urlscan.io logo urlscan.io
SecurityTrails logo

notepad.pw Open in urlscan Pro
104.24.120.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notepad.pw/
Effective URL: https://notepad.pw/wx7p1r3i
Submission: On March 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 25 HTTP transactions. The main IP is 104.24.120.80, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is notepad.pw.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 20th 2018. Valid for: a year.
This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.24.121.80 13335 (CLOUDFLAR...)
1 8 104.24.120.80 13335 (CLOUDFLAR...)
1 216.58.207.74 15169 (GOOGLE)
9 104.19.196.102 13335 (CLOUDFLAR...)
4 64.233.184.156 15169 (GOOGLE)
2 172.217.23.131 15169 (GOOGLE)
1 64.233.184.155 15169 (GOOGLE)
1 172.217.22.2 15169 (GOOGLE)
25 7
1    104.24.121.80 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
notepad.pw
8    104.24.120.80 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
notepad.pw
live.notepad.pw
1    216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net
fonts.googleapis.com
9    104.19.196.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
4    64.233.184.156 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wa-in-f156.1e100.net
pagead2.googlesyndication.com
2    172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net
fonts.gstatic.com
1    64.233.184.155 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wa-in-f155.1e100.net
adservice.google.com.ua
1    172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
adservice.google.com
Domain Requested by
9 cdnjs.cloudflare.com notepad.pw
5 notepad.pw 2 redirects notepad.pw
4 live.notepad.pw cdnjs.cloudflare.com
4 pagead2.googlesyndication.com notepad.pw
pagead2.googlesyndication.com
2 fonts.gstatic.com notepad.pw
cdnjs.cloudflare.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.com.ua pagead2.googlesyndication.com
1 fonts.googleapis.com notepad.pw
25 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
reddit.com
Subject Issuer Validity Valid
notepad.pw
CloudFlare Inc ECC CA-2		 2018-01-20 -
2019-01-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://notepad.pw/wx7p1r3i
Frame ID: B6602338516ABA3B5A0CA1CD1C14578
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/show_ads_impl.js
Frame ID: 86D1F60B1CC66CB23D815B056CFB3087
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://notepad.pw/ HTTP 301
    https://notepad.pw/ HTTP 307
    https://notepad.pw/wx7p1r3i Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /socket.io.*\.js/i
  • env /^io$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+(?:\-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
  • script /angular.*\.js/i
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • script /socket.io.*\.js/i
  • env /^io$/i
Overall confidence: 100%
Detected patterns
  • script /clipboard(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

25
Requests

28 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

382 kB
Transfer

928 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notepad.pw/ HTTP 301
    https://notepad.pw/ HTTP 307
    https://notepad.pw/wx7p1r3i Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wx7p1r3i
notepad.pw/
Redirect Chain
  • http://notepad.pw/
  • https://notepad.pw/
  • https://notepad.pw/wx7p1r3i
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/wx7p1r3i
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71e24bce19817bdf385023b4d0f043ccbb32f827f6f1102367a35b5ea31feb3

Request headers

:path
/wx7p1r3i
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
notepad.pw
cookie
__cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964; pad_cookie=c193f5e8a5585c5ff9329bc14579aaa49b0ae34c
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate
cf-ray
3ff13e7b1c26645d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Mar 2018 14:52:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
307
content-type
text/html; charset=UTF-8
location
https://notepad.pw/wx7p1r3i
cache-control
no-store, no-cache, must-revalidate
set-cookie
__cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964; expires=Thu, 21-Mar-19 14:52:44 GMT; path=/; domain=.notepad.pw; HttpOnly pad_cookie=c193f5e8a5585c5ff9329bc14579aaa49b0ae34c; expires=Thu, 22-Mar-2018 14:22:44 GMT; Max-Age=84600; path=/; HttpOnly
cf-ray
3ff13e79db1d645d-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ 		5 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
last-modified
Wed, 21 Mar 2018 14:52:44 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Wed, 21 Mar 2018 14:52:44 GMT
global.css
notepad.pw/content/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/css/global.css?229
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e350881f6eb63820307045ca9f79ce2078a66e2caa3f2864da024cc8f06781

Request headers

:path
/content/css/global.css?229
pragma
no-cache
cookie
__cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964; pad_cookie=c193f5e8a5585c5ff9329bc14579aaa49b0ae34c
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
:method
GET
Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Oct 2017 03:48:05 GMT
server
cloudflare
etag
W/"59d1b6f5-1821"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-bgj
minify
cf-ray
3ff13e7c9da3645d-FRA
expires
Thu, 21 Mar 2019 14:52:44 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 26 Mar 2017 22:47:32 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c7f96a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:28 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8096a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:33 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8296a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2016 18:31:09 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8396a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2016 18:31:08 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8496a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
socket.io.min.js
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Jun 2016 02:46:24 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8596a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
app.min.js
notepad.pw/content/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/js/app.min.js?362
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
717ce0b2320def5395f1c1e41e26c7747f22f85e240a19fc53bafa1e0a140ab2

Request headers

:path
/content/js/app.min.js?362
pragma
no-cache
cookie
__cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964; pad_cookie=c193f5e8a5585c5ff9329bc14579aaa49b0ae34c
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
:method
GET
Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 10 Mar 2018 19:30:21 GMT
server
cloudflare
etag
W/"5aa4324d-1d78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
3ff13e7c9da4645d-FRA
expires
Thu, 21 Mar 2019 14:52:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
64.233.184.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wa-in-f156.1e100.net
Software
cafe /
Resource Hash
8b0a5b53bd02dd2670691e8b7bc47c453dec82543bf7791417db5c690bad14e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
18126867178349228833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
26741
x-xss-protection
1; mode=block
expires
Wed, 21 Mar 2018 14:52:44 GMT
store.min.js
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:46:48 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8696a6-FRA
expires
Mon, 11 Mar 2019 14:52:45 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 May 2017 03:47:49 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7c9c8796a6-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 		184 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Origin
https://notepad.pw

Response headers

date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 14:42:28 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3ff13e7d0caf975c-FRA
expires
Mon, 11 Mar 2019 14:52:44 GMT
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: notepad.pw
URL: https://notepad.pw/wx7p1r3i
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://notepad.pw

Response headers

date
Mon, 12 Feb 2018 20:52:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:32 GMT
server
sffe
age
3175240
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
9944
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 20:52:04 GMT
integrator.js
adservice.google.com.ua/adsid/ 		111 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.ua/adsid/integrator.js?domain=notepad.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
64.233.184.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Mar 2018 14:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
105
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		111 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=notepad.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f2.1e100.net
Software
cafe /
Resource Hash
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Mar 2018 14:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
105
x-xss-protection
1; mode=block
/
live.notepad.pw/socket.io/ 		101 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=M9934fx
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a107828d1bc6f6e34848960a6f8085655e23302e2e9953e0457a091cbd8a94b

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=M9934fx
pragma
no-cache
cookie
__cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964
origin
https://notepad.pw
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://notepad.pw/wx7p1r3i
Origin
https://notepad.pw

Response headers

date
Wed, 21 Mar 2018 14:52:45 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=XyobeU4GMpsswHdfARW0
cf-ray
3ff13e7daebe645d-FRA
content-length
101
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v7/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://notepad.pw

Response headers

date
Fri, 23 Feb 2018 11:37:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:42 GMT
server
sffe
age
2258133
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
9716
x-xss-protection
1; mode=block
expires
Sat, 23 Feb 2019 11:37:12 GMT
/
live.notepad.pw/socket.io/ 		5 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=M9934kG&sid=XyobeU4GMpsswHdfARW0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=M9934kG&sid=XyobeU4GMpsswHdfARW0
pragma
no-cache
cookie
io=XyobeU4GMpsswHdfARW0; __cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964
origin
https://notepad.pw
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://notepad.pw/wx7p1r3i
Origin
https://notepad.pw

Response headers

date
Wed, 21 Mar 2018 14:52:45 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=XyobeU4GMpsswHdfARW0
cf-ray
3ff13e7f4fe1645d-FRA
content-length
5
/
live.notepad.pw/socket.io/ 		2 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=M9934mB&sid=XyobeU4GMpsswHdfARW0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=M9934mB&sid=XyobeU4GMpsswHdfARW0
pragma
no-cache
cookie
io=XyobeU4GMpsswHdfARW0; __cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964
origin
https://notepad.pw
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
content-length
29
:method
POST
Referer
https://notepad.pw/wx7p1r3i
Origin
https://notepad.pw
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

cf-ray
3ff13e801864645d-FRA
date
Wed, 21 Mar 2018 14:52:45 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/html
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=XyobeU4GMpsswHdfARW0
content-encoding
gzip
/
live.notepad.pw/socket.io/ 		4 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=M9934mB.0&sid=XyobeU4GMpsswHdfARW0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.24.120.80 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

:path
/socket.io/?EIO=3&transport=polling&t=M9934mB.0&sid=XyobeU4GMpsswHdfARW0
pragma
no-cache
cookie
io=XyobeU4GMpsswHdfARW0; __cfduid=d9e97da98853d1dd87b51c2f4e5ee55ab1521643964
origin
https://notepad.pw
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
live.notepad.pw
referer
https://notepad.pw/wx7p1r3i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://notepad.pw/wx7p1r3i
Origin
https://notepad.pw

Response headers

date
Wed, 21 Mar 2018 14:52:45 GMT
via
1.1 vegur
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
set-cookie
io=XyobeU4GMpsswHdfARW0
cf-ray
3ff13e801865645d-FRA
content-length
4
ca-pub-7465111817053906.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		68 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7465111817053906.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
64.233.184.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wa-in-f156.1e100.net
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 21 Mar 2018 09:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
age
18266
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
88
x-xss-protection
1; mode=block
expires
Wed, 21 Mar 2018 21:48:20 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/ Frame 86D1 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
64.233.184.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wa-in-f156.1e100.net
Software
cafe /
Resource Hash
865cd03689f12015478fe046fb9c0c24e66f837cf4d3b23a418a9421f29993d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Mar 2018 14:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
3459208830876661295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=1209600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
67916
x-xss-protection
1; mode=block
expires
Wed, 21 Mar 2018 14:52:46 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/ Frame 86D1 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180312/r20170110/show_ads_impl.js
Protocol
SPDY
Server
64.233.184.156 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wa-in-f156.1e100.net
Software
cafe /
Resource Hash
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/wx7p1r3i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 12 Mar 2018 21:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
28091
x-xss-protection
1; mode=block
server
cafe
etag
13992280071806881209
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Mar 2018 21:05:48 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| angular function| io boolean| note_created boolean| password_set number| caret string| pad_key string| url_key number| version function| checkEnter function| swapsheets object| app object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| adsbygoogle object| store function| initiate_localStorage function| update_localStorage string| input_value function| google_spfd number| google_unique_id object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| google_persistent_state_async object| google_reactive_ads_global_state object| google_pub_config object| __google_ad_urls number| google_global_correlator object| gaGlobal object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_onload_fired function| google_osd_amcb

3 Cookies

Domain/Path Name / Value
notepad.pw/ Name: typography
Value: %7B%22sp_class%22%3A%22not-active%22%7D
notepad.pw/ Name: pad_cookie
Value: c193f5e8a5585c5ff9329bc14579aaa49b0ae34c
.notepad.pw/ Name: __cfduid
Value: d9e97da98853d1dd87b51c2f4e5ee55ab1521643964

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.ua
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
live.notepad.pw
notepad.pw
pagead2.googlesyndication.com
104.19.196.102
104.24.120.80
104.24.121.80
172.217.22.2
172.217.23.131
216.58.207.74
64.233.184.155
64.233.184.156
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
17bd4bcb69e324586fcc2400c75915b7dfdc25a4ecb96fedd885dbb2fbcbf793
207461e411e1ff6d6c5b0dd702d26031adb86de86ed3f571baa5a6fc498fc4b6
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
717ce0b2320def5395f1c1e41e26c7747f22f85e240a19fc53bafa1e0a140ab2
74a78cea892f43d01c7573729c200c97dfebe5835476364435e411d0a674e28a
7a107828d1bc6f6e34848960a6f8085655e23302e2e9953e0457a091cbd8a94b
82e350881f6eb63820307045ca9f79ce2078a66e2caa3f2864da024cc8f06781
865cd03689f12015478fe046fb9c0c24e66f837cf4d3b23a418a9421f29993d4
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
8b0a5b53bd02dd2670691e8b7bc47c453dec82543bf7791417db5c690bad14e2
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
c71e24bce19817bdf385023b4d0f043ccbb32f827f6f1102367a35b5ea31feb3
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375