urlscan.io logo urlscan.io
SecurityTrails logo

pasteapp.com Open in urlscan Pro
18.66.112.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Effective URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Submission Tags: falconsandbox
Submission: On February 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 20 domains to perform 50 HTTP transactions. The main IP is 18.66.112.55, located in United States and belongs to AMAZON-02, US. The main domain is pasteapp.com.
TLS certificate: Issued by Amazon on October 7th 2021. Valid for: a year.
This is the only time pasteapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 18.66.112.55 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.16.89.50 13335 (CLOUDFLAR...)
1 52.222.206.6 16509 (AMAZON-02)
3 151.101.66.133 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2 185.33.220.244 29990 (ASN-APPNEX)
1 52.28.36.227 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
5 18.66.97.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.32.99.13 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
1 1 13.32.99.47 16509 (AMAZON-02)
3 18.66.139.67 16509 (AMAZON-02)
2 162.247.242.32 23467 (NEWRELIC-...)
2 99.83.219.81 16509 (AMAZON-02)
1 52.38.165.201 16509 (AMAZON-02)
4 54.209.91.188 14618 (AMAZON-AES)
50 21
7    18.66.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-55.fra56.r.cloudfront.net
pasteapp.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.embedly.com
1    52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net
cdn.amplitude.com
3    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
api.filestackapi.com
dialog.filestackapi.com
www.filestackapi.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.28.36.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-36-227.eu-central-1.compute.amazonaws.com
pixel.mediaiqdigital.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    18.66.97.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-114.fra56.r.cloudfront.net
fonts.fiftythree.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    13.32.99.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-13.fra60.r.cloudfront.net
auth.wetransfer.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net
widget.intercom.io
3    18.66.139.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-67.fra60.r.cloudfront.net
js.intercomcdn.com
2    162.247.242.32 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.nz
bam.nr-data.net
2    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
1    52.38.165.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-165-201.us-west-2.compute.amazonaws.com
api.amplitude.com
4    54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com
pstar-internal-api.fiftythree.com
Apex Domain
Subdomains		 Transfer
9 fiftythree.com
fonts.fiftythree.com
pstar-internal-api.fiftythree.com — Cisco Umbrella Rank: 419798
386 KB
7 pasteapp.com
pasteapp.com
4 MB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 1943
125 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1922
api-iam.intercom.io — Cisco Umbrella Rank: 2489
3 KB
3 wetransfer.com
auth.wetransfer.com — Cisco Umbrella Rank: 27753
5 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 filestackapi.com
api.filestackapi.com — Cisco Umbrella Rank: 75316
dialog.filestackapi.com — Cisco Umbrella Rank: 69107
www.filestackapi.com — Cisco Umbrella Rank: 60786
23 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
136 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 559
440 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
461 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
386 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2420
api.amplitude.com — Cisco Umbrella Rank: 1169
18 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 306
18 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6342
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 9145
82 B
1 embedly.com
cdn.embedly.com — Cisco Umbrella Rank: 9159
21 KB
50 20
Domain Requested by
7 pasteapp.com 1 redirects pasteapp.com
5 fonts.fiftythree.com pasteapp.com
4 pstar-internal-api.fiftythree.com pasteapp.com
3 js.intercomcdn.com widget.intercom.io
3 auth.wetransfer.com pasteapp.com
3 bat.bing.com pasteapp.com
3 www.google-analytics.com pasteapp.com
3 www.googletagmanager.com pasteapp.com
2 api-iam.intercom.io js.intercomcdn.com
2 bam.nr-data.net pasteapp.com
2 stats.g.doubleclick.net pasteapp.com
2 www.facebook.com pasteapp.com
2 secure.adnxs.com 2 redirects
2 connect.facebook.net pasteapp.com
1 api.amplitude.com pasteapp.com
1 www.filestackapi.com pasteapp.com
1 dialog.filestackapi.com pasteapp.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com pasteapp.com
1 www.google.de pasteapp.com
1 www.google.com pasteapp.com
1 pixel.mediaiqdigital.com pasteapp.com
1 api.filestackapi.com pasteapp.com
1 cdn.amplitude.com pasteapp.com
1 cdn.embedly.com pasteapp.com
50 25

This site contains no links.

Subject Issuer Validity Valid
pasteapp.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.embedly.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-09 -
2022-10-10		 a year crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.filestackapi.com
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
fiftythree.com
Amazon		 2021-09-29 -
2022-10-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
wetransfer.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2021-04-15 -
2022-05-14		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
pstar-internal-api.fiftythree.com
R3		 2022-01-09 -
2022-04-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Frame ID: 0E1FBE2B9725939D99A7C720C9E54A1E
Requests: 39 HTTP requests in this frame

Frame: https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=bk85REo0NjUuSU1iV3RiRjAycn5abVA3WWlVOW14MFhZZVZMclIyUGhBcA%3D%3D&nonce=fjF4cWVTRjczSzlCXzgub2NTWm1zMGtsZTN4X0FSRV9PaUZIX0k5REhDeg%3D%3D&code_challenge=ZE806i1looliIaQPLuyYpCy-7z3m2XWXW8pvfbA6j7w&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Frame ID: B15A764AC62D8F934A3066FA000B6FD9
Requests: 1 HTTP requests in this frame

Frame: https://dialog.filestackapi.com/dialog/comm_iframe/
Frame ID: D8B0C38B7F9E3B1D3FF0A8F7108B0E53
Requests: 1 HTTP requests in this frame

Frame: https://www.filestackapi.com/dialog/comm_iframe/
Frame ID: 013A6FC3E691D961885F9D8B7C501AFF
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.2d440ae7.js
Frame ID: 7D58052AAFD6E8DF408677BA719ED3DA
Requests: 4 HTTP requests in this frame

Frame: https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=WkNyV0NVQ19sLXJuWHVjYkpMRm1zNzc0bEpkekpHQWFiNHJiSlp4bDk2QQ%3D%3D&nonce=U0RScVh5Yi4weENmNUJrZGhmZU1mUkRkT2lKRHo2RC0uTVJRbjNPQ1NqeQ%3D%3D&code_challenge=rpDn569Jo6x2K4huqtWScgb5simbb6y8rg93r-dLRqY&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Frame ID: 57A4764F79EF7830A975A51177B511BA
Requests: 1 HTTP requests in this frame

Frame: https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=bFFpQV9%2BMWRBdVRJMzZzRGYwX0lsdEtMUGQ3R2FDTEZ2cG4xaU53Wn5uUA%3D%3D&nonce=NFBOdWNGb2RZWDVTVHN1UHdWRHduMS05X2JXZmJRQmZFVUhQcUcuNi51TQ%3D%3D&code_challenge=8BhvR62F2NoGWFhClCjHSoMaCn8YZ3x_UVMXPB7OFtg&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Frame ID: 094ECDA57E51870B448C4FB3BE68CCBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

You've received an encrypted message from dean@australiantransformerservices.com | Paste

Page URL History Show full URLs

  1. http://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv HTTP 301
    https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

96 %
HTTPS

35 %
IPv6

20
Domains

25
Subdomains

21
IPs

5
Countries

5379 kB
Transfer

12897 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv HTTP 301
    https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://secure.adnxs.com/px?id=1244963&seg=21740900&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1244963%26uid%3D%24%7BUID%7D&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1244963%26seg%3D21740900%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1244963%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5754354789459826041
Request Chain 29
  • https://widget.intercom.io/widget/jgz9nkp3 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MYcFB4ZknXM
pasteapp.com/p/rRxdIwSsnmv/s/
Redirect Chain
  • http://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
  • https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
71 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
ba22454f2807eba56ca5cc3fbd6f10e4e3a32489c9ff655054a58e04420c0462
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
Cowboy
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=86400
X-Download-Options
noopen
X-Xss-Protection
1; mode=block
X-App-Version
v1574
X-Request-Id
a9d73f2a-e4ff-4f65-8f11-5cd42bc01d56
Cache-Control
private
ETag
W/"11b6d-b9oa5cU/CjEYHdpv9qZL36NgKpM"
Content-Encoding
gzip
Date
Thu, 24 Feb 2022 06:59:37 GMT
Via
1.1 vegur, 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
EX2ZZKQx8kJkKp48FswTfnhPg6tjIsPNTKJ1MgBZQa0fSqhaEC159Q==

Redirect headers

Server
CloudFront
Date
Thu, 24 Feb 2022 06:59:36 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
X-Cache
Redirect from cloudfront
Via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
rm2VovpkCZY2wr31ffGkGpQsd8aeTlesP33NfyRcwschmBhYJD1A_g==
vendor.abbecb5e788e3682f82b.css
pasteapp.com/styles/ 		309 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/styles/vendor.abbecb5e788e3682f82b.css
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
6800541f3fa1eb8649d45fb0836aee81202d5ae34de7bd2aadab7cc3950a8422
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
5863bcc3-12d2-4084-8392-07f0212fd3ac
X-App-Version
v1574
Last-Modified
Wed, 16 Feb 2022 19:37:38 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Feb 2022 06:59:37 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur, 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"4d23f-17f040a4bd0"
Accept-Ranges
bytes
X-Amz-Cf-Id
VrdvUK6pFdom5F3D0uIN65E7gVYcbrXyDnYNQGVO36UjX_gmzssSLQ==
app.9387dd1fe5fc9a4accec.css
pasteapp.com/styles/ 		32 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
19543d1473e6e459a537bfdad802f674696e7082e3d2104cb71e1936610c4d09
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
43411c07-feba-4b6c-8438-aef6a1c7e493
X-App-Version
v1574
Last-Modified
Wed, 16 Feb 2022 19:37:38 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Feb 2022 06:59:37 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur, 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"811b-17f040a4bd0"
Accept-Ranges
bytes
X-Amz-Cf-Id
c00DHktO5JGWAw1xhLBqcqn_FXPvCLaFgWMUwK51W4AHweoy6JLw6g==
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30418293-15
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
642b297a128754d33415e9c79cbae0f1113c70e0dd46bb48bb15997a0fb9e8a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37302
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Feb 2022 06:59:37 GMT
platform.js
cdn.embedly.com/widgets/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.embedly.com/widgets/platform.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 06:59:37 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
8WVFW4BQZTT5WK0V
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
rNbgjdTnuGA5f8nfqZ9mBQdRRwo7E/yui3TP/70vH0m2qioIwMpkyCKht+SCZYvGnu3kU5cy/ws=
CF-RAY
6e26cfeecb3390c1-FRA
Last-Modified
Wed, 02 Jun 2021 21:18:28 GMT
Server
cloudflare
ETag
W/"1515208cf0f82e612ecf50bd9e1c1a3e"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
x-amz-version-id
kp_mKzjWqdPYjEdl.9aSC0zrgqj54UQa
Cache-Control
public, max-age=300
Content-Type
application/javascript
Expires
Thu, 24 Feb 2022 07:04:37 GMT
vendor.30d203e5aa27eef2a6fc.js
pasteapp.com/scripts/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/vendor.30d203e5aa27eef2a6fc.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
29a01d27e8e84b8ae0606afc5694e3c92b06d6ee244c240b50e7f0200f823c04
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
dbb6d011-1a7a-4bf0-87e7-a171c08dcd17
X-App-Version
v1574
Last-Modified
Wed, 16 Feb 2022 19:37:38 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Feb 2022 06:59:37 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"47c309-17f040a4bd0"
Accept-Ranges
bytes
X-Amz-Cf-Id
vYm_PBzVE5wM-kh1Vf431hPHY1MG1W7pBHPAaNJOcMh1DvPKxs6Ivg==
polyfill.f59606fc2e12097f0aa7.js
pasteapp.com/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/polyfill.f59606fc2e12097f0aa7.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
81fd2b2cdc54e924fdf18da93b8d51d92929523aa53b7d335e092967bf0bae47
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
8506f0d3-880e-4212-a83f-92b453984fa9
X-App-Version
v1574
Last-Modified
Wed, 16 Feb 2022 19:37:38 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Feb 2022 06:59:37 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"5e5-17f040a4bd0"
Accept-Ranges
bytes
X-Amz-Cf-Id
bBLntJHVVsLq-tWs_N7DbK9Sk8dQ61FX62ucBS9A6iJArcejNs0Avw==
app.d6e4eb88df93e6b8cd93.js
pasteapp.com/scripts/ 		6 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/app.d6e4eb88df93e6b8cd93.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
19fb6d8c190f47b4203450baf7f2829e1566d3d26cc3d9a985c3705e4e9f4476
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
6b9483f9-5d55-4ccc-bf07-190351795a3b
X-App-Version
v1574
Last-Modified
Wed, 16 Feb 2022 19:37:38 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Feb 2022 06:59:37 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"5d13c1-17f040a4bd0"
Accept-Ranges
bytes
X-Amz-Cf-Id
0mSH50F4OEqOLZ4kXQm5bHOIbCHXyQchtF3xx0NYfHM2_n2inCxzmg==
gtm.js
www.googletagmanager.com/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXNZVGZ
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f69a61105c068bac2ce5586866c0a9a692300c46dd5dee18ad9196ef7c9cba21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63541
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Feb 2022 06:59:37 GMT
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Referer
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 04:42:37 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
20485021
x-cache
Hit from cloudfront
content-length
17889
access-control-allow-origin
*
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
server
AmazonS3
etag
"b568e7b3c9d94da6a1d4845b18400f7a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
zb5-n7jMg-d2dlIiW5-sZoeuqbbix6mokn4BbtFUXnssns-W_RmjVA==
filestack.js
api.filestackapi.com/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.filestackapi.com/filestack.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:37 GMT
content-encoding
gzip
age
110635
x-cache
HIT
content-length
21025
x-amz-id-2
1hgF6o+FGQHA3WT1eZOeai2uAmBuV8yoegp+gH8xAmckcAo/5qC6gD2+BxQLvS/34f6Nqpzd40M=
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 05 Feb 2020 09:37:22 GMT
server
AmazonS3
x-timer
S1645685978.898454,VS0,VE0
etag
"e907365d304fff6d1a662335ce6bb88f"
vary
Accept-Encoding
x-amz-request-id
XFZ8SVD9MXMS4HHR
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
553
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3286
date
Thu, 24 Feb 2022 06:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 24 Feb 2022 08:04:52 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:38 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AF1D252EBEB1475681A33084986FA6CF Ref B: FRAEDGE1408 Ref C: 2022-02-24T06:59:38Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
Q0xDKef8Ife9qySaNcDyYHtNx+2RO3LIB4PtNF3t1xgkzZOgqdp5OOs2PwWnsAyACfknkF86IPagWVRCLH57Ig==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 24 Feb 2022 06:59:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
pixel.mediaiqdigital.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1244963&seg=21740900&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1244963%26uid%3D%24%7BUID%7D&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1244963%26seg%3D21740900%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1244963%2526uid%253D%2524%257BUID%257D%2...
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5754354789459826041
2 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5754354789459826041
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Server
52.28.36.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-36-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:38 GMT
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 24 Feb 2022 06:59:38 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bad514c3-8a52-4932-be6d-82fa276508c1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5754354789459826041
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30418293-14&l=dataLayer&cx=c
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b1e99c58e3b1b83fe2dc3ec08edaa3a649cfb805cb3a14a35b1f9aa1dfe266f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37303
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Feb 2022 06:59:38 GMT
1904796869803472
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1904796869803472?v=2.9.52&r=stable
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1947b1d40845adcc909cba1dd283933857544e098cab6353cf5d8f6c5a827aaa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89364
x-xss-protection
0
pragma
public
x-fb-debug
mK03Canq9cBalu4yJV9OTyUIi7wyk0liSsltSsuC8Uc9gUJnWDbHX838e/q42QtDpYJCUhMfs229XrxdCJZh5g==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 24 Feb 2022 06:59:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
17116656.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17116656.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Feb 2022 06:59:38 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 90A3221F06884B6790FC95B3FA6F72B3 Ref B: FRAEDGE1408 Ref C: 2022-02-24T06:59:38Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=PageView&dl=https%3A%2F%2Fpasteapp.com%2Fp%2FrRxdIwSsnmv%2Fs%2FMYcFB4ZknXM%3Fview%3DYeiltieAVRv&rl=&if=false&ts=1645685978153&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645685978152.1124039354&it=1645685978113&coo=false&exp=p0&rqm=GET
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 24 Feb 2022 06:59:38 GMT
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17116656&tm=gtm002&Ver=2&mid=ac2e167e-f34b-4856-83be-573b9ecf28b2&sid=552e9220953f11ecba7d8584d9df241d&vid=552eb180953f11ec82b273d10699f971&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paste%20by%20WeTransfer&kw=presentation,deck,collaborate,team,brainstorm,storyboard,slide,pdf,powerpoint,keynote,slack,work,report,creative,productivity,business&p=https%3A%2F%2Fpasteapp.com%2Fp%2FrRxdIwSsnmv%2Fs%2FMYcFB4ZknXM%3Fview%3DYeiltieAVRv&r=&lt=1785&evt=pageLoad&msclkid=N&sv=1&rn=138213
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 06:59:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B9103890011D44ABA61EB1C40AE1823E Ref B: FRAEDGE1408 Ref C: 2022-02-24T06:59:38Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11792855-25&cid=1623775490.1645685979&jid=1040523139&gjid=811361098&_gid=1512062575.1645685979&_u=YGBAgEABAAAAAE~&z=1100583839
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Feb 2022 06:59:38 GMT
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=729252387&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2Fp%2FrRxdIwSsnmv%2Fs%2FMYcFB4ZknXM%3Fview%3DYeiltieAVRv&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAG~&jid=1642539530&gjid=574674381&cid=1623775490.1645685979&tid=UA-30418293-14&_gid=1512062575.1645685979&_r=1&gtm=2ou2g0&z=870452557
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 06:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=729252387&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2Fp%2FrRxdIwSsnmv%2Fs%2FMYcFB4ZknXM%3Fview%3DYeiltieAVRv&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1040523139&gjid=811361098&cid=1623775490.1645685979&tid=UA-11792855-25&_gid=1512062575.1645685979&gtm=2wg2g0MXNZVGZ&z=938401344
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 21:31:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ActiefGrotesque_W_Regular.woff
fonts.fiftythree.com/actief/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/actief/ActiefGrotesque_W_Regular.woff?cachebuster=01
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f924dec24ab2a814e41adeddb24961c987f57d956c258774984bb2443ba1267c

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 08:20:22 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
81557
x-cache
Hit from cloudfront
content-length
31208
last-modified
Tue, 28 Apr 2020 16:43:38 GMT
server
AmazonS3
etag
"f035c164fc875a8b318179b4f5ccd9f2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
34g49gn5NAcj7QdKbXS2eREA-EX_MNsYebyrIZe4u15X3MmOYT28XA==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=Microdata&dl=https%3A%2F%2Fpasteapp.com%2Fp%2FrRxdIwSsnmv%2Fs%2FMYcFB4ZknXM%3Fview%3DYeiltieAVRv&rl=&if=false&ts=1645685978691&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paste%20by%20WeTransfer%22%2C%22meta%3Akeywords%22%3A%22presentation%2Cdeck%2Ccollaborate%2Cteam%2Cbrainstorm%2Cstoryboard%2Cslide%2Cpdf%2Cpowerpoint%2Ckeynote%2Cslack%2Cwork%2Creport%2Ccreative%2Cproductivity%2Cbusiness%22%2C%22meta%3Adescription%22%3A%22Fast%2C%20collaborative%20presentations%20for%20creative%20teams.%20Share%20your%20work%20in%20realtime%20and%20collaborate%20with%20reactions%2C%20comments%2C%20and%20Slack%20integration.%20Embed%20files%2C%20links%2C%20and%20docs%20for%20strategy%20decks%2C%20design%20handoffs%2C%20brainstorms%2C%20research%20gathering.%20Integrates%20with%20Giphy%2C%20Figma%2C%20Dropbox%2C%20Google%20Docs%2C%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpstar-internal-api.fiftythree.com%2Fdecks%2FrRxdIwSsnmv%2Fslides%2FMYcFB4ZknXM%2Fthumbnail%3FviewToken%3DYeiltieAVRv%22%2C%22og%3Atitle%22%3A%22You%27ve%20received%20an%20encrypted%20message%20from%20dean%40australiantransformerservices.com%20%7C%20Paste%20by%20WeTransfer%22%2C%22og%3Adescription%22%3A%22Fast%2C%20collaborative%20presentations%20for%20creative%20teams.%20Share%20your%20work%20in%20realtime%20and%20collaborate%20with%20reactions%2C%20comments%2C%20and%20Slack%20integration.%20Embed%20files%2C%20links%2C%20and%20docs%20for%20strategy%20decks%2C%20design%20handoffs%2C%20brainstorms%2C%20research%20gathering.%20Integrates%20with%20Giphy%2C%20Figma%2C%20Dropbox%2C%20Google%20Docs%2C%20and%20more.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645685978152.1124039354&it=1645685978113&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 06:59:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 24 Feb 2022 06:59:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-25&cid=1623775490.1645685979&jid=1040523139&_u=YGBAgEABAAAAAE~&z=624201642
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 06:59:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-25&cid=1623775490.1645685979&jid=1040523139&_u=YGBAgEABAAAAAE~&z=624201642
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Feb 2022 06:59:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30418293-14&cid=1623775490.1645685979&jid=1642539530&gjid=574674381&_gid=1512062575.1645685979&_u=YGDACUABBAAAAG~&z=918697450
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Feb 2022 06:59:38 GMT
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorize
auth.wetransfer.com/ Frame B15A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=bk85REo0NjUuSU1iV3RiRjAycn5abVA3WWlVOW14MFhZZVZMclIyUGhBcA%3D%3D&nonce=fjF4cWVTRjczSzlCXzgub2NTWm1zMGtsZTN4X0FSRV9PaUZIX0k5REhDeg%3D%3D&code_challenge=ZE806i1looliIaQPLuyYpCy-7z3m2XWXW8pvfbA6j7w&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/scripts/vendor.30d203e5aa27eef2a6fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
802ebfb61c1d04b84671396679f070ba05713bd79e4dd3ab5c7544b91ea41419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=UTF-8
date
Thu, 24 Feb 2022 06:59:38 GMT
cf-ray
6e26cff7ae5b91d2-FRA
cache-control
no-cache, no-store
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6e26cff7ae5b91d2
ot-tracer-sampled
true
ot-tracer-spanid
33abe0e45c21d101
ot-tracer-traceid
52dd9e59103572bc
pragma
no-cache
x-auth0-requestid
05b59492b87bb86a089a
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1645685979
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
_F4BWVA58Ua-3gOrlIDCykdDEYGw4Z3dl8hplnXORY2V6SVwbVm2Rg==
nr-spa-1215.min.js
js-agent.newrelic.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding
gzip
etag
"7e1862f7a390ed9fc02c299216395547"
x-amz-request-id
B7ZSJ0XWM0C0H1SX
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17465
x-amz-id-2
ddPlooSAo6iHXIeX5I9N1CbV2xxUBx7siumw1tQkNskJA5m+fmzIQvPt4NusldODhryvIE6w578=
x-served-by
cache-hhn4073-HHN
last-modified
Mon, 24 Jan 2022 22:13:54 GMT
server
AmazonS3
x-timer
S1645685979.978324,VS0,VE0
date
Thu, 24 Feb 2022 06:59:38 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4623
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/jgz9nkp3
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2fa80237501fcd07baf7f6faeede7eedf88da1b99d9644dd043374f95372572

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Feb 2022 06:56:58 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 16:21:55 GMT
server
AmazonS3
age
161
etag
"407a23a605d9b55e09ca226df9239b0c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6085
x-amz-cf-id
1kEp_LxwtDlCtKksHZNk9gzT7TzwhRifsG5ds-TiUegh_Po0qu_U2w==

Redirect headers

date
Fri, 18 Feb 2022 12:21:14 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
server
AmazonS3
age
499105
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
ocvjaZE2Hdtw77n1Dwdf4LPboHNigUH8FIvliwfLfAf5GLsKZPeO9A==
/
dialog.filestackapi.com/dialog/comm_iframe/ Frame D8B0 		2 KB
1018 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dialog.filestackapi.com/dialog/comm_iframe/
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
last-modified
Mon, 06 Dec 2021 12:44:38 GMT
etag
W/"61ae05b6-82a"
p3p
CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-headers
Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-credentials
true
content-encoding
gzip
accept-ranges
bytes
date
Thu, 24 Feb 2022 06:59:38 GMT
via
1.1 varnish
age
111305
x-served-by
cache-hhn4022-HHN
x-cache
HIT
x-cache-hits
964
x-timer
S1645685979.962908,VS0,VE0
content-length
945
/
www.filestackapi.com/dialog/comm_iframe/ Frame 013A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.filestackapi.com/dialog/comm_iframe/
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
last-modified
Mon, 06 Dec 2021 12:44:38 GMT
etag
W/"61ae05b6-82a"
p3p
CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-headers
Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-credentials
true
content-encoding
gzip
accept-ranges
bytes
date
Thu, 24 Feb 2022 06:59:38 GMT
via
1.1 varnish
age
1140828
x-served-by
cache-hhn4022-HHN
x-cache
HIT
x-cache-hits
2364
x-timer
S1645685979.955890,VS0,VE0
content-length
945
378e1eac2f
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/378e1eac2f?a=21782324&v=1215.1253ab8&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YThtVDFBcCxIZGg1eWgcYFgQYH0kXRRpfVVIBX2w2fnFPF0YaX0JbC1BcL1hWBFR8UU8dGBIbAwdSVg5tYHwhGxtNVUwXXxpPFBpBAFBaERsTTxhUAVVcW0ob&rst=2231&ck=1&ref=https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM&qt=9&ap=75.150569&be=518&fe=2113&dc=1785&tt=424b5615669fe0&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1645685976837,%22n%22:0,%22f%22:23,%22dn%22:23,%22dne%22:23,%22c%22:23,%22s%22:30,%22ce%22:43,%22rq%22:43,%22rp%22:423,%22rpe%22:514,%22dl%22:426,%22di%22:1784,%22ds%22:1784,%22de%22:1785,%22dc%22:2112,%22l%22:2113,%22le%22:2115%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
service.newrelic.co.nz
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
frame-modern.2d440ae7.js
js.intercomcdn.com/ Frame 7D58 		296 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.2d440ae7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgz9nkp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e83f52542f886a03a717e814c7b5a347107d0901c23b62ff26eba6c2bcfc3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Feb 2022 06:22:00 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 16:20:50 GMT
server
AmazonS3
age
2260
etag
"0be94b0d7a6e2f5114628ef8d019ae2b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
81198
x-amz-cf-id
C43inTKJtKkgzEoNCDkgWSak4kifJYxre5Tn1H_dG7vzN7wCJf8c3A==
vendor-modern.43c9bd6f.js
js.intercomcdn.com/ Frame 7D58 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.43c9bd6f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgz9nkp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8316bc630bdccc2ee1efe92cb58c54e574916b30a027a3dc1a404bc0213a77a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 24 Feb 2022 06:26:51 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 12:25:47 GMT
server
AmazonS3
age
1969
etag
"383ddc986b0127f2f7302cd74686d80c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
39547
x-amz-cf-id
-BldoSbwuCiMEEE0uDdnqBQxiq0riMfylQZA1Wd_fTwk47f5vKaqzg==
ping
api-iam.intercom.io/messenger/web/ Frame 7D58 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2d440ae7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a6ee78d1b306af59846ce8d7d12d25ac8782ebeaf595656f166581cc760593e7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Feb 2022 06:59:39 GMT
content-encoding
gzip
x-ami-version
ami-028abf1702a0efe13
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000etihflca12sfd743g
x-runtime
0.312459
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"a6ee78d1b306af59846ce8d7d12d25ac"
x-ratelimit-remaining
13330
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pasteapp.com
x-intercom-version
55e2be4e1394f446bfc1f1096f79c42d828cdcde
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1645685980
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
/
api.amplitude.com/ 		7 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.165.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-165-201.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 24 Feb 2022 06:59:39 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
authorize
auth.wetransfer.com/ Frame 57A4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=WkNyV0NVQ19sLXJuWHVjYkpMRm1zNzc0bEpkekpHQWFiNHJiSlp4bDk2QQ%3D%3D&nonce=U0RScVh5Yi4weENmNUJrZGhmZU1mUkRkT2lKRHo2RC0uTVJRbjNPQ1NqeQ%3D%3D&code_challenge=rpDn569Jo6x2K4huqtWScgb5simbb6y8rg93r-dLRqY&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/scripts/vendor.30d203e5aa27eef2a6fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
6f4c85bd1f25d4883175dd2b7a01bafd3013745c77f28a831852caff4f29e41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=UTF-8
date
Thu, 24 Feb 2022 06:59:39 GMT
cf-ray
6e26cffb2e13912b-FRA
cache-control
no-cache, no-store
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6e26cffb2e13912b
ot-tracer-sampled
true
ot-tracer-spanid
5ab3707709b483f4
ot-tracer-traceid
37f42426569641f8
pragma
no-cache
x-auth0-requestid
e4d33bbe1132c6af77e7
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1645685980
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
HPluP66gsRABmN1aUot1xI5Rv7YJeHU3tLZObriVKXhLv_fCc5pMBg==
378e1eac2f
bam.nr-data.net/ins/1/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/ins/1/378e1eac2f?a=21782324&v=1215.1253ab8&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YThtVDFBcCxIZGg1eWgcYFgQYH0kXRRpfVVIBX2w2fnFPF0YaX0JbC1BcL1hWBFR8UU8dGBIbAwdSVg5tYHwhGxtNVUwXXxpPFBpBAFBaERsTTxhUAVVcW0ob&rst=2683&ck=1&ref=https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
service.newrelic.co.nz
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://pasteapp.com
Access-Control-Allow-Credentials
true
ActiefGrotesque_W_Bold.woff
fonts.fiftythree.com/actief/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/actief/ActiefGrotesque_W_Bold.woff?cachebuster=01
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
979f96e6627414aa6148479256d79b4768886137153689f9743141b853cb20b9

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 08:22:00 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
81460
x-cache
Hit from cloudfront
content-length
30864
last-modified
Tue, 28 Apr 2020 16:43:38 GMT
server
AmazonS3
etag
"69d561b85aa03bc6206165927eee2708"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
0um9K5PLJF76CbuXX2ob6m6F1yUCWYh5Ab7z9PeTJMdrY1QgEklHiQ==
authorize
auth.wetransfer.com/ Frame 094E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=bFFpQV9%2BMWRBdVRJMzZzRGYwX0lsdEtMUGQ3R2FDTEZ2cG4xaU53Wn5uUA%3D%3D&nonce=NFBOdWNGb2RZWDVTVHN1UHdWRHduMS05X2JXZmJRQmZFVUhQcUcuNi51TQ%3D%3D&code_challenge=8BhvR62F2NoGWFhClCjHSoMaCn8YZ3x_UVMXPB7OFtg&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/scripts/vendor.30d203e5aa27eef2a6fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
5f410fe500a470eda2d1f62a3a576ecb8ea834c8cedfed7fa6c8f2757ec2c6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=UTF-8
date
Thu, 24 Feb 2022 06:59:39 GMT
cf-ray
6e26cffd8bdd5bed-FRA
cache-control
no-cache, no-store
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6e26cffd8bdd5bed
ot-tracer-sampled
true
ot-tracer-spanid
549bcf272744576b
ot-tracer-traceid
029f8ea13a2abd8c
pragma
no-cache
x-auth0-requestid
ee551f221d1d25fdb696
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1645685980
server
cloudflare
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
VWqOYFBLa3LBnMozBc6xWRnmYSd9GY0XMX-Lf2fDmi2ymuFd5JfyhA==
events
api-iam.intercom.io/messenger/web/ Frame 7D58 		4 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.2d440ae7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 24 Feb 2022 06:59:40 GMT
content-encoding
gzip
x-ami-version
ami-028abf1702a0efe13
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000e2i0rsnh17edt2mug
x-runtime
0.161493
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"e10808d43975dc400731053386849f86"
x-ratelimit-remaining
13328
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pasteapp.com
x-intercom-version
55e2be4e1394f446bfc1f1096f79c42d828cdcde
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1645685980
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
rRxdIwSsnmv
pstar-internal-api.fiftythree.com/presentations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv?viewToken=YeiltieAVRv&includeFonts=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-analytics-session-id,x-auth0-token
Origin
https://pasteapp.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
X-App-Version
v2792
Access-Control-Allow-Origin
https://pasteapp.com
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Headers
authorization,referer,x-requested-with,x-device-token,content-type,x-auth0-token,x-analytics-session-id
Access-Control-Max-Age
300
Access-Control-Expose-Headers
location,x-app-version
Content-Length
0
Date
Thu, 24 Feb 2022 06:59:40 GMT
Via
1.1 vegur
rRxdIwSsnmv
pstar-internal-api.fiftythree.com/presentations/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv?viewToken=YeiltieAVRv&includeFonts=true
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
026b9924b5c1eddef3fba628b2f971cf7ababd308cc264cc2945164c87cc1411

Request headers

X-Analytics-Session-ID
1645685977906
x-auth0-token
<anonymous>
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 24 Feb 2022 06:59:40 GMT
Content-Encoding
gzip
X-App-Version
v2792
Server
Cowboy
Etag
W/"1887-p0xruC2uPR59ZL2GjTvgImNwrDo"
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pasteapp.com
Access-Control-Expose-Headers
location,x-app-version
Transfer-Encoding
chunked
Connection
keep-alive
Via
1.1 vegur
policy
pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv/filestack/ 		709 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv/filestack/policy
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/p/rRxdIwSsnmv/s/MYcFB4ZknXM?view=YeiltieAVRv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f47763f7e0ba8f8a6493027b939f33cce9a9048bd803ad2049f5be7818ed0bcb

Request headers

Referer
X-Auth0-Token
<anonymous>
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 24 Feb 2022 06:59:40 GMT
Via
1.1 vegur
X-App-Version
v2792
Server
Cowboy
Etag
W/"2c5-+PcSZTTAuL2WL940pPmF0afRBq0"
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pasteapp.com
Access-Control-Expose-Headers
location,x-app-version
Connection
keep-alive
Content-Length
709
policy
pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv/filestack/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pstar-internal-api.fiftythree.com/presentations/rRxdIwSsnmv/filestack/policy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-91-188.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth0-token
Origin
https://pasteapp.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
X-App-Version
v2792
Access-Control-Allow-Origin
https://pasteapp.com
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Headers
authorization,referer,x-requested-with,x-device-token,content-type,x-auth0-token,x-analytics-session-id
Access-Control-Max-Age
300
Access-Control-Expose-Headers
location,x-app-version
Content-Length
0
Date
Thu, 24 Feb 2022 06:59:40 GMT
Via
1.1 vegur
AvenirNext-Bold.woff
fonts.fiftythree.com/avenir-next/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/avenir-next/AvenirNext-Bold.woff
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c2817557c2b5c7e4c604fb9fc53bd080ae63447730ead7f463314771293789a

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:35:16 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
84265
x-cache
Hit from cloudfront
content-length
106564
last-modified
Tue, 07 Apr 2020 17:03:55 GMT
server
AmazonS3
etag
"3eb427fb841800215d96097704e5ddf6"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
o5IiaYN8ALgRvabOyHkYuiJvFsCxhrp7HLg02hben7zxKEuwukeXcg==
AvenirNext-DemiBold.woff
fonts.fiftythree.com/avenir-next/ 		91 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/avenir-next/AvenirNext-DemiBold.woff
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7851278d1fa9aadf6b50a7e0f340985a927888afe06a6f2f8f7ec6733995c0a

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 08:35:52 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
80629
x-cache
Hit from cloudfront
content-length
93460
last-modified
Tue, 07 Apr 2020 17:03:56 GMT
server
AmazonS3
etag
"21b8b38b583a1ebfe5e35b412336189d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
RKaUwb_5UopTm1RO2jORypKbX0gYMbcekPeH8-XQ8uYxdDdsfz3arA==
AvenirNext-Regular.woff
fonts.fiftythree.com/avenir-next/ 		124 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/avenir-next/AvenirNext-Regular.woff
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.9387dd1fe5fc9a4accec.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
488711ae3363789dbdbeebbac2c75a55269356e3d11467cf731df8dd3026119b

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:26:49 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
84772
x-cache
Hit from cloudfront
content-length
127352
last-modified
Tue, 07 Apr 2020 17:04:02 GMT
server
AmazonS3
etag
"bb1d34b713edf9e7d394ce3008728301"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
gAa7sxXBDI_hKbDeEZIwipgZHXIn_yLxZbB3Xt_9WpSwnQdj6LCVWg==

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| NREUM object| newrelic function| __nr_require function| gtag object| dataLayer object| amplitude object| intercomSettings function| Intercom string| releaseVersion string| PASTE_CONFIG string| CSRF_TOKEN string| DEVICE_TOKEN object| libringEventAPI function| embedly object| filepicker object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| fbq function| _fbq function| UET function| UET_init function| UET_push object| ueto_6929019464 object| uetq object| webpackJsonp object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| fiftythree object| gaplugins object| gaGlobal object| gaData function| Mousetrap boolean| isReady function| __intercomAssignLocation

19 Cookies

Domain/Path Name / Value
www.filestackapi.com/dialog/comm_iframe Name:
Value: testcookie
dialog.filestackapi.com/dialog/comm_iframe Name:
Value: testcookie
pasteapp.com/ Name: present_session
Value: eyJjc3JmU2VjcmV0IjoiN0hRYVlMOGppZ2hLQ093cG1Db1JIUVFNIn0=
pasteapp.com/ Name: present_session.sig
Value: dYZgzUOrXYEv6_IDwMFyQ8OOF5M
.adnxs.com/ Name: uuid2
Value: 5754354789459826041
.bing.com/ Name: MUID
Value: 10D60EA3DEB46B3427C41FF6DFDF6AD0
.pasteapp.com/ Name: _fbp
Value: fb.1.1645685978152.1124039354
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GTwtCR'T!]tbP6j2F-XstGt!@DI9$^K)x
.pasteapp.com/ Name: _uetsid
Value: 552e9220953f11ecba7d8584d9df241d
.pasteapp.com/ Name: _uetvid
Value: 552eb180953f11ec82b273d10699f971
.pasteapp.com/ Name: _ga
Value: GA1.2.1623775490.1645685979
.pasteapp.com/ Name: _gid
Value: GA1.2.1512062575.1645685979
.pasteapp.com/ Name: _dc_gtm_UA-11792855-25
Value: 1
.pasteapp.com/ Name: _gat_gtag_UA_30418293_14
Value: 1
auth.wetransfer.com/ Name: did
Value: s%3Av0%3A5559ceb0-953f-11ec-a07c-d31bf728a804.eJUjFU6Y5QH7xPfrllyBMca0jRyFZHjpdS%2Fvn9foW3I
.pasteapp.com/ Name: amplitude_id_0b99d1fe24ad918bbe8568945c86a142pasteapp.com
Value: eyJkZXZpY2VJZCI6IjMxNTQyODlmLTM3ZDgtNGVjMC1hYWE5LTVkYWEyYzQ2ZjMyN1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY0NTY4NTk3NzkwNiwibGFzdEV2ZW50VGltZSI6MTY0NTY4NTk3OTI4MCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.nr-data.net/ Name: JSESSIONID
Value: 89316726a8102d1b
.pasteapp.com/ Name: intercom-id-jgz9nkp3
Value: 5ad020fd-f57c-410a-8fa7-39d951c1b7da
.pasteapp.com/ Name: intercom-session-jgz9nkp3
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.amplitude.com
api.filestackapi.com
auth.wetransfer.com
bam.nr-data.net
bat.bing.com
cdn.amplitude.com
cdn.embedly.com
connect.facebook.net
dialog.filestackapi.com
fonts.fiftythree.com
js-agent.newrelic.com
js.intercomcdn.com
pasteapp.com
pixel.mediaiqdigital.com
pstar-internal-api.fiftythree.com
secure.adnxs.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.filestackapi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.89.50
13.32.99.13
13.32.99.47
151.101.2.137
151.101.66.133
162.247.242.32
18.66.112.55
18.66.139.67
18.66.97.114
185.33.220.244
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0b::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.222.206.6
52.28.36.227
52.38.165.201
54.209.91.188
99.83.219.81
026b9924b5c1eddef3fba628b2f971cf7ababd308cc264cc2945164c87cc1411
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1947b1d40845adcc909cba1dd283933857544e098cab6353cf5d8f6c5a827aaa
19543d1473e6e459a537bfdad802f674696e7082e3d2104cb71e1936610c4d09
19fb6d8c190f47b4203450baf7f2829e1566d3d26cc3d9a985c3705e4e9f4476
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
29a01d27e8e84b8ae0606afc5694e3c92b06d6ee244c240b50e7f0200f823c04
488711ae3363789dbdbeebbac2c75a55269356e3d11467cf731df8dd3026119b
53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492
5b1e99c58e3b1b83fe2dc3ec08edaa3a649cfb805cb3a14a35b1f9aa1dfe266f
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f410fe500a470eda2d1f62a3a576ecb8ea834c8cedfed7fa6c8f2757ec2c6ae
642b297a128754d33415e9c79cbae0f1113c70e0dd46bb48bb15997a0fb9e8a1
6800541f3fa1eb8649d45fb0836aee81202d5ae34de7bd2aadab7cc3950a8422
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4c85bd1f25d4883175dd2b7a01bafd3013745c77f28a831852caff4f29e41d
7c2817557c2b5c7e4c604fb9fc53bd080ae63447730ead7f463314771293789a
802ebfb61c1d04b84671396679f070ba05713bd79e4dd3ab5c7544b91ea41419
81fd2b2cdc54e924fdf18da93b8d51d92929523aa53b7d335e092967bf0bae47
8316bc630bdccc2ee1efe92cb58c54e574916b30a027a3dc1a404bc0213a77a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
979f96e6627414aa6148479256d79b4768886137153689f9743141b853cb20b9
9e16eecb114bb36df2b69c9ce41ca963bed4a810db6bc07f271a076f6f91f495
9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6ee78d1b306af59846ce8d7d12d25ac8782ebeaf595656f166581cc760593e7
a7851278d1fa9aadf6b50a7e0f340985a927888afe06a6f2f8f7ec6733995c0a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b2fa80237501fcd07baf7f6faeede7eedf88da1b99d9644dd043374f95372572
ba22454f2807eba56ca5cc3fbd6f10e4e3a32489c9ff655054a58e04420c0462
d9e83f52542f886a03a717e814c7b5a347107d0901c23b62ff26eba6c2bcfc3a
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47763f7e0ba8f8a6493027b939f33cce9a9048bd803ad2049f5be7818ed0bcb
f69a61105c068bac2ce5586866c0a9a692300c46dd5dee18ad9196ef7c9cba21
f924dec24ab2a814e41adeddb24961c987f57d956c258774984bb2443ba1267c