urlscan.io logo urlscan.io
SecurityTrails logo

notepad.pw Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
URL: http://notepad.pw/BORELLI2602
Submission: On December 04 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 5 countries across 25 domains to perform 113 HTTP transactions. The main IP is 151.139.128.11, located in Dallas, United States and belongs to HIGHWINDS3, US. The main domain is notepad.pw.
This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 151.139.128.11 20446 (HIGHWINDS3)
4 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 68.183.157.211 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 35.188.71.214 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 172.217.18.162 15169 (GOOGLE)
3 18.193.182.58 16509 (AMAZON-02)
2 69.173.144.143 26667 (RUBICONPR...)
2 104.111.215.135 16625 (AKAMAI-AS)
4 52.58.195.54 16509 (AMAZON-02)
4 37.252.173.22 29990 (ASN-APPNEX)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2620:116:800d... 16509 (AMAZON-02)
1 2.16.186.51 20940 (AKAMAI-ASN1)
1 2 2600:9000:219... 16509 (AMAZON-02)
1 2 95.101.55.60 16625 (AKAMAI-AS)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 35.226.36.58 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2.18.234.21 16625 (AKAMAI-AS)
1 184.24.15.122 16625 (AKAMAI-AS)
2 151.101.13.108 54113 (FASTLY)
2 2.18.233.180 16625 (AKAMAI-AS)
3 3 3.124.165.65 16509 (AMAZON-02)
1 1 52.1.18.121 14618 (AMAZON-AES)
113 36
9    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
notepad.pw
4    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    68.183.157.211 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server1.wpcc.io
wpcc.io
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:20::ac43:443c (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
6    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
4    2606:4700:3031::681b:8043 (United States)

ASN13335 (CLOUDFLARENET, US)
live.notepad.pw
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net
3    18.193.182.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-182-58.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    52.58.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
4    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    2.16.186.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
2    2600:9000:2190:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    95.101.55.60 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-55-60.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
pagead2.googlesyndication.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com
10    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
11    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
c.pub.network
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    184.24.15.122 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    3.124.165.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    52.1.18.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
Apex Domain
Subdomains		 Transfer
16 googlesyndication.com
001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
59 KB
13 notepad.pw
notepad.pw
live.notepad.pw
59 KB
10 ampproject.org
cdn.ampproject.org
195 KB
9 pub.network
a.pub.network
d.pub.network
c.pub.network
306 KB
9 cloudflare.com
cdnjs.cloudflare.com
204 KB
7 gstatic.com
fonts.gstatic.com
encrypted-tbn1.gstatic.com
75 KB
6 adnxs.com
ib.adnxs.com
acdn.adnxs.com
5 KB
6 bidswitch.net
grid.bidswitch.net
x.bidswitch.net
2 KB
6 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
122 KB
4 google.com
adservice.google.com
www.google.com
1 KB
4 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
168 B
4 sharethrough.com
btlr.sharethrough.com
437 B
4 googleapis.com
fonts.googleapis.com
4 KB
3 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 quantserve.com
edge.quantserve.com
pixel.quantserve.com
10 KB
3 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
3 KB
2 indexww.com
js-sec.indexww.com
2 quantcount.com
rules.quantcount.com
1 KB
2 casalemedia.com
htlb.casalemedia.com
739 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 wpcc.io
wpcc.io
5 KB
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 google.de
adservice.google.de
803 B
1 googletagservices.com
www.googletagservices.com
18 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
113 25
Domain Requested by
11 tpc.googlesyndication.com notepad.pw
securepubads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 cdnjs.cloudflare.com notepad.pw
cdnjs.cloudflare.com
9 notepad.pw notepad.pw
6 fonts.gstatic.com fonts.googleapis.com
6 a.pub.network notepad.pw
a.pub.network
5 securepubads.g.doubleclick.net www.googletagservices.com
notepad.pw
4 pagead2.googlesyndication.com notepad.pw
4 ib.adnxs.com notepad.pw
4 btlr.sharethrough.com notepad.pw
4 live.notepad.pw notepad.pw
4 fonts.googleapis.com notepad.pw
securepubads.g.doubleclick.net
3 x.bidswitch.net 3 redirects
3 www.google.com 1 redirects notepad.pw
3 grid.bidswitch.net notepad.pw
2 ads.pubmatic.com a.pub.network
2 acdn.adnxs.com a.pub.network
2 js-sec.indexww.com a.pub.network
2 c.pub.network notepad.pw
2 pixel.quantserve.com 1 redirects
2 sb.scorecardresearch.com 1 redirects
2 rules.quantcount.com 1 redirects
2 hbopenbid.pubmatic.com notepad.pw
2 htlb.casalemedia.com notepad.pw
2 fastlane.rubiconproject.com notepad.pw
2 www.google-analytics.com www.googletagmanager.com
notepad.pw
2 wpcc.io notepad.pw
1 sync.srv.stackadapt.com 1 redirects
1 eus.rubiconproject.com a.pub.network
1 googleads.g.doubleclick.net notepad.pw
1 encrypted-tbn1.gstatic.com notepad.pw
1 001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 b.scorecardresearch.com a.pub.network
1 edge.quantserve.com a.pub.network
1 www.googletagservices.com a.pub.network
1 d.pub.network notepad.pw
1 www.googletagmanager.com notepad.pw
113 39
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
notepad.pw
Sectigo ECC Domain Validation Secure Server CA		 2020-11-15 -
2021-02-13		 3 months crt.sh
wpcc.io
Sectigo RSA Domain Validation Secure Server CA		 2020-06-22 -
2021-06-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2020-03-17 -
2021-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-15 -
2021-10-23		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh

This page contains 12 frames:

Primary Page: http://notepad.pw/BORELLI2602
Frame ID: 55D0D38554FE60A6CC104D1148D78187
Requests: 69 HTTP requests in this frame

Frame: http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR
Frame ID: 508D4643A89FA3A739D488466589F88D
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 8E3CF3696EF19BBDC71941B87C531BBA
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 8888A85FF2F9D5DDC32B5342F98B1A04
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 001AA0B0359B5F39334FB635CFF8CC54
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 100B83B29186074CB7A28932B7174A6A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 40591A52312E783507F497629896422A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9666F08909C44335AA0DD29FC639068B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4282264A3BB505ADF7CDA10EFAFFABD3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5D507F5B84CB070F20800BE3DDD3768D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 04EECFFA3CEE8DA1980C4636D71B7EDA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2ED10579C56D8172FFDA391DF9A6FB3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /fbs/i

Page Statistics

113
Requests

86 %
HTTPS

49 %
IPv6

25
Domains

39
Subdomains

36
IPs

5
Countries

1128 kB
Transfer

3158 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Request Chain 3
  • http://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Request Chain 5
  • http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Request Chain 6
  • http://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Request Chain 7
  • http://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Request Chain 8
  • http://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Request Chain 10
  • http://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Request Chain 11
  • http://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Request Chain 12
  • http://wpcc.io/lib/1.0.2/cookieconsent.min.css HTTP 307
  • https://wpcc.io/lib/1.0.2/cookieconsent.min.css
Request Chain 13
  • http://wpcc.io/lib/1.0.2/cookieconsent.min.js HTTP 307
  • https://wpcc.io/lib/1.0.2/cookieconsent.min.js
Request Chain 47
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js HTTP 301
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Request Chain 48
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&c9=&cs_ak_ss=1
Request Chain 49
  • http://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.cloud%20notepad%2Ckeywords.write%2Ckeywords.note%2Ckeywords.writing%2Ckeywords.publish%2Ckeywords.webpage%2Ckeywords.markdown%2Ctitle.notepad.pw;rf=0;uht=2;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602;fpan=1;fpa=P0-1009064851-1607071692736;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=notepad.pw;je=0;sr=1600x1200x24;dst=1;et=1607071692736;tzo=-60;ogl=type.website%2Ctitle.notepad%252Epw%2Cdescription.Save%20your%20notes%20online%20for%20free%20and%20share%20them%20with%20friends!%2Curl.https%3A%2F%2Fnotepad%252Epw%2Cimage.https%3A%2F%2Fnotepad%252Epw%2Fog-icon%252Epng HTTP 301
  • https://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.cloud%20notepad%2Ckeywords.write%2Ckeywords.note%2Ckeywords.writing%2Ckeywords.publish%2Ckeywords.webpage%2Ckeywords.markdown%2Ctitle.notepad.pw;rf=0;uht=2;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602;fpan=1;fpa=P0-1009064851-1607071692736;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=notepad.pw;je=0;sr=1600x1200x24;dst=1;et=1607071692736;tzo=-60;ogl=type.website%2Ctitle.notepad%252Epw%2Cdescription.Save%20your%20notes%20online%20for%20free%20and%20share%20them%20with%20friends!%2Curl.https%3A%2F%2Fnotepad%252Epw%2Cimage.https%3A%2F%2Fnotepad%252Epw%2Fog-icon%252Epng
Request Chain 83
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 115
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=h56BJB6eS6FbAw998s5_SFJmEnI&user_group=1&ssp=themediagrid HTTP 302
  • https://grid.bidswitch.net/getuids?bsw_uid=1bfaad57-3082-462b-a6ee-18177f1f20d9&ssp_custom_data=

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set BORELLI2602
notepad.pw/ 		30 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
7f743542004ddb477e1e50e10136b35dabc73d891271fce1ad425ede1d1bbb93

Request headers

Host
notepad.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:10 GMT
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Set-Cookie
SPSI=eb34b1aab4a30b91cb346f6779da8721; path=/; HttpOnly; SPSE=C9KkU2SmAbwJy9RkIwlWOraVjcRa3XMDChYAfpPCLSZ0pynRqh8cSjQe0diHC0HvO3HAtWWTdd0Gvpa8bJGfcA==; path=/; HttpOnly; spcsrf=21d696f6cf3f8e9b0969caed0f4c022f; path=/; SameSite=Strict; HttpOnly; expires=Fri, 04-Dec-20 10:48:10 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h46fd04adc470b29fd08c6285d663755ce48; path=/; expires=Sat, 04-Dec-21 08:48:10 GMT pad_cookie=b18ec376823493de60d9df201a4f450ceef41ce5; expires=Fri, 04-Dec-2020 10:49:31 GMT; Max-Age=7200; path=/; HttpOnly sp_lit=eBEnO/4kkF16rFO05nwLMA==; path=/; SameSite=Strict; HttpOnly; expires=Fri, 04-Dec-20 08:53:10 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
fbs
Access-Control-Allow-Origin
*
X-HW
1607071690.cds042.pa1.h2,1607071690.cds228.pa1.sc,1607071690.cdn2-redis02-cdg1.stackpath.systems.-.wx,1607071690.cds228.pa1.p
Connection
keep-alive
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d623f3bc0dd44a1845c2240b3ac3b15184cd43f7e2c780eb4d49c53fe4d89af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Dec 2020 08:48:10 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 04 Dec 2020 08:48:10 GMT
global.css
notepad.pw/content/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/content/css/global.css?229
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 03:48:05 GMT
Server
fbs
ETag
"59d1b6f5-1821"
Transfer-Encoding
chunked
X-HW
1607071690.cds042.pa1.h2,1607071690.cds018.pa1.sc,1607071691.cdn2-wafbe04-cdg1.stackpath.systems.-.wx,1607071691.cds018.pa1.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159696
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
742
cf-request-id
06ce8908da0000178a3226d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-8a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MCy9KrA1ykWdiX0ncXBsbtfvGYurty7Dc5K9NmGidwONwiN8d%2B%2BV%2BHj%2FM1e%2B8ckFY6zPPr%2B8CdcSguCyhvsRu7kOp%2BxDzXroVivjO3piqCvMd2J3zSuXNEv2mn2qprIt2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc44454884d178a-FRA
expires
Wed, 24 Nov 2021 08:48:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Non-Authoritative-Reason
HSTS
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
16032
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
6642
cf-request-id
06ce8908db0000178a2f3aa000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea8-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JWwfOLyRZcz%2BTiUS9NyzZiD6ovFSFjAMjC3blG80SAjOWcdQ7wyy%2FeJmgAHjFMGDYuo5r4KxQLnbqaaPLtNTjr4gIpKwmkyYr3Zvo%2FOYsOI%2BI2limvRAv%2FgWKO5x2tNP5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc444548852178a-FRA
expires
Wed, 24 Nov 2021 08:48:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Non-Authoritative-Reason
HSTS
logo-dark.png
notepad.pw/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad.pw/content/images/logo-dark.png
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
last-modified
Thu, 30 Aug 2018 21:59:20 GMT
server
fbs
etag
"5b8868b8-57f4"
x-hw
1607071691.cds039.pa1.hn,1607071691.cds225.pa1.sc,1607071691.cdn2-wafbe02-cdg1.stackpath.systems.-.wx,1607071691.cds225.pa1.p
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
22516
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
16472
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
26646
cf-request-id
06ce8908f20000178aa3080000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1499c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AXxhqFYX9Qq9XYrCjRS0RB3AgSsVtIbGVyydvYHhOvkzDl34IYYiBBB5hSXIig0wZ0WF2%2FNZNz7r2NfrJDBy3Zc4FToP4PadMRmfmnVH%2B1bW6HjLW90AC26Did7Oadu8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc44454b888178a-FRA
expires
Wed, 24 Nov 2021 08:48:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Non-Authoritative-Reason
HSTS
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
156 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
23860
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
49420
cf-request-id
06ce89090a0000178a84278000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d27-27130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yRvCdpCR6tHzVJNLxWXa4ZJLw%2FCIeYy024HvzzIGbli0s6emytqGB0lcGm5lAARDkqSXhwRjJZZAA93YH3TirRadZTIyIe1A9ao2cZoncpVLPZEgxGxCLtB5EKQqKXvYJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc44454d8c7178a-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Non-Authoritative-Reason
HSTS
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
1 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159707
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
677
cf-request-id
06ce89091e0000178a3aba7000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d27-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kMYqC%2FivYNDxxSIyjqxop1qx03A3Kkc0xqUNkiAOyWqDcWxlAloE9fU0PW%2BCH55Keb7W%2BoI6vOpZjIGSQuj7G0ksNbEeezx51TjQ5VRWirHszzXKQ00hgQkzKtHJ1yjtgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc44454f910178a-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Non-Authoritative-Reason
HSTS
socket.io.min.js
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159719
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
19101
cf-request-id
06ce89092b0000178a13395000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-10ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fYLKzrqsBUgPTPqaF9ulwWGdxl5HvzmXcY933qI6QgCdscqBQbk8UUZrUoHy1s0n1XEePmOZ4JXBPx87Jvcd6z5QCvZh2S24v8CXaFWiivtfwTX7UDZgcBTfnhZ8htKvBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc444551932178a-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Non-Authoritative-Reason
HSTS
app.min.js
notepad.pw/content/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/content/js/app.min.js?366
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 22:33:49 GMT
Server
fbs
ETag
"5b8870cd-2089"
Transfer-Encoding
chunked
X-HW
1607071691.cds001.pa1.h2,1607071691.cds225.pa1.sc,1607071691.cdn2-wafbe01-cdg1.stackpath.systems.-.wx,1607071691.cds225.pa1.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
store.min.js
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159694
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
994
cf-request-id
06ce8909ac0000178a21ab1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fdc-a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WIqdQC7R9WUpQjjnUPG%2BajHNnzJcOmL88o3HvwLPUZfqd%2FrCS7C6Zj7F1d5fA9lqlbEEUN0tElbEGOcrMuJJ2bmHB2VALOOj5p0Tc2awuxobrQyBXMJYuS8y9pMM9DIWag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc44455dabc178a-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Non-Authoritative-Reason
HSTS
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159717
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
3005
cf-request-id
06ce8909d40000178a82276000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iKIB1wwvBZkqlhK1eaxwHx4JQpoZ0uS%2B4G7BOvKTe99TPok9%2FO6xKDEiYI6nWu%2FRH7Sp%2B0BaVGRJvUxw0eNZHvnD5or4MteGEJ68wsVUiMcS2JTjn%2BHUSwoyXyur65q1tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc444561b42178a-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Non-Authoritative-Reason
HSTS
cookieconsent.min.css
wpcc.io/lib/1.0.2/
Redirect Chain
  • http://wpcc.io/lib/1.0.2/cookieconsent.min.css
  • https://wpcc.io/lib/1.0.2/cookieconsent.min.css
4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcc.io/lib/1.0.2/cookieconsent.min.css
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
server1.wpcc.io
Software
nginx /
Resource Hash
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Apr 2019 15:44:29 GMT
server
nginx
etag
W/"5ca777dd-fbe"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Sun, 03 Jan 2021 08:48:11 GMT

Redirect headers

Location
https://wpcc.io/lib/1.0.2/cookieconsent.min.css
Non-Authoritative-Reason
HSTS
cookieconsent.min.js
wpcc.io/lib/1.0.2/
Redirect Chain
  • http://wpcc.io/lib/1.0.2/cookieconsent.min.js
  • https://wpcc.io/lib/1.0.2/cookieconsent.min.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcc.io/lib/1.0.2/cookieconsent.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
server1.wpcc.io
Software
nginx /
Resource Hash
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 00:22:01 GMT
server
nginx
etag
W/"5f29fba9-226a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Sun, 03 Jan 2021 08:48:11 GMT

Redirect headers

Location
https://wpcc.io/lib/1.0.2/cookieconsent.min.js
Non-Authoritative-Reason
HSTS
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153530698-1
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33c43d39018b07879a080935fd26fdeb82970bff929ee2d1ef3951a21d632f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38730
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Dec 2020 08:48:11 GMT
pubfig.min.js
a.pub.network/notepad-pw/ 		155 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/notepad-pw/pubfig.min.js
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91eb4e13cfeb70e591e2212e7a09de429516a0ae7788f60ac72f085b486b688b

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=QXcvbg==, md5=90wuQ+6JG2eMAT/YgDK4qw==
date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UygZW62hT_N2WLFCb8O2RUE_0SfuFf5FQAgpIfm3aQMFES9QOMIsF5Z7YjVPtsl193tjGy-v8AzuQXdrm9N6FQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
06ce8909be00002b65b582e000000001
last-modified
Tue, 24 Nov 2020 21:19:38 GMT
server
cloudflare
etag
W/"f74c2e43ee891b678c013fd88032b8ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xwqdqzkYgnrn%2BXwDoagu6xvzusvduUrUt62h2DQRCjjFd2v4cKj2tIsFmB%2BITPtDr6cmrcz5NE2Hi%2BprXvJ%2F0YDwl3ldyoPfzI79c59W1He37D9%2FJbuVp9YP"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1606252778098031
cache-control
public, max-age=1800
x-goog-stored-content-length
159154
cf-ray
5fc44455f8302b65-FRA
expires
Thu, 03 Dec 2020 23:49:21 GMT
/
notepad.pw/sbbi/ Frame 508D 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
d7e63bc62d2e682532b6a3d5f98951432d3dd91e4afddfbb3832c19395aa827b

Request headers

Host
notepad.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
SPSI=eb34b1aab4a30b91cb346f6779da8721; SPSE=C9KkU2SmAbwJy9RkIwlWOraVjcRa3XMDChYAfpPCLSZ0pynRqh8cSjQe0diHC0HvO3HAtWWTdd0Gvpa8bJGfcA==; spcsrf=21d696f6cf3f8e9b0969caed0f4c022f; pad_cookie=b18ec376823493de60d9df201a4f450ceef41ce5; sp_lit=eBEnO/4kkF16rFO05nwLMA==; PRLST=yR; UTGv2=h46fd04adc470b29fd08c6285d663755ce48
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Date
Fri, 04 Dec 2020 08:48:11 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Server
fbs
X-Accel-Expires
0
Access-Control-Allow-Origin
*
X-HW
1607071691.cds038.pa1.h2,1607071691.cds217.pa1.sc,1607071691.cdn2-wafbe04-cdg1.stackpath.systems.-.i,1607071691.cds217.pa1.p
Connection
keep-alive
/
notepad.pw/sbbi/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://notepad.pw/sbbi/?sbbpg=utMedia&vii=ehb4364fbd10a4aabd4ca43700bb9219cfbd30486cf66278759dd6a683772515mcoey4l8
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Accel-Expires
0
Date
Fri, 04 Dec 2020 08:48:11 GMT
Server
fbs
Transfer-Encoding
chunked
X-HW
1607071691.cds042.pa1.h2,1607071691.cds217.pa1.sc,1607071691.cdn2-wafbe04-cdg1.stackpath.systems.-.i,1607071691.cds217.pa1.p
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection
keep-alive
ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 		184 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
http://notepad.pw
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
23339
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
97438
cf-request-id
06ce8909c20000dff78d2e4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea8-2e05c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s2ep5AGVR68ps5IvGI7g7jZXFc1f5wGzMWBXuqRBF9sGRYRLANuFtD9uURv1XFzLOgLwVBEYjREijl%2B4cGY2jmMwnte6S0%2Bjuzz0gmaOk41Ixl3ehh9iMB9D%2FGsEXe4Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fc444560cfddff7-FRA
expires
Wed, 24 Nov 2021 08:48:11 GMT
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Noto+Sans:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
http://fonts.googleapis.com/css?family=Noto+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Dec 2020 11:32:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Sep 2020 23:50:56 GMT
Server
sffe
Age
76563
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10292
X-XSS-Protection
0
Expires
Fri, 03 Dec 2021 11:32:08 GMT
init
d.pub.network/ 		142 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/init?key=1413undefined
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
24c355aa5feda297ae823836e2b1a6f2d12d94285bf737756f2d3c5792bc0bb5

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://notepad.pw
Date
Fri, 04 Dec 2020 08:48:11 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
borelli2602
notepad.pw/fetch/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/fetch/borelli2602?_=1607071691216
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
1722abb272a8ef65ed54aa88aa44c683037bb147223ef0903a6ee6ff8f37c382

Request headers

X-MOD-SBB-CTYPE
xhr
Accept
*/*
Referer
http://notepad.pw/BORELLI2602
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:11 GMT
Content-Encoding
gzip
Server
fbs
Transfer-Encoding
chunked
X-HW
1607071691.cds001.pa1.h2,1607071691.cds039.pa1.sc,1607071691.cdn2-wafbe04-cdg1.stackpath.systems.-.wx,1607071691.cds039.pa1.p
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
live.notepad.pw/socket.io/ 		101 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NOix_GD
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049065e461efaabfd5823c511d7722d426043b6c7e1c3ff96fa425cb1be1c5a9

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:12 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fs1pcbcOdObYybS%2FyWbgnULbrDW7f9X%2BngLJJBBD2cHwW%2BYUDXdIHZ0RYYokqX3Xu8aqmgCGlKw6dd7vLxW4zaBVhCJF3UG16WbdtqkI1Es4kL1ZmpfoewYLl90%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
http://notepad.pw
access-control-allow-credentials
true
cf-ray
5fc44459e95e2c4a-FRA
content-length
101
cf-request-id
06ce890c2d00002c4a6e9b9000000001
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Noto+Sans:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
http://fonts.googleapis.com/css?family=Noto+Sans:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Dec 2020 11:37:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Sep 2020 23:58:43 GMT
Server
sffe
Age
76243
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10116
X-XSS-Protection
0
Expires
Fri, 03 Dec 2021 11:37:28 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153530698-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3532
date
Fri, 04 Dec 2020 07:49:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 04 Dec 2020 09:49:20 GMT
pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
a.pub.network/core/pubfig/ 		285 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/notepad-pw/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af02623e86d6d92d1b4e65626d818e9d128766d95f209e5768befc31eff4e68

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=zDfHqw==, md5=3BPGrmjEbEvh5TSLJuvU8w==
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UwixdoZ4KYtMHFE4KGpUOAk9GqdtfvUrGki8sVpV4Zgz8o7ZKQSynEOYito2RhDWqqL9F1wJ_e3VMuKz_YBY54
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
06ce890cf600002b659a3c4000000001
last-modified
Tue, 24 Nov 2020 20:04:13 GMT
server
cloudflare
etag
W/"dc13c6ae68c46c4be1e5348b26ebd4f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Wl1JLIgn4BXArf0DNmlAFSwuyT%2BGyqsAGz8a2AEt2uDq5SnLuaFAe5kyVn4SSAggYYrh9Tn4xFIfzc8hE1tXdjX839cxNvAOSVKHNZS4x0HWxHR45WfwZOH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1606248253640721
cache-control
public, max-age=3600
x-goog-stored-content-length
292305
cf-ray
5fc4445b2c8b2b65-FRA
expires
Fri, 04 Dec 2020 00:35:16 GMT
/
live.notepad.pw/socket.io/ 		5 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NOix_MO&sid=-ciex0Zc6CF302XVASsG
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:12 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oUXYofQ9qlDSjaGKCdJvuZXOLdVTE9u4yFC3kkM55wT8xNWB5iYK%2FngZyPKbqnSDkod%2BCQDM17JH7GMsb%2FCPMdr3ON%2BDBElorIKh1nwZ6TXLinw9fv1oNVQel1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
http://notepad.pw
access-control-allow-credentials
true
cf-ray
5fc4445c2edb2c4a-FRA
content-length
5
cf-request-id
06ce890d9b00002c4a649c8000000001
collect
www.google-analytics.com/j/ 		1 B
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=806447809&t=pageview&_s=1&dl=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&ul=en-us&de=UTF-8&dt=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1457224949&gjid=1055909296&cid=1113358435.1607071692&tid=UA-153530698-1&_gid=317847017.1607071692&_r=1&gtm=2oub41&z=1683867658
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://notepad.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ae814e9dd0e21fd2786990083607c78995749fa6d177eac499c65ad9b158ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"713 / 989 of 1000 / last-modified: 1607037219"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
18406
X-XSS-Protection
0
Expires
Fri, 04 Dec 2020 08:48:12 GMT
prebid-analytics-4.10.0.js
a.pub.network/core/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-4.10.0.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbaab8f472717f5f659cb28deb326df6d4b858bf1025c84f366a808798c1587

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=JH7wqQ==, md5=99s/gqDS63NRL9sZf88ibQ==
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UzmGclYvweOx8pX5xXN43XYoTL8hsKWJPs-OtdsAAjXkPGrjWNleYU2OCMDMLZdBIDj9nIym6gldH1IQqIskw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
cf-request-id
06ce890e0c00002b659d1f5000000001
last-modified
Mon, 05 Oct 2020 20:56:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EduBEu%2BHaFkIxRl1aCZ29H1tFvOUTgJsN7tt%2Bf6plMZ3JYvlKSxH9p4YW7T1YzbRJ8hPTuuCXLzJsPeq5TJdd%2BOhJRW5SrYfgG6FPrLaGSsRH7EpZrKIDr03"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1601931411309627
cache-control
private, max-age=86400
x-goog-stored-content-length
422619
cf-ray
5fc4445cd8da2b65-FRA
expires
Fri, 03 Dec 2021 23:35:16 GMT
/
notepad.pw/sbbi/ Frame 508D 		516 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Host
notepad.pw
Connection
keep-alive
Content-Length
641
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
http://notepad.pw
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
SPSI=eb34b1aab4a30b91cb346f6779da8721; SPSE=C9KkU2SmAbwJy9RkIwlWOraVjcRa3XMDChYAfpPCLSZ0pynRqh8cSjQe0diHC0HvO3HAtWWTdd0Gvpa8bJGfcA==; spcsrf=21d696f6cf3f8e9b0969caed0f4c022f; pad_cookie=b18ec376823493de60d9df201a4f450ceef41ce5; sp_lit=eBEnO/4kkF16rFO05nwLMA==; PRLST=yR; UTGv2=h46fd04adc470b29fd08c6285d663755ce48; adOtr=b4b1ea3baa4; fsbotchecked=true; typography=%7B%22sp_class%22%3A%22not-active%22%7D; _fsloc=?i=FR&c=Paris&s=75; __cfduid=df314d65dea96f582807db7dd566b74d21607071691; _ga=GA1.2.1113358435.1607071692; _gid=GA1.2.317847017.1607071692; _gat_gtag_UA_153530698_1=1; _fssid=2f38e575-c6de-4279-9baf-5555c763caba; fssts=false
Upgrade-Insecure-Requests
1
Origin
http://notepad.pw
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Server
fbs
X-Accel-Expires
0
Access-Control-Allow-Origin
*
X-HW
1607071692.cds001.pa1.h2,1607071692.cds036.pa1.sc,1607071692.cdn2-wafbe04-cdg1.stackpath.systems.-.i,1607071692.cds036.pa1.p
Connection
keep-alive
pubads_impl_2020111901.js
securepubads.g.doubleclick.net/gpt/ 		277 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 09:45:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99950
x-xss-protection
0
expires
Fri, 04 Dec 2020 08:48:12 GMT
/
live.notepad.pw/socket.io/ 		2 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NOix_Pf&sid=-ciex0Zc6CF302XVASsG
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Fri, 04 Dec 2020 08:48:12 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
5fc4445d79e32c4a-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ftfZLPPzQo6o22vIeD1KY4GQnW3yzqBM5DDIkqcaghX3pDjP77Md2TXFgEKjfMfdRDPEXYDSKjS1L2KniD1qNyor3tzizuqKYp%2BuS30Ukux03qR4P9fpBQ6I7Ls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
http://notepad.pw
access-control-allow-credentials
true
content-encoding
br
cf-request-id
06ce890e6d00002c4ad73db000000001
/
live.notepad.pw/socket.io/ 		4 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NOix_Pf.0&sid=-ciex0Zc6CF302XVASsG
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8043 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:12 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z6w%2FLGuy4U8lZJuOpM%2F%2FoonbOHgtgPdo%2BNKcVdoMDOq%2FR%2Fv7cQYvf6qHLk4XtH8K%2FL2sDqTsVU5FC0Ycx3Y9mhvGVkmseDmpcnhIbYIPbAILExC4X06wGjNFGM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
http://notepad.pw
access-control-allow-credentials
true
cf-ray
5fc4445d79e62c4a-FRA
content-length
4
cf-request-id
06ce890e6d00002c4a6c379000000001
/
notepad.pw/sbbi/ Frame 508D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR
Protocol
HTTP/1.1
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
964ee967649b1f69b9cf037a29aa6b37107a36b934a8c7f6aa95ec27de77533f

Request headers

Host
notepad.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
SPSI=eb34b1aab4a30b91cb346f6779da8721; SPSE=C9KkU2SmAbwJy9RkIwlWOraVjcRa3XMDChYAfpPCLSZ0pynRqh8cSjQe0diHC0HvO3HAtWWTdd0Gvpa8bJGfcA==; spcsrf=21d696f6cf3f8e9b0969caed0f4c022f; pad_cookie=b18ec376823493de60d9df201a4f450ceef41ce5; sp_lit=eBEnO/4kkF16rFO05nwLMA==; PRLST=yR; UTGv2=h46fd04adc470b29fd08c6285d663755ce48; adOtr=b4b1ea3baa4; fsbotchecked=true; typography=%7B%22sp_class%22%3A%22not-active%22%7D; _fsloc=?i=FR&c=Paris&s=75; __cfduid=df314d65dea96f582807db7dd566b74d21607071691; _ga=GA1.2.1113358435.1607071692; _gid=GA1.2.317847017.1607071692; _gat_gtag_UA_153530698_1=1; _fssid=2f38e575-c6de-4279-9baf-5555c763caba; fssts=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=yR&sbbgs=h46fd04adc470b29fd08c6285d663755ce48&ddl=1

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Server
fbs
X-Accel-Expires
0
Access-Control-Allow-Origin
*
X-HW
1607071692.cds001.pa1.h2,1607071692.cds204.pa1.sc,1607071692.cdn2-wafbe01-cdg1.stackpath.systems.-.i,1607071692.cds204.pa1.p
Connection
keep-alive
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
hbjson
grid.bidswitch.net/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.182.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-182-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1498292&size_id=2&alt_size_ids=55%2C221&rp_schain=1.0,1!freestar.io,1413,1,,,&rf=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&tk_flint=pbjs_lite_v4.10.0&x_source.tid=8931ae44-d816-4037-948b-e3c18800804b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.24822789135543788
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
687884af313dd5c3e976d8524f787b77c47268858539aec94f8ef3678ab2ceec

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=538329&v=7.2&r=%7B%22id%22%3A%22635a41add22b1b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2274e02645213092%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2284f6ac06999064%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22912cd9c274a717%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fnotepad.pw%2FBORELLI2602%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4a936a73d12a7ba955236424035315b0368a6af151d40550be0b95f3e343e3

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[82.102.18.114], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
http://notepad.pw
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Fri, 04 Dec 2020 08:48:12 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=1166df7ea54d488&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=126960b85217745&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fe25fc5b7eaf28a6101f2d5521ee868039da82315d666a4a44e16ffdb53e1749
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
eccddae5-06d7-42b5-b01a-3b5dd8a73d87
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
62169124078340d57d7a38865e34f94a862df684114ebdff29030f2fb56d58db
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.136:80
AN-X-Request-Uuid
a01448fe-406c-4120-9019-f2bf894bc53b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
HTTP/1.1
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Content-Encoding
gzip
Etag
"O/+l6c17R2TQ0JQMJXOiXA=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 11 Dec 2020 08:48:12 GMT
beacon.js
b.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
HTTP/1.1
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 05 Dec 2020 08:48:12 GMT
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UzIkIa1znU3GpziP0tcab5Df11mcWdOoC5PPdZxQE-caVfFGLTZkxl6yEhNIMx19yplvk2O1Detp0VtFUpzzlMApI-CfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
cf-request-id
06ce890f6a00002b65a3a1b000000001
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B6mSA7dwL2Q3ZWrPfUuN5ZqGuRssoeq5k6z2AQuRA%2F5qxDSBpFYPULDsrK%2FXoGJb09%2BP0QMcjF4s3k9K1iWIqBQvFgzO4HbSGex%2BaMgz9i0pjiyw20Gli%2BfK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599584677716817
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
5fc4445f0d872b65-FRA
expires
Fri, 04 Dec 2020 09:35:53 GMT
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:41:58 GMT
content-encoding
gzip
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
age
374
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
6FyEuzUA5BIFGkWlWvohar0qak8G3CupdNGAZNlD2reomZPEHAhr1w==

Redirect headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
Via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZRH50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
4aEyu-CjUfIY092vO1w6S9y2K4sPobfThJCVDQYHCZMPDioFY1xjoA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fnot...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fno...
0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&c9=&cs_ak_ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-55-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1607071692713&ns_c=UTF-8&cv=3.5&c8=notepad.pw%20%2F%20BORELLI2602%20%7C%20The%20napkin%20of%20the%20internet.&c7=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.clo...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.onl...
  • https://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.on...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.cloud%20notepad%2Ckeywords.write%2Ckeywords.note%2Ckeywords.writing%2Ckeywords.publish%2Ckeywords.webpage%2Ckeywords.markdown%2Ctitle.notepad.pw;rf=0;uht=2;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602;fpan=1;fpa=P0-1009064851-1607071692736;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=notepad.pw;je=0;sr=1600x1200x24;dst=1;et=1607071692736;tzo=-60;ogl=type.website%2Ctitle.notepad%252Epw%2Cdescription.Save%20your%20notes%20online%20for%20free%20and%20share%20them%20with%20friends!%2Curl.https%3A%2F%2Fnotepad%252Epw%2Cimage.https%3A%2F%2Fnotepad%252Epw%2Fog-icon%252Epng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1779962728;labels=keywords.notepad%20online%2Ckeywords.notepad%2Ckeywords.cloud%2Ckeywords.free%20notepad%2Ckeywords.save%20notes%2Ckeywords.notes%2Ckeywords.online%20notepad%2Ckeywords.cloud%20notepad%2Ckeywords.write%2Ckeywords.note%2Ckeywords.writing%2Ckeywords.publish%2Ckeywords.webpage%2Ckeywords.markdown%2Ctitle.notepad.pw;rf=0;uht=2;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602;fpan=1;fpa=P0-1009064851-1607071692736;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=notepad.pw;je=0;sr=1600x1200x24;dst=1;et=1607071692736;tzo=-60;ogl=type.website%2Ctitle.notepad%252Epw%2Cdescription.Save%20your%20notes%20online%20for%20free%20and%20share%20them%20with%20friends!%2Curl.https%3A%2F%2Fnotepad%252Epw%2Cimage.https%3A%2F%2Fnotepad%252Epw%2Fog-icon%252Epng
Date
Fri, 04 Dec 2020 08:48:12 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Sat, 05 Dec 2020 08:48:12 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=21d575174694045&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=222e3adc0cfe14c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.10.0&strVersion=3.2.1&secure=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://notepad.pw
date
Fri, 04 Dec 2020 08:48:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=538329&v=7.2&r=%7B%22id%22%3A%22279dfc89eae4269%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222866ab5476e1ebb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22292ff1e7a94c8f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230825e07960921d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22538329%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fnotepad.pw%2FBORELLI2602%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%221413%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f2ea7238b9927a71d7bfcedae62be3f7345754a339211c6c727f8efdfe2e120

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[82.102.18.114], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
http://notepad.pw
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Fri, 04 Dec 2020 08:48:12 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2c3f1badfdeb55620142618990105a2decef1798aa41f365589567e851a5ff63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
83bedccb-7c41-459f-b043-b7468d047e1d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.182.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-182-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 04 Dec 2020 08:48:12 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
2
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4ad795ba3fce10f080ef4de94fc8242ee0cc4695a66ac8dd533ad99959d32de4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.82:80
AN-X-Request-Uuid
465def69-e640-4776-be64-2c90650c5318
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		262 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1498292&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!freestar.io,1413,1,,,&rf=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&tk_flint=pbjs_lite_v4.10.0&x_source.tid=93c73b13-f649-4fec-9f65-16409e6ad1f2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3806509399810025
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2cd66b29e13cc5fda0203c8bd3cc6fe5448cf04ead16aa1e36adf32195a0d9e4

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 08:48:12 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://notepad.pw
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=notepad.pw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=notepad.pw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Dec 2020 08:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1331516021645192&correlator=4241845252686964&output=ldjh&impl=fifs&eid=21068811%2C21068863%2C21066705&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201204&iu_parts=15184186%2Cnotepad_970x90_728x90_320x50_Sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=23&abxe=1&lmt=1607071692&dt=1607071692897&dlt=1607071690946&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1199&adks=2140769806&ucis=1&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1113358435.1607071692&ga_sid=1607071693&ga_hid=806447809&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
1de1def243f6807e32d14e5f8bda80488e9752d43871ff0f78bf4a71dc964a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11366
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://notepad.pw
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1331516021645192&correlator=4241845252686964&output=ldjh&impl=fifs&adsid=NT&eid=21068811%2C21068863%2C21066705&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201204&iu_parts=15184186%2Cnotepad_970x90_728x90_320x50_320x100_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90%7C970x90&prev_scp=fsrefresh%3Dfalse%26fsrebid%3Dfalse%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=23&abxe=1&lmt=1607071692&dt=1607071692962&dlt=1607071690946&idt=1623&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=5&adks=338981424&ucis=2&ifi=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fnotepad.pw%2FBORELLI2602&vis=1&scr_x=0&scr_y=0&psz=1600x1044&msz=1600x70&ga_vid=1113358435.1607071692&ga_sid=1607071693&ga_hid=806447809&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
3b144dfc41f5870097e9ee9403b1a06629861de045c45099a6fc91d077162b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12394
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://notepad.pw
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubfig.messaging.2.1.3.ab081b6049bb76c4f685d0c654c6a14aa5aad31b.js
a.pub.network/core/pubfig/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.1.3.ab081b6049bb76c4f685d0c654c6a14aa5aad31b.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f10b8a6df37fef05944c8e01395dcbc3fc5acf10037a61a6a9b112a436a5d0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=z9XADw==, md5=KvnUENyj6ZH37qScaBnxhw==
date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UyckwEFR9PyPKyjSEte4FQgYCsfGAFymrUhuBT48ceJp9PyOmltHnAmwcUEUzRAcuMNplJvSF8FeFPWFcxyddI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
06ce8911f300002b6566a13000000001
last-modified
Wed, 18 Nov 2020 19:53:23 GMT
server
cloudflare
etag
W/"2af9d410dca3e991f7eea49c6819f187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acmieft41lXxkXCr3E%2Fv04OmU4ZmY7N657pBzvq17AH7DMtn0ltHCyUzMO4yiJMxhSPM2mOgNTSgNiBhSAL%2Fq76LbkXYdhmtBL%2FeN1%2F3poC5WtC6GVLicqkY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605729203227682
cache-control
public, max-age=3600
x-goog-stored-content-length
217902
cf-ray
5fc44463180b2b65-FRA
expires
Fri, 04 Dec 2020 00:35:16 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012010270040000/ Frame 8E3C 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85619
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51478
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0305d7d21a7fe4a1"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8E3C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85628
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8E3C 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85967
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 08:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 08:55:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8E3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85620
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 8E3C 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
86319
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 08:49:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 08:49:34 GMT
css
fonts.googleapis.com/ Frame 8E3C 		4 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Dec 2020 08:48:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 04 Dec 2020 08:48:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 04 Dec 2020 08:48:13 GMT
css
fonts.googleapis.com/ Frame 8E3C 		4 KB
724 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Dec 2020 07:42:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 04 Dec 2020 08:48:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 04 Dec 2020 08:48:13 GMT
truncated
/ Frame 8E3C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efeec1db90196e369511d1739cc1f4af1fae1dcca4a0133142ee654f5899397b

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
shopping
encrypted-tbn1.gstatic.com/ Frame 8E3C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT8uCWV9w-fxfvBBjEXkGiJAZV_fk-h3joFkANcPpb-LUfMjA0jpH9IgfoijA&usqp=CAI
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffac3bdcf6f61723d012cc0e95131d7eaed3c4f711d621aaa501ed6ed3b4e921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 06:21:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 12:01:21 GMT
server
sffe
age
181602
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10249
x-xss-protection
0
expires
Thu, 02 Dec 2021 06:21:31 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 8E3C 		1 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44576
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 20:25:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8E3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYMfOzffJX-ERs5z6BoeCuOgGwaXsmWDiyM_SgA3fwJH4_RsQASDa18U5YPuBgICICqABsNLXmQPIAQapAhCwTRusYrQ-4AIAqAMByAMKqgTQAU_QVANqt6cN6IAV6pmNPVzlBPlSR7SiNSrtDHXoE2aYkh4krLuU4TZmloIn3Fm4HiQOtQdgGH1Fwhygn3Qn496imaXLXK2U25DCecVTyArXCee10T-vgepq3LCI8GBKqN3UKuMaVif7KeohPoqhva12QSQYBjYoO8ZFQv9YQDuS5gE6XVeUL_LRx6EtwptoXpE_cLC6nZU9VjhKEFAtTf7X-kfaWEF64vh2WT2_eH24XYwIBlJRq68xXYDaWRY70ABF3CTGp4Wt3Q311lvH333ABPO2m6StA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAeYmMsmqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcDEPAu0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0zMTQ1OTg0NjgxNTA3Mzk5gAoDyAsB2BMMiBQDshcaChgIARIUcHViLTM2MDUyNTczNjA4NTMxODU&sigh=pvLsV7m-Bc4&template_id=493&tpd=AGWhJmvUiO5nz0adwJ5aCYHMFXGSCUaYfx3L9S8E3Gyc2-SBig
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 8E3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQKhm1XJ3_-c6-vtvxq5K_6XPn38xyVYgmg4sENfOB4sKk4J8fzZo5NGDa-Z6BrIW2cBpbW
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8E3C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
77955
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 04 Dec 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8E3C 		295 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 22:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
36973
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 04 Dec 2020 22:32:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b38cc10165eaa929a284746279fafede8b41a5fd9719855b5fefd6bf3c721532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6579
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8E3C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 21:21:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
127618
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 02 Dec 2021 21:21:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8E3C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
77256
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Fri, 03 Dec 2021 11:20:37 GMT
c
c.pub.network/ 		36 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ffa2dd1068a5cb5518b51eeb0049683a102e123e7132b2030d4be2bee109d606

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
http://notepad.pw
Date
Fri, 04 Dec 2020 08:48:13 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Fri, 04 Dec 2020 08:48:13 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8E3C
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Fri, 04 Dec 2020 08:48:13 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8888 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://notepad.pw/BORELLI2602
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Fri, 04 Dec 2020 07:49:21 GMT
expires
Sat, 04 Dec 2021 07:49:21 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3532
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012010270040000/ Frame 001A 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85619
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51478
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0305d7d21a7fe4a1"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 001A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85628
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 001A 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85967
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 08:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 08:55:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 001A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
85620
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 09:01:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 09:01:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 001A 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
86319
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Thu, 03 Dec 2020 08:49:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Dec 2021 08:49:34 GMT
css
fonts.googleapis.com/ Frame 001A 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Dec 2020 07:31:05 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 04 Dec 2020 08:48:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 04 Dec 2020 08:48:13 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 001A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
77955
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 04 Dec 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 001A 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 22:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
36973
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 04 Dec 2020 22:32:00 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/17218768174288037697/ Frame 001A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17218768174288037697/6592766407814317453
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00f59d257000ac9a98e485bb2c0623cc3aede25188ee596ecf10d2f7cbd60c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 08:46:13 GMT
x-content-type-options
nosniff
age
120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34019
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 19:03:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Dec 2021 08:46:13 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3887383021859975157/ Frame 001A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3887383021859975157/downsize_200k_v1?w=100&h=100
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b0b014f32048f0c4fb85934b82c9d0af2f3049b422474687a8986725c6cad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 12:44:42 GMT
x-content-type-options
nosniff
age
158611
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2385
x-xss-protection
0
last-modified
Fri, 30 Nov 2018 15:16:19 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Dec 2021 12:44:42 GMT
truncated
/ Frame 001A 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 001A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da9baae8e8c7d1ff39547fd1d4b05276ded96f92bc7bcf4bad1784dbc5d1c21

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 001A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRaYXqJOP2nlAhQpIxRzu_my63zmlDRBAmf6ea2tKZCV4unDZPbRf1SEtOUPxsUhG62SXQi
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 001A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnofQzffJX_mbEciEx_APktGX6AGsuJG5YLKu-aiHDdC_2uCvCRABINrXxTlg-4GAgIgKoAG_h_fXA8gBCakCELBNG6xitD7gAgCoAwHIAwqqBNMBT9CU7KotcLXYnblu5rO1q1KyBzYn4XwCaD71FDY7lVLlkDyWMC-4B1jP9gcrUVhexXtPe1x_noAKy9XEVZzMPTEjHprRM_6nGn_lTiySmoNZBaWoEyh9U7k7Ko0adRhl0HbClBKAGcIaakKSbFn_pjtXTEzw_IIErtklOsGBxtBEupdi9scn-qKly_fDq72de3nF6Li4lWvujpBskMhuI7YT0PG0uChiVWbU58uBwsqsZGHPbVFA4Ch3zEvFHWorg8dLrWeBuExZ7x88siZfWs0rRMAE0a2AxqID4AQBkgUECAQYAZIFBAgFGASgBi6AB6n4iCioB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCsgQXSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTMxNDU5ODQ2ODE1MDczOTmACgPICwHYEw2IFAOyFxoKGAgBEhRwdWItMzYwNTI1NzM2MDg1MzE4NQ&sigh=djrMHm5XN9Q&template_id=484&tpd=AGWhJmtrFZidBcxInPikPQ5oqLNlhRxrXPw07yeCXgXQQPRjXA
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
date
Fri, 04 Dec 2020 08:48:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UzIkIa1znU3GpziP0tcab5Df11mcWdOoC5PPdZxQE-caVfFGLTZkxl6yEhNIMx19yplvk2O1Detp0VtFUpzzlMApI-CfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
cf-request-id
06ce89135300002b65b6928000000001
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=19UijzoCLUrHedurm%2Be%2BtvYJ9NsRD68SAgIkdnfDIPLjfPBVEJOz6gXfki1enGi%2FwM3Cw0IZyCjqCdFaDsWjkGgUF0xnAxKThOIQJBuU4KYHzfFhQ%2Bg3IAAh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1599584677716817
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
5fc444654d382b65-FRA
expires
Fri, 04 Dec 2020 09:35:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=1331516021645192&bg=!pKelp4fNAAXKjztByliyGNNX08AudQIAAABCUgAAAAxoAQcKANyajjMH1_xyQ3G1YlI_MAfB2BCbBN9bw8No69ShQ1RMn8t0LlQUmJUVX7PPMpenW5u_I5lbw-v2DUTW_AfFrrA2rv2b6ekdtemNVTZSuo213HSDcu-Jg28yWnQWMVF8CKDUTeIPKxlgMUz1li13MtJh3EN2EnbDrjzKhjA9PHr08qFA2CeWuhlorMpjSyOefMgkCGNToSQK0xoOGOZVs5WPH_Bddi8SacON3MBaGydjiLkTuYoTVM02K3gp2aQQGJVHJO4blKFYV-JqaJ5RDVvVMHirPbK30UFVq8XKmQGySrceMqfv6m8BbZDE0sONpBuQEXyjxEdgF1VEwc9f3Je8hcGOTpzoAHUqANz5XB1TDTuje6cg4E9JxZi0yyDsRynQVMlAyePO4YBHbmXoMVd4Z0CFDjH56DGvd2bmmSQueNwhJQnyqPUnnOSJDu3ya_9vjJ4cLaBKdwEVoeTnsx53dvzCmsr55kDoVuadr0zcE-SaD8vtbzyg71MpiAhvhYiZ-Pw6Lfkw_C1CJ1qs3CgIDUC16DD1npWm2kpb6bkgBSXC0kCcciz_2sShcMQNlMtOb2nt933mkWCzymw2hU-JShUz9szJFafs1tQ8CmbzfkjX90znaSnXxR8F03GIXoRd0SVgcmHo7UDUAvvHiyVHi9z46Pc4lMWkoV-ZpRwJngZzQ0JeWQGD6uOmrPHDnqA7vhwVfmy0ROk70NmvsP0igzdvertmB3nN35Y7Lciy-BJr6W8wz-ZJ51myqmYk8mpvcBg2iwPRnhNsg-KBzIaQrEiQRIbyAuYFbmNi5IswnjFQ5OR4iG1n0R4psviEmGxgWtxuFyDRVzgwVHnmWtL1Vbj3cS56IvmK5uqd9LOy4Oc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 001A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 20:01:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
46021
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 03 Dec 2021 20:01:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 001A 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://notepad.pw
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 20:05:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
218588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Wed, 01 Dec 2021 20:05:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 001A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
77955
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 04 Dec 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 001A 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Dec 2020 22:32:00 GMT
x-content-type-options
nosniff
server
cafe
age
36973
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 04 Dec 2020 22:32:00 GMT
c
c.pub.network/ 		36 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: notepad.pw
URL: http://notepad.pw/BORELLI2602
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ee5ef6cf1e1ee8250e4f06bb6f968e1a2581df8a7acc2fd44cde67c18e1470bf

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
http://notepad.pw
Date
Fri, 04 Dec 2020 08:48:13 GMT
Access-Control-Allow-Credentials
true
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E3C 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswLCpv4_mMIkQxma_Wxh6iLdm7nyBvJItcdK49sZWZP5igf4HczUS-kn6hzZJ4ZPO-nUH3P9YgLm597wIYbcPeZkIDuTKWeQL8ycWxBuhxHyeZwrHe1xe5Eex_sg&sai=AMfl-YRmnNtcxCGHb6FZnGs_0EkRTot4XuOLpK_ldUINSPD13EZzMIGrOhUih720i4BHAnz1mNXn-FoqCX7lR7NUrmwlZJGERI6Oze7KM-V4d5lkIarRbjRLIXZdBggqz4I&sig=Cg0ArKJSzCgz_S7OQTiVEAE&cid=CAASPeRooAsskZqFWuDt-V8Vdr8hkym9lejtvix98MTdPRjxhsTHKYPhFwrJstlqOzvNoa7jB7CVLhpDalam1Jc&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=124&tls=1124&g=100&h=100&tt=1124&r=v&avms=ampa&adk=2140769806
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 001A 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBGkXu_U29lZAmf-bOcBHb0A8TR9WauuzX9mZalencj-cEidzO_fUfHU4ZKXLPKXwwQYLFO3TvARTgOx4COBjjSKTtDmqAnl2Li28X6twpfD1zV_X_tIwvFgkakapOEgrCyoU9hMcEbqKSoXpxCpCK&sai=AMfl-YRDgmvtVhJuViqTGeh08sUVXiirI4UVDl--wU2fx-onnNfCBpebN0RuNTkSCulYZSKUkw44MInw3tMKVuUy2AIf6kM1qHUaWbhwlJGUAQ8SeGD_SYXoWyE4NuYKpt1d&sig=Cg0ArKJSzAWb1C0Dew94EAE&cid=CAASPeRoE37xN2WmbZxZyalkwFo8OUdIcpfjgRqU0q9R36IO3gUhFDujgd615VGb3oxP7krIGZmit-0yrfMimSE&id=ampim&o=436,5&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=108&tls=1108&g=100&h=100&tt=1108&r=v&avms=ampa&adk=338981424
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://notepad.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 08:48:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 100B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
Date
Fri, 04 Dec 2020 08:48:18 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4059 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-15-122.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57ieEXOusT2oBmbGEUTBXyWRTFmo9QI62G1ApUF7VZeOex8mzD72YPxdOazjGf6EWVH/UvjAxUUzbHClovo4eaExqJkyAuieej/GZLgKraMB; ses2=; vis2=151312^1; khaos=KIA0ZQCI-27-E51Z; audit=1|hLZGFuTafB1mB7bTf59lmHQnVL2heOLCjDz3eQULtFVGHXsmSQbVBEwVgBMfZpi94HEYI5ehIrWMOGVKCaaiLdzpQ7vzkXQ/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"40295-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 04 Dec 2020 08:48:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9666 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIodc0EAoYASABKAEwzO-n_gU4AUABSAEQzO-n_gUYAA..; uuid2=5252954560807175839
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Dec 2020 08:48:18 GMT
Age
41922
X-Served-By
cache-lga21935-LGA, cache-fra19171-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 163858
X-Timer
S1607071699.979141,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4282 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
Date
Fri, 04 Dec 2020 08:48:18 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5D50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=85008
Expires
Sat, 05 Dec 2020 08:25:06 GMT
Date
Fri, 04 Dec 2020 08:48:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 04EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=85007
Expires
Sat, 05 Dec 2020 08:25:06 GMT
Date
Fri, 04 Dec 2020 08:48:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2ED1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.10.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://notepad.pw/BORELLI2602
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIodc0EAoYASABKAEwzO-n_gU4AUABSAEQzO-n_gUYAA..; uuid2=5252954560807175839
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://notepad.pw/BORELLI2602

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 04 Dec 2020 08:48:18 GMT
Age
41922
X-Served-By
cache-lga21935-LGA, cache-fra19130-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 163715
X-Timer
S1607071699.988606,VS0,VE0
Vary
Accept-Encoding
getuids
grid.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=h56BJB6eS6FbAw998s5_SFJmEnI&user_group=1&ssp=themediagrid
  • https://grid.bidswitch.net/getuids?bsw_uid=1bfaad57-3082-462b-a6ee-18177f1f20d9&ssp_custom_data=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid.bidswitch.net/getuids?bsw_uid=1bfaad57-3082-462b-a6ee-18177f1f20d9&ssp_custom_data=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.182.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-182-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://notepad.pw/BORELLI2602
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 08:48:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type
text/html; charset=UTF-8

Redirect headers

location
//grid.bidswitch.net/getuids?bsw_uid=1bfaad57-3082-462b-a6ee-18177f1f20d9&ssp_custom_data=
date
Fri, 04 Dec 2020 08:48:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| freestar string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs function| $ function| jQuery object| angular function| io boolean| note_created boolean| password_set number| caret string| pad_key string| url_key number| version number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka object| fsdata function| checkEnter function| swapsheets object| app object| store function| Clipboard object| wpcc function| gtag object| dataLayer function| initiate_localStorage function| update_localStorage string| input_value string| zSAEYNMkMfis string| VTjEXVFsgQ number| tDcJIhXBZv number| VhnCGFSoUJ number| VFJyhpcwZL number| dDFxArlPjV function| lMtRvsgVod object| LZCBGEpKIH number| c2 number| c1 object| lJNvKaA1H0sr function| xIGzspHpRG object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| load_script object| googletag object| fsprebid object| ggeac object| google_js_reporting_queue function| fsprebidChunk object| _pbjsGlobals boolean| sbrmp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _qevents object| _comscore function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| udm_ object| ns_p object| COMSCORE object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

10 Cookies

Domain/Path Name / Value
notepad.pw/ Name: typography
Value: %7B%22sp_class%22%3A%22not-active%22%7D
notepad.pw/ Name: fsbotchecked
Value: true
notepad.pw/ Name: adOtr
Value: b4b1ea3baa4
notepad.pw/ Name: UTGv2
Value: h46fd04adc470b29fd08c6285d663755ce48
notepad.pw/ Name: pad_cookie
Value: b18ec376823493de60d9df201a4f450ceef41ce5
notepad.pw/ Name: SPSI
Value: eb34b1aab4a30b91cb346f6779da8721
notepad.pw/ Name: sp_lit
Value: eBEnO/4kkF16rFO05nwLMA==
notepad.pw/ Name: spcsrf
Value: 21d696f6cf3f8e9b0969caed0f4c022f
notepad.pw/ Name: PRLST
Value: yR
notepad.pw/ Name: SPSE
Value: C9KkU2SmAbwJy9RkIwlWOraVjcRa3XMDChYAfpPCLSZ0pynRqh8cSjQe0diHC0HvO3HAtWWTdd0Gvpa8bJGfcA==

3 Console Messages

Source Level URL
Text
console-api info URL: https://a.pub.network/core/pubfig/pubfig.engine.4.2.4.56bf9eb9ee24bc1e4d456ffa86a6ce3df3a80d41.js(Line 1)
Message:
%cPubfig background: #00C389; color: #fff; border-radius: 3px; padding: 3px pubfig.messaging.js - Init ========== LOADING MESSAGING ==========
console-api info URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 http://notepad.pw/BORELLI2602
console-api info URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 http://notepad.pw/BORELLI2602

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

001fe339f1a5c26c5f46698dbb8a0542.safeframe.googlesyndication.com
a.pub.network
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
b.scorecardresearch.com
btlr.sharethrough.com
c.pub.network
cdn.ampproject.org
cdnjs.cloudflare.com
d.pub.network
edge.quantserve.com
encrypted-tbn1.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
live.notepad.pw
notepad.pw
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sync.srv.stackadapt.com
tpc.googlesyndication.com
wpcc.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.215.135
151.101.13.108
151.139.128.11
172.217.18.162
18.193.182.58
184.24.15.122
185.64.189.112
2.16.186.51
2.18.233.180
2.18.234.21
2600:9000:2190:d600:6:44e3:f8c0:93a1
2606:4700:20::ac43:443c
2606:4700:3031::681b:8043
2606:4700::6810:125e
2620:116:800d:21:51e4:db4b:4436:b305
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:817::2008
2a00:1450:4001:81c::2002
3.124.165.65
35.188.71.214
35.226.36.58
37.252.173.22
52.1.18.121
52.58.195.54
68.183.157.211
69.173.144.143
95.101.55.60
00f59d257000ac9a98e485bb2c0623cc3aede25188ee596ecf10d2f7cbd60c3b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049065e461efaabfd5823c511d7722d426043b6c7e1c3ff96fa425cb1be1c5a9
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
1722abb272a8ef65ed54aa88aa44c683037bb147223ef0903a6ee6ff8f37c382
1de1def243f6807e32d14e5f8bda80488e9752d43871ff0f78bf4a71dc964a21
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24c355aa5feda297ae823836e2b1a6f2d12d94285bf737756f2d3c5792bc0bb5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97
2c3f1badfdeb55620142618990105a2decef1798aa41f365589567e851a5ff63
2cd66b29e13cc5fda0203c8bd3cc6fe5448cf04ead16aa1e36adf32195a0d9e4
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
33c43d39018b07879a080935fd26fdeb82970bff929ee2d1ef3951a21d632f54
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3b144dfc41f5870097e9ee9403b1a06629861de045c45099a6fc91d077162b38
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4ad795ba3fce10f080ef4de94fc8242ee0cc4695a66ac8dd533ad99959d32de4
4ae814e9dd0e21fd2786990083607c78995749fa6d177eac499c65ad9b158ccf
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda
57b0b014f32048f0c4fb85934b82c9d0af2f3049b422474687a8986725c6cad1
5af02623e86d6d92d1b4e65626d818e9d128766d95f209e5768befc31eff4e68
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dbaab8f472717f5f659cb28deb326df6d4b858bf1025c84f366a808798c1587
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
62169124078340d57d7a38865e34f94a862df684114ebdff29030f2fb56d58db
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
687884af313dd5c3e976d8524f787b77c47268858539aec94f8ef3678ab2ceec
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d623f3bc0dd44a1845c2240b3ac3b15184cd43f7e2c780eb4d49c53fe4d89af
7f2ea7238b9927a71d7bfcedae62be3f7345754a339211c6c727f8efdfe2e120
7f743542004ddb477e1e50e10136b35dabc73d891271fce1ad425ede1d1bbb93
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
86f10b8a6df37fef05944c8e01395dcbc3fc5acf10037a61a6a9b112a436a5d0
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
8da9baae8e8c7d1ff39547fd1d4b05276ded96f92bc7bcf4bad1784dbc5d1c21
91eb4e13cfeb70e591e2212e7a09de429516a0ae7788f60ac72f085b486b688b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
964ee967649b1f69b9cf037a29aa6b37107a36b934a8c7f6aa95ec27de77533f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b38cc10165eaa929a284746279fafede8b41a5fd9719855b5fefd6bf3c721532
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4a936a73d12a7ba955236424035315b0368a6af151d40550be0b95f3e343e3
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
d7e63bc62d2e682532b6a3d5f98951432d3dd91e4afddfbb3832c19395aa827b
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee5ef6cf1e1ee8250e4f06bb6f968e1a2581df8a7acc2fd44cde67c18e1470bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeec1db90196e369511d1739cc1f4af1fae1dcca4a0133142ee654f5899397b
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
fe25fc5b7eaf28a6101f2d5521ee868039da82315d666a4a44e16ffdb53e1749
ffa2dd1068a5cb5518b51eeb0049683a102e123e7132b2030d4be2bee109d606
ffac3bdcf6f61723d012cc0e95131d7eaed3c4f711d621aaa501ed6ed3b4e921