notepad.pw Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://notepad.pw/
Effective URL:
https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Submission: On January 13 via api (January 13th 2024, 8:21:09 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 41 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is notepad.pw. The Cisco Umbrella rank of the primary domain is 447575.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.

This is the only time notepad.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3034::6815:137c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:15ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::ac43:ae34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:1901:0:3... 2600:1901:0:328a::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223f:6400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
41	14

11 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

notepad.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:137c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:ae34 (United States)

ASN13335 (CLOUDFLARENET, US)

live.notepad.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

cumbersomecarpenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	notepad.pw 1 redirects notepad.pw — Cisco Umbrella Rank: 447575 live.notepad.pw — Cisco Umbrella Rank: 779389	81 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	204 KB
5	websitepolicies.io 2 redirects www.websitepolicies.io — Cisco Umbrella Rank: 197229 cdn.websitepolicies.io — Cisco Umbrella Rank: 71669	11 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
3	cumbersomecarpenter.com cumbersomecarpenter.com — Cisco Umbrella Rank: 27152	24 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 5233	2 KB
2	pub.network a.pub.network — Cisco Umbrella Rank: 4542 d.pub.network — Cisco Umbrella Rank: 4793	25 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	153 KB
2	wpcc.io 2 redirects wpcc.io — Cisco Umbrella Rank: 114867	760 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 721	481 B
1	gstatic.com fonts.gstatic.com	39 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
41	12

	Domain	Requested by
11	notepad.pw	1 redirects notepad.pw
9	cdnjs.cloudflare.com	notepad.pw cdnjs.cloudflare.com
4	live.notepad.pw	notepad.pw
3	cumbersomecarpenter.com	a.pub.network notepad.pw
3	cdn.websitepolicies.io	notepad.pw wpcc.io
2	optimise.net	notepad.pw
2	www.google-analytics.com	www.googletagmanager.com notepad.pw
2	www.googletagmanager.com	notepad.pw www.googletagmanager.com
2	www.websitepolicies.io	2 redirects
2	wpcc.io	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	static.adsafeprotected.com	notepad.pw
1	d.pub.network	notepad.pw
1	fonts.gstatic.com	fonts.googleapis.com
1	a.pub.network	notepad.pw
1	fonts.googleapis.com	notepad.pw
41	16

This site contains links to these domains. Also see Links.

Domain
www.internetcookies.com
notepad-static.s3.amazonaws.com
about.notepad.pw
www.facebook.com
twitter.com
reddit.com

Subject Issuer	Validity	Valid
notepad.pw R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.websitepolicies.io R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
cumbersomecarpenter.com R3	`2023-12-28` - `2024-03-27`	3 months	crt.sh
optimise.net GTS CA 1D4	`2023-11-19` - `2024-02-17`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Frame ID: A4F078A0147375E9F78459C9DD6704E8
Requests: 35 HTTP requests in this frame

Frame: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Frame ID: 3781EC41C0E4148CC112F66D2588C9CE
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

notepad.pw / qUJ9JaC0aq1yfeMdoYZu | The napkin of the internet.

Page URL History Show full URLs

http://notepad.pw/ HTTP 307
https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

81 %
IPv6

12
Domains

16
Subdomains

14
IPs

2
Countries

562 kB
Transfer

1384 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.internetcookies.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://notepad-static.s3.amazonaws.com/Notepad.pw+Terms+of+Use.pdf
Title: Terms

Search URL Search Domain Scan URL

URL: https://about.notepad.pw/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://notepad.pw/share/RPydPNthkYsOJP3nNdNM

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=notepad.pw&url=https://notepad.pw/share/RPydPNthkYsOJP3nNdNM

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://notepad.pw/share/RPydPNthkYsOJP3nNdNM&title=notepad.pw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://notepad.pw/ HTTP 307
https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://wpcc.io/lib/1.0.2/cookieconsent.min.css HTTP 301
https://www.websitepolicies.io/lib/1.0.2/cookieconsent.min.css HTTP 301
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Request Chain 13

https://wpcc.io/lib/1.0.2/cookieconsent.min.js HTTP 301
https://www.websitepolicies.io/lib/1.0.2/cookieconsent.min.js HTTP 301
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request qUJ9JaC0aq1yfeMdoYZu Show response
notepad.pw/
Redirect Chain

http://notepad.pw/
https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

31 KB
13 KB

296ms
232ms

Document
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: 86f662a9142643f0b524e19291ebef4bd273f92765b16021d03ee104bf59b3d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: fbs
Transfer-Encoding: chunked
X-HW: 1705177262.cds236.fr8.hn,1705177262.cds219.fr8.sc,1705177262.waf1-node01-fra02.stackpath.systems.-.wx,1705177262.cds219.fr8.p

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Pragma: no-cache
Server: fbs
Transfer-Encoding: chunked
X-HW: 1705177262.cds223.fr8.h2,1705177262.cds269.fr8.sc,1705177262.waf1-node01-fra02.stackpath.systems.-.wx,1705177262.cds269.fr8.p

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 1869ms
37ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

098d5671fe5bd7e95f65a70a54157198ad4e8a0b6f6662f5e7929c012fdafd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 19:19:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 20:21:04 GMT

GET
H/1.1 200
OK global.css
notepad.pw/content/css/ 6 KB
6 KB 226ms
223ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/content/css/global.css?229
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: 2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 20:21:02 GMT
Last-Modified: Mon, 02 Oct 2017 03:48:05 GMT
Server: fbs
ETag: "59d1b6f5-1821"
X-HW: 1705177262.cds236.fr8.hn,1705177262.cds203.fr8.sc,1705177262.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1705177262.cds203.fr8.p
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6177

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/ 2 KB
1 KB 192ms
50ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/6.0.0/normalize.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2073673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 742
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-8a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmUTk0OjFS507j%2FdxYuxB57dcj0I3pvMaFc5wEWS2s01AFQAtKUv42uauJaobwwJTYXDCgwU%2FJmoEP75dsTtR7nHZThEs886EiUN2WqfJzKh1zya%2BJ6ilQ2wcUEgkVZBfSjsD9WAL8fs3qvo81ICJ0NH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057e44c433a98-FRA
expires: Thu, 02 Jan 2025 20:21:02 GMT

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ 50 KB
7 KB 190ms
48ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 265672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6642
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo5lJsHX2uqM6r0KoGwzuQ6DrFgSQmExAA2r%2FvSMYqa0jyn9bg%2FFK2Oss5CwU0JLZHLpfyqExnxajp5SiWfPgkgd1zKJJYM470kIhdPqkQJUayHwJ5RjqblYUj4mTSKi5LQbk5GZMV2%2B8thNWUlMhLn6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057e44c413a98-FRA
expires: Thu, 02 Jan 2025 20:21:02 GMT

GET
H/1.1 200
OK logo-dark.png
notepad.pw/content/images/ 22 KB
22 KB 394ms
332ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notepad.pw/content/images/logo-dark.png
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: 560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 20:21:02 GMT
Last-Modified: Thu, 30 Aug 2018 21:59:20 GMT
Server: fbs
ETag: "5b8868b8-57f4"
X-HW: 1705177262.cds272.fr8.hc,1705177262.cds201.fr8.sc,1705177262.waf1-node02-fra02.stackpath.systems.-.wx,1705177262.cds201.fr8.p
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22516

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 82 KB
26 KB 193ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3852770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26646
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BBqAVLAASzm3bgBPmmA4G9PUmVDuSsDPLCFikPzey9d4Pw%2BcXv8qsba6KMz04bnw5tNzyPmkgJcJ3V0IpucPETK8qHIm60Dla4n56wbdYzH4TuCiYFchVM8%2BEroaLomxxShgCPnydDGqk9tB32iecB0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057e44c453a98-FRA
expires: Thu, 02 Jan 2025 20:21:02 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 156 KB
49 KB 77ms
76ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5235489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 49420
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-27130"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzzJcOl4HkcBxbEtnNT1NOFuD4ew6z37hHSn5Z4LU1P3VfRZ9da1W7xXvaU2kSIeKWKvc5PT4tezEviGDlAUVPCYH7Q3e1yI19%2B8yfiQFx78Fvk5qS58iY8hn099hmNnG%2BpGgMqF%2BMoNAXgyQP3eRTi6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057e56da63a98-FRA
expires: Thu, 02 Jan 2025 20:21:02 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/ 1 KB
1 KB 813ms
813ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-cookies.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3769540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 677
last-modified: Mon, 04 May 2020 16:04:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d27-5a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w42Hab3IN%2Fv%2F4lTQ6HeN1zx%2BUZIgQ%2FeTK6IwJmlTtC9qWAGtyJElUFfb3NJMm5HJYTIlMuDWTFXUorSz4y5TKi4LnD4bNdTdnyFPy%2Fr3agRhO7lziJ%2BuIkjOyKqMNqsLt8BpQRcrQbuUYrCzT%2F%2B7BkKK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057e61e7b3a98-FRA
expires: Thu, 02 Jan 2025 20:21:03 GMT

GET
H2 200 socket.io.min.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/ 68 KB
19 KB 40ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/1.4.8/socket.io.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5253864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19101
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-10ec3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TpJbq9L1i3DKc3rY3jh8CNA8NEFz2zgOhujoxLzZXI0i21f7wEIE%2Bfwde0fQzMvfrOJeEW4irV%2FZiAyAYocZuUkVtp9cYPd3rRYGDPYHz4H42rDqvp9zxiuWVqMVeRtckSdR60atX5K7PXJWtrA4lGF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057eb3cca3a98-FRA
expires: Thu, 02 Jan 2025 20:21:03 GMT

GET
H/1.1 200
OK app.min.js Show response
notepad.pw/content/js/ 8 KB
9 KB 231ms
231ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/content/js/app.min.js?366
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 20:21:04 GMT
Last-Modified: Thu, 30 Aug 2018 22:33:49 GMT
Server: fbs
ETag: "5b8870cd-2089"
X-HW: 1705177263.cds272.fr8.hc,1705177263.cds252.fr8.sc,1705177264.waf1-node03-fra02.stackpath.systems.-.wx,1705177264.cds252.fr8.p
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8329

GET
H3 200 store.min.js Show response
cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/ 3 KB
2 KB 40ms
40ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/store.js/1.3.20/store.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6364252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 994
last-modified: Mon, 04 May 2020 16:16:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fdc-a35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPjeD0IRdAdNKOBO9%2FCBxxpdATKcfxWa5BPD4%2FR9BlK85Gljn%2BoPclsDTC8Z93PJd2rvnQKiDZW4MDXFXDQAfVTg005HkZg27EFWrgxHMZtEEAp3ZXbRO9dVNYkeqdksYqyYYcVTuFsG0weHiF0D0Db5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057ebfa6203c4-FRA
expires: Thu, 02 Jan 2025 20:21:03 GMT

GET
H3 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/ 11 KB
4 KB 42ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.7.1/clipboard.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4032597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3005
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2aa5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB%2B1GQIK8e8iZHCeoxV5LgfKh39RcYAGSimgEktgaP9cS1OT8LBoVXtGAvvd2gfOkTGilUAG%2F9xRgvPoxUFt%2FPk0OTXC0jvcke7S4AVkZsyYZb8Ur%2FS4LJzXwK0jFCFQjd5EN6xAgpGAELD6ffPn8zKa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057ec3ab003c4-FRA
expires: Thu, 02 Jan 2025 20:21:04 GMT

GET
H2

200

cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/
Redirect Chain

https://wpcc.io/lib/1.0.2/cookieconsent.min.css
https://www.websitepolicies.io/lib/1.0.2/cookieconsent.min.css
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

4 KB
2 KB

90ms
24ms

Stylesheet
text/css

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.03
etag: W/"63654fd3-1023"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 06 Aug 2023 01:18:57 GMT
date: Sat, 13 Jan 2024 20:21:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:18:57
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Nov 2022 17:45:55 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uR%2BUwinlEDhkq%2B1WU8mo9r8EUm0A87drrg2%2Fzm1nj7ToPRrwQKmNBbq3EYN4X%2BDSrnphKgDUxvtGfGmT5MDgwrHzX7NamDVplMqvCYYX9nCeX4KmOvjWE0g5mD35PefA%2FnjwKJfX1Ou"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: ddf38a034617fdb472d2b2632c8053da
cf-ray: 7e2c41a90f939030-FRA
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sat, 13 Jan 2024 20:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92hxOc0hANxRYUS0mcBfRlxcClsJh5JPdA8ZakN1XWswcIyFLlr6%2BY6J5vRJMR49Hqs9exFWNlmhovF2Oq3zAtsh%2FFbqqooCvVrWiI2mn58pRQsocMd7w%2BA1O4xymCvZrDX%2BB7DWGDYJfeApOGb1E90Wkpnp"}],"group":"cf-nel","max_age":604800}
location: https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css
cache-control: max-age=3600
cf-ray: 845057ed6c5e65ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 13 Jan 2024 21:21:04 GMT

GET
H2

200

cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/
Redirect Chain

https://wpcc.io/lib/1.0.2/cookieconsent.min.js
https://www.websitepolicies.io/lib/1.0.2/cookieconsent.min.js
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

13 KB
6 KB

12ms
12ms

Script
application/javascript

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

73c99e6dcaeb871bb0b4958181aecd48c231c639b3a61230a548d5866ba64748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.04
etag: W/"62866b77-32cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 30 Nov 2023 18:07:56 GMT
date: Sat, 13 Jan 2024 20:21:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1081
cdn-cachedat: 10/31/2023 18:07:56
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Thu, 19 May 2022 16:08:23 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mAFkbi6SYNM8P1kardUYW6txaLemgPm8Zp0LyLOumlLIpM6ibsVC4E4u3zhoDC7XswBaHiC%2BaBThHf06Xlh7RcHO0bcejEU0SSjIpkbztD0V48wXJqByOyXZ6SkNZ4mo5ky22OgT4p6"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: bfbd7cf1fa91cfb9e6718dc954f87109
cf-ray: 81edd7293a7971ce-LHR
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sat, 13 Jan 2024 20:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bw1zcBv9WUctkEWyT6L98j8fNdCupcf%2FDO88w%2BpsCI2KCUwmstJj65P1QPyMUUdK%2Fc5nr05xcUFkV8dHd%2BSXBwILv%2FoA56OzIAiZZT5pZ4x%2BmfJAjqbJTZGqbTPYRGLCnpWc5pk3rtyBgV93efigrn%2FbUtZ"}],"group":"cf-nel","max_age":604800}
location: https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js
cache-control: max-age=3600
cf-ray: 845057ee4d6765ad-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 13 Jan 2024 21:21:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
69 KB 95ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML9KQJN

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23405cfe228eabfbea9d0fb2300818d43dcfb543e3fbcaa380abfe82a68f77ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70639
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 20:21:04 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/notepad-pw/ 52 KB
20 KB 112ms
40ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/notepad-pw/pubfig.min.js
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c38d5ce9861f3d7ef3122ad9db55b2070fc8a0dfc9c23636d6024665f30296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 90808
x-guploader-uploadid: ABPtcPpHRUDHSYniuvxJrJRUwU7uK4Es8c6rx1_ZQnMtgELsdBGX_jI-d2gkw27A4Uu1-R0Valg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 12 Jan 2024 19:01:15 GMT
server: cloudflare
etag: W/"0920b63e95798d397d06fbcbf76fea01"
vary: Accept-Encoding
x-goog-generation: 1705086075890981
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=iIET7w==, md5=CSC2PpV5jTl9BvvL92/qAQ==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 53393
cf-ray: 845057ef8a406958-FRA
link: <https://d.pub.network/v2/sites/notepad-pw/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sat, 13 Jan 2024 20:51:04 GMT

GET
H/1.1 200
OK / Show response
notepad.pw/sbbi/ Frame 3781 25 KB
11 KB 45ms
44ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF&sbbgs=h47943451f5ea797ccad23a3b00e9916b664&ddl=2
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: d3990d6f2ba6ab5e8a41bea670c3c4ae5294c02f0648772f307cc3a713895e0f

Request headers

Referer: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:04 GMT
Server: fbs
Transfer-Encoding: chunked
X-Accel-Expires: 0
X-HW: 1705177264.cds236.fr8.hn,1705177264.cds265.fr8.sc,1705177264.cdn2-wafbe03-fra1.stackpath.systems.-.i,1705177264.cds265.fr8.p

GET
H/1.1 200
OK /
notepad.pw/sbbi/ 43 B
497 B 46ms
45ms Image
image/gif 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notepad.pw/sbbi/?sbbpg=utMedia&vii=cha4971944438425e10f95ae5ac799b78cbc7adda2038ab3ebe0f0ee39e9b1b6vbg6k6g4
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

X-Accel-Expires: 0
Date: Sat, 13 Jan 2024 20:21:04 GMT
Server: fbs
Transfer-Encoding: chunked
X-HW: 1705177264.cds272.fr8.hc,1705177264.cds204.fr8.sc,1705177264.waf1-node01-fra02.stackpath.systems.-.i,1705177264.cds204.fr8.p
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive

GET
H3 200 ionicons.ttf
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ 184 KB
96 KB 65ms
29ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Origin: https://notepad.pw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5665816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 97438
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-2e05c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFyOcIjKhc%2FkUkbMvWwHnbRWYYbSBQThphbp7n4wigWUe8e4UWB8%2FdpE7xyLkVdH1Fy5EE7vtLhoOIqjmsS478PHu%2BSa06gOkz752sLUA17fPFpo%2BkLLO%2B%2F%2BDSXCHysY2EDkQzjpQ2UYllgrcODLZYw3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 845057ef6b23381b-FRA
expires: Thu, 02 Jan 2025 20:21:04 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 39 KB
39 KB 79ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://notepad.pw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:59:23 GMT
x-content-type-options: nosniff
age: 15701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39552
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:09:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 15:59:23 GMT

GET
H2 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/ 4 KB
2 KB 17ms
16ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Requested by

Host: wpcc.io
URL: https://wpcc.io/lib/1.0.2/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.03
etag: W/"63654fd3-1023"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 06 Aug 2023 01:18:57 GMT
date: Sat, 13 Jan 2024 20:21:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:18:57
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Nov 2022 17:45:55 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uR%2BUwinlEDhkq%2B1WU8mo9r8EUm0A87drrg2%2Fzm1nj7ToPRrwQKmNBbq3EYN4X%2BDSrnphKgDUxvtGfGmT5MDgwrHzX7NamDVplMqvCYYX9nCeX4KmOvjWE0g5mD35PefA%2FnjwKJfX1Ou"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: c52cd9b625bdc3cfabb37e4a566b5f35
cf-ray: 7e2c41a90f939030-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
live.notepad.pw/socket.io/ 101 B
728 B 383ms
224ms XHR
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=Oq4V36_
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7eadf7fe09f621117d8d79d89ee410bdc3d49cfc620d0fdf71536afc443a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705177264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GDE%2Bpf%2BQyuXBURc8vYqgQIEd2C2MLPOUMIl53vcjgyQ%3D"}]}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 845057f0bc9b3c93-CDG
alt-svc: h3=":443"; ma=86400
content-length: 101
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705177264&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=GDE%2Bpf%2BQyuXBURc8vYqgQIEd2C2MLPOUMIl53vcjgyQ%3D

GET
H2 200 configs
d.pub.network/v2/sites/notepad-pw/ 28 KB
5 KB 130ms
49ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/notepad-pw/configs?env=PROD
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 4202eff4a3f6612adc904288a3b282191f1a8912f928ff5628dec50e21302ad3

Request headers

Referer: https://notepad.pw/
Origin: https://notepad.pw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 aa4bedc5a40f1ca819aea2b6d21192dc-prod.js Show response
cumbersomecarpenter.com/static/a56326/ 68 KB
24 KB 126ms
45ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cumbersomecarpenter.com/static/a56326/aa4bedc5a40f1ca819aea2b6d21192dc-prod.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/notepad-pw/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0d7caebae1e35421be2bdb1e9dcfe30b01f16d2da55c0b2acd696ca69b036c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sat, 13 Jan 2024 20:21:04 GMT
x-datacenter: gce-europe-west1
etag: "f191872ea1c5f401a819d0454b65095d4b65c2246c5591bba88dd9cc4915ec99"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-xmqk
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 79ms
75ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0E2CT7YLRP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML9KQJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0a301a682c0d67b68c3a1aa6d3d2e76c591ebaf6c280e7144c41a74495bb395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 20:21:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ML9KQJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 19:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1971
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Jan 2024 21:48:13 GMT

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 454ms
92ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=notepad.pw&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://notepad.pw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://notepad.pw
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sat, 13 Jan 2024 20:21:05 GMT
expires: 0
fs-client-rtt: 33
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 2 KB
2 KB 120ms
39ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=notepad.pw&t=desktop

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

ff9a68c2f91ae8d442918aeb6ba6aea1dc72393247b0a8fa40047ac1a9a501b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://notepad.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 20:21:05 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
fs-client-rtt: 37
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://notepad.pw
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 520ms
24ms Image
image/gif 2600:9000:223f:6400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=jzvgq_728x90_
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2861482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: oMPVrzOK6K7oeu3WSzy9KulUO2pKRz7a3ho6MPgHe7AelS7E2imVMQ==

POST
H/1.1 200
OK / Show response
notepad.pw/sbbi/ Frame 3781 532 B
839 B 44ms
43ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF&sbbgs=h47943451f5ea797ccad23a3b00e9916b664&ddl=2
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://notepad.pw
Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF&sbbgs=h47943451f5ea797ccad23a3b00e9916b664&ddl=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:04 GMT
Server: fbs
Transfer-Encoding: chunked
X-Accel-Expires: 0
X-HW: 1705177264.cds272.fr8.hc,1705177264.cds264.fr8.sc,1705177264.waf1-node01-fra02.stackpath.systems.-.i,1705177264.cds264.fr8.p

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 406ms
198ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0E2CT7YLRP&gtm=45je41a0v882814708z8855627373&_p=1705177264483&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=539677219.1705177265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705177264&sct=1&seg=0&dl=https%3A%2F%2Fnotepad.pw%2FqUJ9JaC0aq1yfeMdoYZu&dt=notepad.pw%20%2F%20qUJ9JaC0aq1yfeMdoYZu%20%7C%20The%20napkin%20of%20the%20internet.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2850
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0E2CT7YLRP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 20:21:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 43ms
42ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=143013049&t=pageview&_s=1&dl=https%3A%2F%2Fnotepad.pw%2FqUJ9JaC0aq1yfeMdoYZu&ul=en-us&de=UTF-8&dt=notepad.pw%20%2F%20qUJ9JaC0aq1yfeMdoYZu%20%7C%20The%20napkin%20of%20the%20internet.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1059576967&gjid=1553140438&cid=539677219.1705177265&tid=UA-153530698-1&_gid=2015563299.1705177265&_r=1&_slc=1&gtm=45He41a0n81ML9KQJNv855627373&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1339340107

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://notepad.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 20:21:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://notepad.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
notepad.pw/sbbi/ Frame 3781 25 KB
11 KB 51ms
51ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: 711bc24ebd4b69a7236442327c48725bbbafb5d039e9c8da063abe10ec1ca2d3

Request headers

Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF&sbbgs=h47943451f5ea797ccad23a3b00e9916b664&ddl=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:04 GMT
Server: fbs
Transfer-Encoding: chunked
X-Accel-Expires: 0
X-HW: 1705177264.cds272.fr8.hc,1705177264.cds276.fr8.sc,1705177264.waf1-node01-fra02.stackpath.systems.-.i,1705177264.cds276.fr8.p

GET
H2 200 / Show response
live.notepad.pw/socket.io/ 5 B
366 B 526ms
525ms XHR
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=Oq4V3D2&sid=86EFlOuBbPRGAcf5AFbl
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:05 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D"}]}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 845057f22f3d3c93-CDG
alt-svc: h3=":443"; ma=86400
content-length: 5
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D

POST
H/1.1 200
OK / Show response
notepad.pw/sbbi/ Frame 3781 532 B
839 B 61ms
60ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://notepad.pw
Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:05 GMT
Server: fbs
Transfer-Encoding: chunked
X-Accel-Expires: 0
X-HW: 1705177265.cds272.fr8.hc,1705177265.cds247.fr8.sc,1705177265.waf1-node02-fra02.stackpath.systems.-.i,1705177265.cds247.fr8.p

GET
H/1.1 200
OK / Show response
notepad.pw/sbbi/ Frame 3781 7 KB
3 KB 94ms
93ms Document
text/html 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: fbs /
Resource Hash: 005a0afb452e7fd625371d84b79253942c8bda8c22c504e74165055443ea59ff

Request headers

Referer: https://notepad.pw/sbbi/?sbbpg=sbbShell&gprid=WF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 20:21:05 GMT
Server: fbs
Transfer-Encoding: chunked
X-Accel-Expires: 0
X-HW: 1705177265.cds272.fr8.hc,1705177265.cds342.fr8.sc,1705177265.cdn2-wafbe01-fra1.stackpath.systems.-.i,1705177265.cds342.fr8.p

POST
H3 200 3f4498bad8b313e05fd4241b29ae399d14ea1e1161c7c92 Show response
cumbersomecarpenter.com/send/59b3079/ 303 B
330 B 72ms
38ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cumbersomecarpenter.com/send/59b3079/3f4498bad8b313e05fd4241b29ae399d14ea1e1161c7c92

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6bf88b23ff7bbf8878bcb9e7954758ba67d36f7e14db16213da9866eab707b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://notepad.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 13 Jan 2024 20:21:05 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://notepad.pw
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 13 Jan 2024 20:21:04 GMT

POST
H3 200 3f4498bad8b313e05fd4241b29ae399d14ea1e1161c7c92 Show response
cumbersomecarpenter.com/58b3079/ 3 B
29 B 30ms
29ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cumbersomecarpenter.com/58b3079/3f4498bad8b313e05fd4241b29ae399d14ea1e1161c7c92

Requested by

Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://notepad.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 13 Jan 2024 20:21:05 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://notepad.pw
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 13 Jan 2024 20:21:04 GMT

POST
H3 200 / Show response
live.notepad.pw/socket.io/ 2 B
613 B 234ms
234ms XHR
text/html 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=Oq4V3LI&sid=86EFlOuBbPRGAcf5AFbl
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://notepad.pw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Jan 2024 20:21:05 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D"}]}
content-type: text/html
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 845057f56db365f1-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D

GET
H3 200 / Show response
live.notepad.pw/socket.io/ 4 B
584 B 259ms
259ms XHR
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.notepad.pw/socket.io/?EIO=3&transport=polling&t=Oq4V3LI.0&sid=86EFlOuBbPRGAcf5AFbl
Requested by: Host: notepad.pw
URL: https://notepad.pw/qUJ9JaC0aq1yfeMdoYZu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://notepad.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 20:21:05 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D"}]}
content-type: application/octet-stream
access-control-allow-origin: https://notepad.pw
access-control-allow-credentials: true
cf-ray: 845057f56db565f1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1705177265&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=mdTSPnOzZl4Sc8hQnPp2F6QtE8XGZ%2FDq%2F2hR0bd0GaI%3D

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.notepad.pw/socket.io	1969-12-31 23:59:59	Name: io Value: 86EFlOuBbPRGAcf5AFbl
notepad.pw/	1969-12-31 23:59:59	Name: SPSI Value: ca914482e09a5c9b8b7da08beefe3ebb
notepad.pw/	1969-12-31 23:59:59	Name: SPSE Value: SK9tL/2hkgECamj5Ke25aIBB3eVv/FQyRGB12YjhnyRmIkVAFMGOZVQ8s1TF3F1Wp1S6olMvv0MAWxFKwrDxkQ==
notepad.pw/	1970-01-20 17:39:44	Name: pad_cookie Value: be2d7a010f4964fbe72a88fb48fb8077db4178f4
notepad.pw/	1970-01-20 17:39:44	Name: spcsrf Value: ab65ac0e796cf71754e8dcca5cf1954d
notepad.pw/	1970-01-20 17:39:37	Name: sp_lit Value: m8lTxpIezt+NDV4rbNF51w==
notepad.pw/	1969-12-31 23:59:59	Name: PRLST Value: WF
notepad.pw/	1970-01-20 21:58:49	Name: UTGv2 Value: h47943451f5ea797ccad23a3b00e9916b664
notepad.pw/	1970-01-20 17:54:01	Name: typography Value: %7B%22sp_class%22%3A%22not-active%22%7D
notepad.pw/	1969-12-31 23:59:59	Name: adOtr Value: 41a4c29e890
.pub.network/	1970-01-21 03:15:37	Name: _fsuid Value: dc35c783-dab2-4e78-addd-ac4a7ecf82d9
.notepad.pw/	1970-01-21 03:15:37	Name: _ga_0E2CT7YLRP Value: GS1.1.1705177264.1.0.1705177264.0.0.0
.notepad.pw/	1970-01-21 03:15:37	Name: _ga Value: GA1.2.539677219.1705177265
.notepad.pw/	1970-01-20 17:41:03	Name: _gid Value: GA1.2.2015563299.1705177265
.notepad.pw/	1970-01-20 17:39:37	Name: _gat_UA-153530698-1 Value: 1
.notepad.pw/	1970-01-21 03:08:25	Name: _awl Value: 2.1705177265.5-b7794301254b4622e42d995e7304c33b-6763652d6575726f70652d7765737431-0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
cdn.websitepolicies.io
cdnjs.cloudflare.com
cumbersomecarpenter.com
d.pub.network
fonts.googleapis.com
fonts.gstatic.com
live.notepad.pw
notepad.pw
optimise.net
region1.google-analytics.com
static.adsafeprotected.com
wpcc.io
www.google-analytics.com
www.googletagmanager.com
www.websitepolicies.io
151.139.128.11
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2600:1901:0:328a::1
2600:9000:223f:6400:8:48e:53c0:93a1
2606:4700:3034::6815:137c
2606:4700:3037::ac43:ae34
2606:4700::6811:180e
2606:4700::6812:15ce
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a06:98c1:3121::3
34.111.152.239
34.160.152.31
005a0afb452e7fd625371d84b79253942c8bda8c22c504e74165055443ea59ff
098d5671fe5bd7e95f65a70a54157198ad4e8a0b6f6662f5e7929c012fdafd89
0d7caebae1e35421be2bdb1e9dcfe30b01f16d2da55c0b2acd696ca69b036c06
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23405cfe228eabfbea9d0fb2300818d43dcfb543e3fbcaa380abfe82a68f77ad
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b60310189012686567c541c72a40acf74adb416bdc524008822d6c7c73ccd97
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
4202eff4a3f6612adc904288a3b282191f1a8912f928ff5628dec50e21302ad3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
55b731aa03064189b7abca9931deb7b844c75d7664aacecc1356c4bc0635c4af
560ee8213cda78828e88fbcbe2fbe6d3337d563384ea57d344ce3e3559da1dda
6bf88b23ff7bbf8878bcb9e7954758ba67d36f7e14db16213da9866eab707b57
711bc24ebd4b69a7236442327c48725bbbafb5d039e9c8da063abe10ec1ca2d3
73c99e6dcaeb871bb0b4958181aecd48c231c639b3a61230a548d5866ba64748
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
86f662a9142643f0b524e19291ebef4bd273f92765b16021d03ee104bf59b3d0
888b41bb493f82bc787b507deee35df8a9dca32d9f59e5e4434334bb04aa1e17
a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ae7eadf7fe09f621117d8d79d89ee410bdc3d49cfc620d0fdf71536afc443a64
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c9c41579990e491b31185c662e701facbcd6dab9ec0b06edef8feec2f981812e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d23807344428eec21271b708fcf73919827e568b0a335989f9f2348ae4356bd1
d3990d6f2ba6ab5e8a41bea670c3c4ae5294c02f0648772f307cc3a713895e0f
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c38d5ce9861f3d7ef3122ad9db55b2070fc8a0dfc9c23636d6024665f30296
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d
f0a301a682c0d67b68c3a1aa6d3d2e76c591ebaf6c280e7144c41a74495bb395
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
ff9a68c2f91ae8d442918aeb6ba6aea1dc72393247b0a8fa40047ac1a9a501b3

notepad.pw Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

95 %HTTPS

81 %IPv6

12 Domains

16 Subdomains

14 IPs

2 Countries

562 kBTransfer

1384 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

notepad.pw Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

81 %
IPv6

12
Domains

16
Subdomains

14
IPs

2
Countries

562 kB
Transfer

1384 kB
Size

16
Cookies

41 HTTP transactions
0 data transactions