urlscan.io logo urlscan.io
SecurityTrails logo

notepad.pw Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.notepad.pw/
Effective URL: https://notepad.pw/v26y7si2
Submission: On March 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is notepad.pw.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.
This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 151.139.128.11 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 68.183.157.211 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.188.71.214 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
30 10
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
www.notepad.pw
notepad.pw
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    68.183.157.211 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server1.wpcc.io
wpcc.io
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:443c (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.188.71.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
4    2606:4700:3035::6815:3d62 (United States)

ASN13335 (CLOUDFLARENET, US)
live.notepad.pw
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
9 cdnjs.cloudflare.com notepad.pw
cdnjs.cloudflare.com
7 notepad.pw notepad.pw
4 live.notepad.pw notepad.pw
2 www.google-analytics.com www.googletagmanager.com
notepad.pw
2 fonts.gstatic.com fonts.googleapis.com
2 wpcc.io notepad.pw
1 d.pub.network notepad.pw
1 a.pub.network notepad.pw
1 www.googletagmanager.com notepad.pw
1 fonts.googleapis.com notepad.pw
1 www.notepad.pw 1 redirects
30 11
Subject Issuer Validity Valid
notepad.pw
R3		 2021-01-11 -
2021-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
wpcc.io
Sectigo RSA Domain Validation Secure Server CA		 2020-06-22 -
2021-06-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2020-03-17 -
2021-05-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://notepad.pw/v26y7si2
Frame ID: C2985B027317FCC75AEB122EE00DBA52
Requests: 28 HTTP requests in this frame

Frame: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
Frame ID: 8E2711CA71D8ED2F9668530F2245B00A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.notepad.pw/ HTTP 307
    https://notepad.pw/v26y7si2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /fbs/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

30
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

400 kB
Transfer

1010 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.notepad.pw/ HTTP 307
    https://notepad.pw/v26y7si2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v26y7si2
notepad.pw/
Redirect Chain
  • https://www.notepad.pw/
  • https://notepad.pw/v26y7si2
30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
0ec15d27734bd1c83390ac10c83d3062fbe45d205c5248dcaac99587ad0450bc

Request headers

:method
GET
:authority
notepad.pw
:scheme
https
:path
/v26y7si2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
set-cookie
SPSI=54025703e8ce23f5db13c092395d458a; path=/; HttpOnly; SPSE=Kkegq9GQUstDkpGUUGbHb6ccA1ej965wS0msThrGSyMG825qkt/VQGny1YtBk3AM4VRg4XuVpoeFW8b+hdy8Zg==; path=/; HttpOnly; spcsrf=07f1f23a0b9338a974b6a7b59b24fdd4; path=/; SameSite=Strict; HttpOnly; expires=Wed, 10-Mar-21 11:08:06 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h4574971a15fca9b5db930d87b0ce3c57428; path=/; expires=Thu, 10-Mar-22 09:08:06 GMT pad_cookie=c3e4db99d11f8b71d6135bbf67fb026259326b82; expires=Wed, 10-Mar-2021 11:10:07 GMT; Max-Age=7200; path=/; HttpOnly sp_lit=J9Zzgu+3jHFfyPbZpJ5LhA==; path=/; SameSite=Strict; HttpOnly; expires=Wed, 10-Mar-21 09:13:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
fbs
access-control-allow-origin
*
x-hw
1615367286.cds007.lo4.hn,1615367286.cds083.lo4.sc,1615367287.cdn2-wafbe01-lhr1.stackpath.systems.-.wx,1615367287.cds083.lo4.p

Redirect headers

date
Wed, 10 Mar 2021 09:08:06 GMT
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
set-cookie
SPSI=4c35aeb6e3d982047ff70e19e5b95226; path=/; HttpOnly; SPSE=Kkegq9GQUstDkpGUUGbHb17MVJEKQM5MaTXBU8jLomlw7j5CQP3bIqeXSsvLG4Fl7tXhGobDhDH8v8iTbn6jig==; path=/; HttpOnly; spcsrf=2284f42db492b317e62935f8556eed61; path=/; SameSite=Strict; HttpOnly; expires=Wed, 10-Mar-21 11:08:06 GMT adOtr=obsvl; path=/; expires=Thu, 2 Aug 2001 20:47:11 UTC UTGv2=D-h4cd6fc7c0e76b9e6d38ceb44f47d1118c70; path=/; expires=Thu, 10-Mar-22 09:08:06 GMT pad_cookie=3a834a9a680ff8a12b12a37baaf41279b42d91ea; expires=Wed, 10-Mar-2021 11:10:07 GMT; Max-Age=7200; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
location
https://notepad.pw/v26y7si2
server
fbs
access-control-allow-origin
*
x-hw
1615367286.cds007.lo4.hn,1615367286.cds039.lo4.sc,1615367286.cdn2-wafbe03-lhr1.stackpath.systems.-.wx,1615367286.cds039.lo4.p
css
fonts.googleapis.com/ 		5 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eff5a3d9d1356ab81453eb8568ef95e031ab9b47ff0038be335b48625deeb3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 07:39:50 GMT
server
ESF
date
Wed, 10 Mar 2021 09:08:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Mar 2021 09:08:07 GMT
global.css
notepad.pw/content/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/css/global.css?229
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97

Request headers

Referer
https://notepad.pw/v26y7si2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
gzip
last-modified
Mon, 02 Oct 2017 03:48:05 GMT
server
fbs
etag
"59d1b6f5-1821"
x-hw
1615367287.cds007.lo4.hn,1615367287.cds041.lo4.sc,1615367287.cdn2-wafbe04-lhr1.stackpath.systems.-.wx,1615367287.cds041.lo4.p
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4792806
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
742
cf-request-id
08bcfdc91d00002c32759e8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-8a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DtWAerz0KOBh%2FX7BGDA937JSdBU5%2FQSWZ8%2BXM2pW7x6x0gtcxQl7JpRQhQ9u7x4hqFDhRYp5nBp4sw5C3x8mEuJIY5buOHX5HDKJCdcCiWoynz2q62K%2BxDbqsrtCXQ8usQ%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db658828292c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
555442
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6642
cf-request-id
08bcfdc91e00002c3262b92000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea8-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=isUML919%2BQLQzHJH2Lh5h%2BtpYYi6nlZlnTIhEH5MfHsvqzkvmYZWg8Rh2ejip4k%2FsO5akC5z%2FZuNyyMZ97miW9eAb585X3iUSRtrbxUnP7fGKw4FrXsX8hgiyaYGjuAuMw%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db6588282a2c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
logo-dark.png
notepad.pw/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad.pw/content/images/logo-dark.png
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda

Request headers

Referer
https://notepad.pw/v26y7si2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
last-modified
Thu, 30 Aug 2018 21:59:20 GMT
server
fbs
etag
"5b8868b8-57f4"
x-hw
1615367287.cds007.lo4.hn,1615367287.cds044.lo4.sc,1615367287.cdn2-wafbe04-lhr1.stackpath.systems.-.wx,1615367287.cds044.lo4.p
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
22516
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1162779
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26646
cf-request-id
08bcfdc93800002c328fb9f000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1499c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=isX3kXJrotCnxO24I3GXQDGL1DRi0deFZOoITvpGS8YR7BGsKsB04cBGRdlNKjCV5hq8UXsU%2FQBuctgxUqRrRNvVRQd%2B%2BRmrQ2eHQGf88jGQLIWi7TltiiGOCsvYc6soDQ%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db658858602c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		156 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3765853
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49420
cf-request-id
08bcfdc94b00002c325aace000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d27-27130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lMCKXeOlD43xYZpEj7j4dgAab0zrQI2P%2B6awo%2BMSnB2bIY%2B33bZPOpf80L8BEzbEDa43pfQ95rR28E8ByFcQawDwxB98wmRsjEe8k3Omw3gmDTSQp%2B97GdyZhS%2F74xd2pw%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db658878812c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4187380
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
677
cf-request-id
08bcfdc96a00002c3267a86000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:55 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d27-5a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PHbreSBDVS2Lf%2BJ6fuwi3cNo3x0EPSAkNIIzc0N7RxAQIYOGHr2oMXpK3vt7GtVhgQgMkK5iyeIdMGO7RDDSAGb2vmoda1%2BxFpu5EpRZUVqM%2BNPNs1y3fitPePWY03IUAw%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db6588a8c42c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
socket.io.min.js
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6412231
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19101
cf-request-id
08bcfdc97b00002c32a53ce000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-10ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lD3mYBsW7Iu2ku5ye%2FKMtQYui4MeIt8irzfns7ZOuXqa0RGGsuJ1U0esMEZjWLLMxkbTR%2FKvC2suCM2FPnltjuHUJzSWaJVFHmebesAEloARS7mL5Xexnres%2BRM%2Fn28Dmw%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db6588c8e12c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
app.min.js
notepad.pw/content/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/content/js/app.min.js?366
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e

Request headers

Referer
https://notepad.pw/v26y7si2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Aug 2018 22:33:49 GMT
server
fbs
etag
"5b8870cd-2089"
x-hw
1615367287.cds007.lo4.hn,1615367287.cds044.lo4.sc,1615367287.cdn2-wafbe04-lhr1.stackpath.systems.-.wx,1615367287.cds044.lo4.p
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
store.min.js
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6412160
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
994
cf-request-id
08bcfdc9f700002c328c34a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:28 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fdc-a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k0p%2BdZab78Mxme%2FdW7bebGIf9O6YTlvcT6HdUAL6sZJxDxgcT62lYQ1oYe751CZnId8Sd%2Fdy%2FTbWZs%2F7ydYZWbNGKrx1wvjpurLWQcwYDotB0H01PJtj4BOyPh1XtELclQ%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db658989d32c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4622413
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3005
cf-request-id
08bcfdc9fa00002c3253962000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XBQg9BGid4vjDnwKpJzx37r6GK%2Ftni5pYVvox5MIu88wB%2BYIJSxqpoSw521pOQfTO9RqFFL1%2BJGrZCGNUHAaikZMna3ix4AOIv0bXzIFuJ8Dizf5aBMWyF5L%2F%2Fg1%2F3oX6w%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db658999db2c32-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
cookieconsent.min.css
wpcc.io/lib/1.0.2/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wpcc.io/lib/1.0.2/cookieconsent.min.css
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
server1.wpcc.io
Software
nginx /
Resource Hash
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Apr 2019 15:44:29 GMT
server
nginx
etag
W/"5ca777dd-fbe"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Fri, 09 Apr 2021 09:08:07 GMT
cookieconsent.min.js
wpcc.io/lib/1.0.2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wpcc.io/lib/1.0.2/cookieconsent.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
server1.wpcc.io
Software
nginx /
Resource Hash
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 00:22:01 GMT
server
nginx
etag
W/"5f29fba9-226a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
expires
Fri, 09 Apr 2021 09:08:07 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153530698-1
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bd4393f760c27330d8f97a1cec85e789942ee733a1e44f943f1f458ba77841e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39473
x-xss-protection
0
expires
Wed, 10 Mar 2021 09:08:07 GMT
pubfig.min.js
a.pub.network/notepad-pw/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/notepad-pw/pubfig.min.js
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb852f8ce2cd763d05cc9ca094267041ec658a2465cc13804163c63989753ea

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GibBkA==, md5=YKbcjLPO8peN+NKErMMg9A==
date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
382451
x-guploader-uploadid
ABg5-UwLfjBumzg04xZjLWfaSuB_DKCHDNyCoUik_1ZyJirWnDTjOrosCCi_QJPhYbuzMzrxexV4-TFl3xek46-xVrfcw3BKRg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
cf-request-id
08bcfdca2200002c52c29dd000000001
last-modified
Thu, 25 Feb 2021 23:29:17 GMT
server
cloudflare
etag
W/"60a6dc8cb3cef2978df8d284acc320f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lrMWumDoDVSVbKQR3cqhhKyZoJAgikINuX5QNiKNzitFjC%2FFfncdLv0Xh5BFZQJvqUiBGfNlgRTda6jXSymdvRs%2B2bb%2Fm29KkcCeiA2JqLfv85O%2FQGTYXAWi"}]}
x-goog-generation
1614295757485548
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
172387
cf-ray
62db6589cd1d2c52-FRA
expires
Fri, 05 Mar 2021 22:54:56 GMT
/
notepad.pw/sbbi/ Frame 8E27 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
d3c92b5c8d5071deac6040da71673fe2976a9bf0052e98af8484f0dc2dbbbb18

Request headers

:method
GET
:authority
notepad.pw
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://notepad.pw/v26y7si2
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPSI=54025703e8ce23f5db13c092395d458a; SPSE=Kkegq9GQUstDkpGUUGbHb6ccA1ej965wS0msThrGSyMG825qkt/VQGny1YtBk3AM4VRg4XuVpoeFW8b+hdy8Zg==; spcsrf=07f1f23a0b9338a974b6a7b59b24fdd4; pad_cookie=c3e4db99d11f8b71d6135bbf67fb026259326b82; sp_lit=J9Zzgu+3jHFfyPbZpJ5LhA==; PRLST=mA; UTGv2=h4574971a15fca9b5db930d87b0ce3c57428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://notepad.pw/v26y7si2

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
server
fbs
x-accel-expires
0
access-control-allow-origin
*
x-hw
1615367287.cds007.lo4.hn,1615367287.cds005.lo4.sc,1615367287.cdn2-wafbe02-lhr1.stackpath.systems.-.i,1615367287.cds005.lo4.p
/
notepad.pw/sbbi/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notepad.pw/sbbi/?sbbpg=utMedia&vii=5h44052754790731ea81c5ef2c3af95bd5bd1b39c3009d28379b50dc4e538ca5p7q4k2g8
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://notepad.pw/v26y7si2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
x-accel-expires
0
date
Wed, 10 Mar 2021 09:08:07 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server
fbs
x-hw
1615367287.cds007.lo4.hn,1615367287.cds259.lo4.sc,1615367287.cdn2-redis02-lhr1.stackpath.systems.-.i,1615367287.cds259.lo4.p
content-type
image/gif
ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 		184 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://notepad.pw
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5394276
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97438
cf-request-id
08bcfdca30000017528fbec000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea8-2e05c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mr2leyv3JHgslbk3yCVwpGRKSOkjMCZjt741HL6mLC4Ql4uwmNpLtdCHRClLM4Nxcmjwv2aaqDwAUNCKmN58e2hpuZYpoYToaggT46ZNSF%2Bmcg92MHVmtdMvCXhi9zlNWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62db6589ebd31752-FRA
expires
Mon, 28 Feb 2022 09:08:07 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://notepad.pw
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:17:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 00:08:03 GMT
server
sffe
age
139837
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:17:30 GMT
init
d.pub.network/ 		146 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/init?key=1413undefined
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
0a6fddac33aebcb9eb94f5e65f94364c689e8e31fa99e151b2c852a25a72c4fd

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://notepad.pw
Date
Wed, 10 Mar 2021 09:08:08 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
/
live.notepad.pw/socket.io/ 		101 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NWRPBFY
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75373c10b4cd607a437fc41790828fc47946448bf70d61fb9e4ecbcb98491e1e

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:08 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2wGyYRgZFMdHjHndNOmC%2Fj8IJ2ZycjU%2BWFcjgVGGlistwXaCuwNqgoSsHmBWmhUEfJjYfQw6forRsoCK7RW4PIrSdOh6M%2BZU7hzVc55oEJyqMauYNIjSmcHnQ64%3D"}],"max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
cf-ray
62db658cde3a05d8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101
cf-request-id
08bcfdcc04000005d8b7946000000001
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://notepad.pw
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 07:56:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Sep 2020 23:50:59 GMT
server
sffe
age
436273
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Sat, 05 Mar 2022 07:56:55 GMT
/
live.notepad.pw/socket.io/ 		5 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NWRPBPG&sid=t3gp4xjLe0kZ9-hSAS5z
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:08 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mLHEKwQQFbGuSvqQHt4v0CLRnIBxUYLM7mWpl0JxWWu3F4dRexzifiPHZlYsw1V3CQH7%2F94Jhl%2FxOoE6NBAHrS5QP7gt%2BSn%2FqUKyPXJPCD%2BDH72DHHRb6TwUqsY%3D"}],"max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
cf-ray
62db65908c1305d8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5
cf-request-id
08bcfdce56000005d8d2985000000001
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153530698-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3932
date
Wed, 10 Mar 2021 08:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 10 Mar 2021 10:02:36 GMT
/
live.notepad.pw/socket.io/ 		2 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NWRPBYf&sid=t3gp4xjLe0kZ9-hSAS5z
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Mar 2021 09:08:09 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
62db6594494605d8-FRA
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NTvRYY8NdIimFTUX82bez3h6DvHwE%2B28FkehgAR%2FWNWzp18BhqXhkgJVgn%2F4dWpDr2ia6EzQAI3TJ%2BQ3Q2FlfQcTClO8lxQ%2B8Zv5H9rjQ4RC7iWb32776JsuJlU%3D"}],"max_age":604800}
content-type
text/html
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08bcfdd0ac000005d8b49c2000000001
/
live.notepad.pw/socket.io/ 		4 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=NWRPBYg&sid=t3gp4xjLe0kZ9-hSAS5z
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3d62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 09:08:09 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WSr0mNkVPEzy2%2BLrB5SZms%2FUn9N3UI4NAD8L5TbHRTdN%2Fp2j%2FLRr0x7I2v8AGUNSoXNAc82P5%2B17bDRdmBXM80357kfsAYFAIuKroVRHEt6SaABIvKdu0jGFHDM%3D"}],"max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
https://notepad.pw
access-control-allow-credentials
true
cf-ray
62db6594596005d8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4
cf-request-id
08bcfdd0b6000005d8cf152000000001
collect
www.google-analytics.com/j/ 		1 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1307146615&t=pageview&_s=1&dl=https%3A%2F%2Fnotepad.pw%2Fv26y7si2&ul=en-us&de=UTF-8&dt=notepad.pw%20%2F%20v26y7si2%20%7C%20The%20napkin%20of%20the%20internet.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1593758744&gjid=2137008088&cid=1698709400.1615367290&tid=UA-153530698-1&_gid=324477405.1615367290&_r=1&gtm=2ou2o0&z=1402076201
Requested by
Host: notepad.pw
URL: https://notepad.pw/v26y7si2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://notepad.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Mar 2021 09:08:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://notepad.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
notepad.pw/sbbi/ Frame 8E27 		426 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
fbs /
Resource Hash
8baa9ba17e5f5844e1d59c4c2b0760b012c1d1c91f9c50da7b405700ca057fb9

Request headers

:method
POST
:authority
notepad.pw
:scheme
https
:path
/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
content-length
656
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://notepad.pw
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_ga=GA1.2.1698709400.1615367290; _gid=GA1.2.324477405.1615367290; _gat_gtag_UA_153530698_1=1
Upgrade-Insecure-Requests
1
Origin
https://notepad.pw
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=mA&sbbgs=h4574971a15fca9b5db930d87b0ce3c57428&ddl=1

Response headers

date
Wed, 10 Mar 2021 09:08:11 GMT
cache-control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
set-cookie
SPSI=f3421b3683cc8b6c02dded22bed5d422; path=/; HttpOnly; SPSE=R8mN7pK9l03uimz4AypyurCHLTSFDAD4XbF1JHkz8QAywDXF5WPsmRBdLeRWDyBOdi8cg6CV0wjkQKqmYBFfiA==; path=/; HttpOnly;
server
fbs
x-accel-expires
0
access-control-allow-origin
*
x-hw
1615367291.cds007.lo4.hn,1615367291.cds203.lo4.sc,1615367291.cdn2-wafbe01-lhr1.stackpath.systems.-.i,1615367291.cds203.lo4.p

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| freestar string| sbbvscc string| sbbgscc function| genPid function| nsbbfetch function| sbbgc function| addmg function| addprid function| sbbeccf function| m2vr function| sbbls string| y string| x string| gprid object| sbbeccfi string| sbbgs function| $ function| jQuery object| angular function| io boolean| note_created boolean| password_set number| caret string| pad_key string| url_key number| version function| checkEnter function| swapsheets object| app object| store object| fsdata number| lX number| lY string| csr object| otr object| cnv string| lk__ function| setUGEvals number| tt number| sbbtstflgsbbhbka boolean| sbbhbka object| wpcc function| gtag object| dataLayer function| initiate_localStorage function| update_localStorage string| input_value string| zSAEYNMkMfis string| VTjEXVFsgQ number| tDcJIhXBZv number| VhnCGFSoUJ number| VFJyhpcwZL number| dDFxArlPjV function| lMtRvsgVod object| LZCBGEpKIH number| c2 number| c1 object| fkggYSMQMuwF function| xIGzspHpRG object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData boolean| sbrmp

11 Cookies

Domain/Path Name / Value
notepad.pw/ Name: typography
Value: %7B%22sp_class%22%3A%22not-active%22%7D
.notepad.pw/ Name: __cfduid
Value: d19999237bc9e20c889a1e6e9dae44f181615367287
notepad.pw/ Name: adOtr
Value: 5247530e0c8
notepad.pw/ Name: fsbotchecked
Value: true
notepad.pw/ Name: UTGv2
Value: h4574971a15fca9b5db930d87b0ce3c57428
notepad.pw/ Name: pad_cookie
Value: c3e4db99d11f8b71d6135bbf67fb026259326b82
notepad.pw/ Name: SPSI
Value: 54025703e8ce23f5db13c092395d458a
notepad.pw/ Name: sp_lit
Value: J9Zzgu+3jHFfyPbZpJ5LhA==
notepad.pw/ Name: spcsrf
Value: 07f1f23a0b9338a974b6a7b59b24fdd4
notepad.pw/ Name: PRLST
Value: mA
notepad.pw/ Name: SPSE
Value: Kkegq9GQUstDkpGUUGbHb6ccA1ej965wS0msThrGSyMG825qkt/VQGny1YtBk3AM4VRg4XuVpoeFW8b+hdy8Zg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
cdnjs.cloudflare.com
d.pub.network
fonts.googleapis.com
fonts.gstatic.com
live.notepad.pw
notepad.pw
wpcc.io
www.google-analytics.com
www.googletagmanager.com
www.notepad.pw
151.139.128.11
2606:4700:20::ac43:443c
2606:4700:3035::6815:3d62
2606:4700::6810:135e
2a00:1450:4001:801::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::200a
35.188.71.214
68.183.157.211
0a6fddac33aebcb9eb94f5e65f94364c689e8e31fa99e151b2c852a25a72c4fd
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0ec15d27734bd1c83390ac10c83d3062fbe45d205c5248dcaac99587ad0450bc
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda
5bd4393f760c27330d8f97a1cec85e789942ee733a1e44f943f1f458ba77841e
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75373c10b4cd607a437fc41790828fc47946448bf70d61fb9e4ecbcb98491e1e
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
8baa9ba17e5f5844e1d59c4c2b0760b012c1d1c91f9c50da7b405700ca057fb9
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
d3c92b5c8d5071deac6040da71673fe2976a9bf0052e98af8484f0dc2dbbbb18
dbb852f8ce2cd763d05cc9ca094267041ec658a2465cc13804163c63989753ea
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
eff5a3d9d1356ab81453eb8568ef95e031ab9b47ff0038be335b48625deeb3e7
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375