc163
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375