notepad.ossincorp.com Open in urlscan Pro
194.4.49.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://notepad.ossincorp.com/
Submission: On December 13 via manual (December 13th 2022, 4:09:52 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 194.4.49.212, located in Paris, France and belongs to STARK-INDUSTRIES, GB. The main domain is notepad.ossincorp.com.

This is the only time notepad.ossincorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	194.4.49.212 194.4.49.212	44477 (STARK-IND...) (STARK-INDUSTRIES)
4	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.131.3.131 104.131.3.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
1 1	52.72.221.0 52.72.221.0	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21d... 2600:9000:21dd:5600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	5

5 194.4.49.212 (Paris, France)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm805049.stark-industries.solutions

notepad.ossincorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.3.131 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-25.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.230 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.221.0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-221-0.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:5600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ossincorp.com notepad.ossincorp.com	52 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 15452	81 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 616 static.adsafeprotected.com — Cisco Umbrella Rank: 544	710 B
2	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 164	934 B
1	carbonads.net srv.carbonads.net — Cisco Umbrella Rank: 34109	1 KB
1	carbonads.com cdn.carbonads.com — Cisco Umbrella Rank: 33929	6 KB
12	6

	Domain	Requested by
5	notepad.ossincorp.com	notepad.ossincorp.com
3	cdn4.buysellads.net	notepad.ossincorp.com
2	ad.doubleclick.net	1 redirects notepad.ossincorp.com
1	static.adsafeprotected.com	notepad.ossincorp.com
1	pixel.adsafeprotected.com	1 redirects
1	srv.carbonads.net	cdn.carbonads.com
1	cdn.carbonads.com	notepad.ossincorp.com
12	7

This site contains links to these domains. Also see Links.

Domain
srv.carbonads.net
carbonads.net

Subject Issuer	Validity	Valid
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-17` - `2023-10-13`	a year	crt.sh
cdn4.buysellads.net R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://notepad.ossincorp.com/
Frame ID: 30A8CF88C02A30C401B043BCB883E101
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downloads | Notepad++

Detected technologies

Carbon Ads (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

carbonads\.com

Page Statistics

12
Requests

33 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

141 kB
Transfer

185 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://srv.carbonads.net/ads/click/x/GTND42JUCTAIKKJWCE7LYKQNCAYIVKJMCABI5Z3JCYSIT23WCYBI427KCYAI6K3ICKSD6KJNFTBIP2JYCVSDC23KC6SD5K37CESI6K3EHJNCLSIZ?segment=placement:notepad-plus-plusorg;

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=notepad-plus-plusorg&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_pre=COfpkcr99vsCFerMyAodMIEMtA;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=

Request Chain 10

https://pixel.adsafeprotected.com/rfw/st/1075138/64001074/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
notepad.ossincorp.com/ 22 KB
2 KB 493ms
112ms Document
text/html 194.4.49.212
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: http://notepad.ossincorp.com/
Protocol: HTTP/1.1
Server: 194.4.49.212 Paris, France, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm805049.stark-industries.solutions
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b915627c6567a4bd6c3578f2080ef3d6b43582efa02a13370909a46acd353dc8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1742
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 16:09:46 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK styles.css
notepad.ossincorp.com/css/ 19 KB
5 KB 108ms
106ms Stylesheet
text/css 194.4.49.212
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: http://notepad.ossincorp.com/css/styles.css
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: HTTP/1.1
Server: 194.4.49.212 Paris, France, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm805049.stark-industries.solutions
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 454680669a7a78cf663e7b556796ac9c69f4bad0fdc1c5aada1a624b765bb61c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 16:09:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 00:32:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4d7d-5ed777ecfec00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4629

GET
H/1.1 200
OK logo.svg
notepad.ossincorp.com/fonts/ 31 KB
31 KB 217ms
112ms Image
image/svg+xml 194.4.49.212
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://notepad.ossincorp.com/fonts/logo.svg
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: HTTP/1.1
Server: 194.4.49.212 Paris, France, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm805049.stark-industries.solutions
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 55000d95f45965d673df38622a2677d1e97c7e663cbd4d6f3aca320a82904b2f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 16:09:46 GMT
Last-Modified: Tue, 15 Nov 2022 00:32:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7c70-5ed777ecfec00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31856

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 16 KB
6 KB 62ms
17ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.carbonads.com/carbon.js?serve=CKYIE53I&placement=notepad-plus-plusorg
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: HTTP/1.1
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 2f1aba41c7a551afbe016cdc1c21ceac1a844062e91ba07d9bea8df446856403

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 16:09:46 GMT
Content-Encoding: gzip
x-sp-metadata: HS256.CNrj4pwGEkoKJDU3ZDhkNGM3LWIxZjQtNGEwMC1hMGFhLWRlNzBmMTVlMWNkNxDohourk8L7AhoGCMrH4pwGIgs5Ni45LjI0OS4zNCjS4AIwAhorCAESJDY0ZjMyNWIyLTAzYmEtNDM4OS1hMDIyLWNmOTdlYmEwMzZlMhj4Kw==.QN090iyUtmVoYFur1ZsvapXVwXIRgJNoCX/IGLkrhU4=
Last-Modified: Tue, 10 May 2022 19:05:59 GMT
Server: AmazonS3
x-amz-request-id: 02NTM138340SZXR3
ETag: "7cac75fd9bc464f1b83d169839525e6f"
X-HW: 1670947786.cds011.tr2.h2,1670947786.cds005.tr2.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=712
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5624
x-amz-id-2: LxWjh1Xwv0K/6flm/QY9dpxF9P3cMSLko+CfTy6tF1hrYDrrunWV6zpFSpF5WVYfqYDv+yhbNG4=

GET
H/1.1 200
OK prism.css
notepad.ossincorp.com/css/ 3 KB
1 KB 205ms
109ms Stylesheet
text/css 194.4.49.212
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: http://notepad.ossincorp.com/css/prism.css
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: HTTP/1.1
Server: 194.4.49.212 Paris, France, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm805049.stark-industries.solutions
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3e376937fc69c4099473cec0ab3e42b7c7e1fbed10c1fae201208b2cb6523144

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 16:09:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2022 00:32:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "d1f-5ed777ecfec00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1198

GET
H2 200 CKYIE53I.json Show response
srv.carbonads.net/ads/ 2 KB
1 KB 104ms
23ms Script
application/javascript 104.131.3.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIE53I.json?segment=placement:notepad-plus-plusorg&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?serve=CKYIE53I&placement=notepad-plus-plusorg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.131.3.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-25.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 5ca8f10d317001fa1dbaa855dbdbdfddbc2555f4ca084c8a9769957c7061aebd

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 16:09:46 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 984
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
528 B 345ms
63ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=5.441406035749379
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:09:46 GMT
x-sp-metadata: HS256.CNrj4pwGEoYBCiRhNDExYjg5Mi0wNzU0LTQzOWYtYjc3Mi05ODFmNGEyZjE1MmUQiOWfifXE+wIaBgjKx+KcBiILOTYuOS4yNDkuMzQokK0DMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKBIkNzNmMjkxYzEtMTMyZi00OTliLWI0ZjYtNWE2YTYyMTM1YzlhGCs=.WB8nGkae5LjoaGnhdedFHPfyBl6lReDgBNejEK/H2Xg=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: NS364SVN913SMKVM
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1670947786.cds215.tr2.hn,1670947786.cds222.tr2.sc,1670947786.cds222.tr2.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: eFdo0XJ8Jrx/Par131T5ZOAdKC7cLqMYlvapwXwb8qQSiDoMsYzqOhZajZByBuE63DbzQOSaVrg=

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
499 B 347ms
65ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=5.441406035749379
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:09:46 GMT
x-sp-metadata: HS256.CNrj4pwGEoYBCiQ3MmZmNDJiNy0zMDM4LTQwZjUtOGY0Ni04MjZmMmJhMzcxOGUQiOWfifXE+wIaBgjKx+KcBiILOTYuOS4yNDkuMzQokK0DMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKBIkNzkyZGY5YjctNTlkZi00ZTQwLWI0M2ItYWMxYTQ2YTQ1ZDljGCs=.7Ur++hwujiDw5yf5wErgopcZ/YA8FiwOTNL1VwR8Izs=
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: NS31YK7AT7AVBBM4
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1670947786.cds215.tr2.hn,1670947786.cds216.tr2.sc,1670947786.cds216.tr2.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: 6IhjD0yENLO9+Hy26ND87zRpkzPtKTnuUnFvVGTrb2yX+zEnRktdTZ+DEA9m+PjtqgR1dl/koM30XI/gNf5Mjg==

GET
H/1.1 200
OK miriamlibre-bold.woff2
notepad.ossincorp.com/fonts/ 12 KB
12 KB 109ms
109ms Font
font/woff2 194.4.49.212
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL: http://notepad.ossincorp.com/fonts/miriamlibre-bold.woff2
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/css/styles.css
Protocol: HTTP/1.1
Server: 194.4.49.212 Paris, France, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS: vm805049.stark-industries.solutions
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c43dc64e22cec429f21fe8ddfcf666c5fb07b60efc7c9112408bc0c263f63a1b

Request headers

Referer: http://notepad.ossincorp.com/css/styles.css
Origin: http://notepad.ossincorp.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 16:09:46 GMT
Last-Modified: Tue, 15 Nov 2022 00:32:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2ee0-5ed777ecfec00"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12000

GET
H2 200 1664548651-PAYGSeek-Gen-NA-A.png
cdn4.buysellads.net/uu/1/122891/ 79 KB
80 KB 194ms
18ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/122891/1664548651-PAYGSeek-Gen-NA-A.png
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 7d6fea13da89d5914d50790d8a7f14ee42ce9df6678a50fa0951ef08728f62c8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:09:46 GMT
x-sp-metadata: HS256.CNrj4pwGEoYBCiQxODExYmJjMy0wMmFmLTRkNGItYmNlNi05NzAzNjI5ZmM5YzIQiOWfifXE+wIaBgjKx+KcBiILOTYuOS4yNDkuMzQokK0DMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQyOWZiYjI2NC04YjA1LTRiNDYtYThiOS1jYjI3MDM1NjQyMTMY7/sE.SeiyBRb5jMLJa07GUrX89zfSmhsHWIi5dX3RWM5qRLI=
last-modified: Fri, 30 Sep 2022 14:37:38 GMT
server: AmazonS3
x-amz-request-id: 7DN5MA2EQ0W22T28
etag: "54a8c7a660aeb0a2d88dd2b67199832a"
x-hw: 1670947786.cds215.tr2.hn,1670947786.cds219.tr2.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 81391
x-amz-id-2: +ZDSh9s8m+b2nctGenzi08cTHQF92UodrIdavePSDO+F3P0Ax5yMb1L45/ix0509F8bOYakXH1hgoTIlJ3UO8Q==

GET
H2

200

B28037489.338824937;dc_pre=COfpkcr99vsCFerMyAodMIEMtA;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=
ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_pre=COfpkcr99vsCFerMyAodMIEMtA;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;t...

42 B
220 B

54ms
53ms

Image
image/gif

142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_pre=COfpkcr99vsCFerMyAodMIEMtA;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?

Requested by

Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/

Protocol

Server

142.250.81.230 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 16:09:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 16:09:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N572608.452584BUYSELLADS.COM/B28037489.338824937;dc_pre=COfpkcr99vsCFerMyAodMIEMtA;dc_trk_aid=531163064;dc_trk_cid=173490056;ord=167094779;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1075138/64001074/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS
https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS

43 B
483 B

100ms
20ms

Image
image/gif

2600:9000:21dd:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS
Requested by: Host: notepad.ossincorp.com
URL: http://notepad.ossincorp.com/
Protocol: H2
Server: 2600:9000:21dd:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://notepad.ossincorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 06:53:15 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3316592
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 5YSlN7p_VnX5dqZ2jLQV1MuJ2SfFXas6fowWJEC9EKIQjJCLldtK2w==

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 16:09:46 GMT
server: nginx
x-server-name: app16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=$&gdpr_consent=$&gdpr_pd=$&network=BUYSELLADS
cache-control: no-cache
content-length: 0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 08:09:08	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.carbonads.com
cdn4.buysellads.net
notepad.ossincorp.com
pixel.adsafeprotected.com
srv.carbonads.net
static.adsafeprotected.com
104.131.3.131
142.250.81.230
151.139.128.10
194.4.49.212
2600:9000:21dd:5600:8:48e:53c0:93a1
52.72.221.0
2f1aba41c7a551afbe016cdc1c21ceac1a844062e91ba07d9bea8df446856403
3e376937fc69c4099473cec0ab3e42b7c7e1fbed10c1fae201208b2cb6523144
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
454680669a7a78cf663e7b556796ac9c69f4bad0fdc1c5aada1a624b765bb61c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55000d95f45965d673df38622a2677d1e97c7e663cbd4d6f3aca320a82904b2f
5ca8f10d317001fa1dbaa855dbdbdfddbc2555f4ca084c8a9769957c7061aebd
7d6fea13da89d5914d50790d8a7f14ee42ce9df6678a50fa0951ef08728f62c8
b915627c6567a4bd6c3578f2080ef3d6b43582efa02a13370909a46acd353dc8
c43dc64e22cec429f21fe8ddfcf666c5fb07b60efc7c9112408bc0c263f63a1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

notepad.ossincorp.com Open in urlscan Pro 194.4.49.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

33 %HTTPS

17 %IPv6

6 Domains

7 Subdomains

5 IPs

2 Countries

141 kBTransfer

185 kBSize

1 Cookies

2 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Indicators

notepad.ossincorp.com Open in urlscan Pro
194.4.49.212 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

33 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

141 kB
Transfer

185 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions