pasteapp.com Open in urlscan Pro
99.86.3.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Submission: On March 23 via manual (March 23rd 2020, 8:51:56 pm UTC) from US

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 46 HTTP transactions. The main IP is 99.86.3.16, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is pasteapp.com.
TLS certificate: Issued by Amazon on November 18th 2019. Valid for: a year.

This is the only time pasteapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	99.86.3.16 99.86.3.16	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	104.16.90.50 104.16.90.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.208.215 143.204.208.215	16509 (AMAZON-02) (AMAZON-02)
3	151.101.113.177 151.101.113.177	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	54.244.33.223 54.244.33.223	16509 (AMAZON-02) (AMAZON-02)
2 4	52.1.17.102 52.1.17.102	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1 1	99.86.3.113 99.86.3.113	16509 (AMAZON-02) (AMAZON-02)
5	99.86.3.118 99.86.3.118	16509 (AMAZON-02) (AMAZON-02)
1	34.206.192.183 34.206.192.183	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.84.106 34.202.84.106	14618 (AMAZON-AES) (AMAZON-AES)
4	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
5	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
2	99.86.3.29 99.86.3.29	16509 (AMAZON-02) (AMAZON-02)
1	13.227.198.78 13.227.198.78	16509 (AMAZON-02) (AMAZON-02)
46	20

5 99.86.3.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-16.fra6.r.cloudfront.net

pasteapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.90.50 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.215 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-215.fra53.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.177 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
process.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.244.33.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-33-223.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.1.17.102 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-17-102.compute-1.amazonaws.com

pstar-internal-api.fiftythree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.113 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-113.fra6.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.3.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-118.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.192.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-192-183.compute-1.amazonaws.com

dialog.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.84.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-84-106.compute-1.amazonaws.com

www.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.3.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-29.fra6.r.cloudfront.net

fonts.fiftythree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.198.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-198-78.ams54.r.cloudfront.net

studio-paste-cdn.fiftythree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fiftythree.com 2 redirects pstar-internal-api.fiftythree.com fonts.fiftythree.com studio-paste-cdn.fiftythree.com	221 KB
6	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	5 KB
5	intercomcdn.com js.intercomcdn.com	205 KB
5	filestackapi.com api.filestackapi.com dialog.filestackapi.com www.filestackapi.com process.filestackapi.com	998 KB
5	pasteapp.com pasteapp.com	1 MB
4	nr-data.net bam.nr-data.net	788 B
4	googletagmanager.com www.googletagmanager.com	52 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	amplitude.com cdn.amplitude.com api.amplitude.com	18 KB
2	facebook.com www.facebook.com	395 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net	264 B
2	facebook.net connect.facebook.net	143 KB
1	newrelic.com js-agent.newrelic.com	14 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	182 B
1	embedly.com cdn.embedly.com	22 KB
46	16

	Domain	Requested by
5	api-iam.intercom.io	js.intercomcdn.com
5	js.intercomcdn.com	js.intercomcdn.com
5	pasteapp.com	pasteapp.com
4	bam.nr-data.net	pasteapp.com
4	pstar-internal-api.fiftythree.com	2 redirects pasteapp.com
4	www.googletagmanager.com	pasteapp.com
3	www.google-analytics.com	1 redirects pasteapp.com
2	process.filestackapi.com
2	fonts.fiftythree.com	pasteapp.com
2	api.amplitude.com	pasteapp.com
2	www.facebook.com	pasteapp.com
2	stats.g.doubleclick.net	1 redirects pasteapp.com
2	connect.facebook.net	pasteapp.com
1	studio-paste-cdn.fiftythree.com
1	www.filestackapi.com	pasteapp.com
1	dialog.filestackapi.com	pasteapp.com
1	widget.intercom.io	1 redirects
1	js-agent.newrelic.com	pasteapp.com
1	www.google.de	pasteapp.com
1	www.google.com	1 redirects
1	api.filestackapi.com	pasteapp.com
1	cdn.amplitude.com	pasteapp.com
1	cdn.embedly.com	pasteapp.com
46	23

This site contains no links.

Subject Issuer	Validity	Valid
pasteapp.com Amazon	`2019-11-18` - `2020-12-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-11` - `2021-09-16`	2 years	crt.sh
cdn.amplitude.com Amazon	`2019-12-16` - `2021-01-16`	a year	crt.sh
l.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-04-13` - `2020-06-11`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
mix-internal-api.fiftythree.com Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-17` - `2021-03-18`	a year	crt.sh
*.intercomcdn.com Amazon	`2019-04-27` - `2020-05-27`	a year	crt.sh
*.filestackapi.com COMODO RSA Domain Validation Secure Server CA	`2018-10-18` - `2020-12-11`	2 years	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.intercom.com Amazon	`2019-06-11` - `2020-07-11`	a year	crt.sh
fiftythree.com Amazon	`2019-11-11` - `2020-12-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Frame ID: 5F276AC9D37F0D352653D3161E93C9A0
Requests: 35 HTTP requests in this frame

Frame: https://dialog.filestackapi.com/dialog/comm_iframe/
Frame ID: B53662D282100B83C4BDD47B665FE165
Requests: 1 HTTP requests in this frame

Frame: https://www.filestackapi.com/dialog/comm_iframe/
Frame ID: 4B6D13E7200B61F4FCD03D7992AE342D
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Frame ID: 169641A6BC455EDE59F2868DE5EFC538
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

46
Requests

100 %
HTTPS

32 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

3040 kB
Transfer

8530 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1617997895&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2Fp%2F90WNYuWeUWD%2Fs%2FdnWFJuclDlE%3Fview%3DwDKX7aBewOw&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACUABB~&jid=138272440&gjid=1879391792&cid=1882595714.1584996699&tid=UA-30418293-14&_gid=876744181.1584996699&_r=1&gtm=2ou3b2&z=1355239467 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30418293-14&cid=1882595714.1584996699&jid=138272440&_gid=876744181.1584996699&gjid=1879391792&_v=j81&z=1355239467

Request Chain 13

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&gjid=565129416&_gid=876744181.1584996699&_u=YGDAiUABB~&z=1338118839 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839&slf_rd=1&random=2148581751

Request Chain 21

https://widget.intercom.io/widget/jgz9nkp3 HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 40

https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/process/CM5EERHASkKv8gsKWgux?policy=eyJleHBpcnkiOjE1ODUwMDc1MDEsImNhbGwiOlsicmVhZCIsInN0YXQiLCJjb252ZXJ0Il0sImNvbnRhaW5lciI6InByb2R1Y3Rpb24tcHJlc2VudC1ibG9icyIsInBhdGgiOiJwcmVzZW50YXRpb25zLzkwV05ZdVdlVVdEL2ZpbGVzdGFjay8iLCJtYXhTaXplIjo1MzY4NzA5MTIwfQ==&signature=c586e4b11be181d84555d92be0e86281bf29f0e97134785944f7c03611a42974&tasks=resize%3Dheight%3A362%2Fcache%3Dexpiry%3Amax%2Fcompress HTTP 307
https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJDTTVFRVJIQVNrS3Y4Z3NLV2d1eCJ9,signature:8ca54b948cee2c30df8ac0852fc0f50ef6ce45370c6a7b207e3c84e0af3b0d29/resize=height:362/cache=expiry:max/compress/CM5EERHASkKv8gsKWgux

Request Chain 41

https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/process/KevbMXNCTL2qzatnY00k?policy=eyJleHBpcnkiOjE1ODUwMDc1MDEsImNhbGwiOlsicmVhZCIsInN0YXQiLCJjb252ZXJ0Il0sImNvbnRhaW5lciI6InByb2R1Y3Rpb24tcHJlc2VudC1ibG9icyIsInBhdGgiOiJwcmVzZW50YXRpb25zLzkwV05ZdVdlVVdEL2ZpbGVzdGFjay8iLCJtYXhTaXplIjo1MzY4NzA5MTIwfQ==&signature=c586e4b11be181d84555d92be0e86281bf29f0e97134785944f7c03611a42974&tasks=resize%3Dheight%3A972%2Fcache%3Dexpiry%3Amax%2Fcompress HTTP 307
https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJLZXZiTVhOQ1RMMnF6YXRuWTAwayJ9,signature:f79b83878bb227589f04412a05df33cee1b8c68a7f471a557c85fb138d8b45a2/resize=height:972/cache=expiry:max/compress/KevbMXNCTL2qzatnY00k

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set dnWFJuclDlE Show response
pasteapp.com/p/90WNYuWeUWD/s/ 676 KB
118 KB 926ms
856ms Document
text/html 99.86.3.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.16 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-16.fra6.r.cloudfront.net

Software

Cowboy /

Resource Hash

0f4cba43d13fba87424da0f35b9bfbdeca38375ff9872a8d193734a9224bddb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: pasteapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Cowboy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-Download-Options: noopen
X-Xss-Protection: 1; mode=block
X-App-Version: v1385
X-Request-Id: 0f567bfa-1cf8-454d-b435-5bbd1e804a89
Cache-Control: private
ETag: W/"a8fa1-oislkUOppF+9mjSSCBI24RnTj1s"
Set-Cookie: present_session=eyJjc3JmU2VjcmV0IjoiVVJsTDh6b01vM19CQTVVSDBzSWZqVjhZIn0=; path=/; expires=Mon, 29 Mar 2021 20:51:38 GMT; secure; httponly present_session.sig=3HkLa95J9rt2LD1iqhK_YMiNAvg; path=/; expires=Mon, 29 Mar 2021 20:51:38 GMT; secure; httponly
Content-Encoding: gzip
Date: Mon, 23 Mar 2020 20:51:38 GMT
Via: 1.1 vegur, 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: BphgP8OWnBqUPhMh-cIfvyd2ngJLeD2E7kSITbXU9tE8FTAYz0w_bA==

GET
H/1.1 200
OK app.239524fe10f5bb1e5a6a.css
pasteapp.com/styles/ 79 KB
13 KB 406ms
388ms Stylesheet
text/css 99.86.3.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pasteapp.com/styles/app.239524fe10f5bb1e5a6a.css

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.16 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-16.fra6.r.cloudfront.net

Software

Cowboy /

Resource Hash

ae69a1f47832ec1d40b610de157db9d1180c8772bcceacb4a79da520ea2a20b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=86400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: cc1262fc-017b-4a75-881b-dd36c9c59d8f
X-App-Version: v1385
Last-Modified: Mon, 23 Mar 2020 10:38:54 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Mon, 23 Mar 2020 20:51:39 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur, 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
ETag: W/"13a93-17106f94e30"
Accept-Ranges: bytes
X-Amz-Cf-Id: k13VND7V1TzsjyyS6YMZlwlj8WJFhSmj47vUbCR92sIMDx5Tnu-wdw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-30418293-15

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13fad1e60ab456df878c9de01e367d99b6a226b81a2920d25875fecf02235790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 20:51:39 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28650
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 19:46:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Mar 2020 20:51:39 GMT

GET
H/1.1 200
OK platform.js Show response
cdn.embedly.com/widgets/ 71 KB
22 KB 86ms
31ms Script
application/javascript 104.16.90.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/platform.js
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.90.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 20:51:39 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: ECC8C6759B4C9128
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
x-amz-id-2: AqtpxbhmQnXqsrmKjSkT37ERtX7v73/Tv24kRnnpqOtey5beOF2sDgaTdPOF7R/Kkcz4MHmAeDI=
Last-Modified: Thu, 23 Jan 2020 20:56:31 GMT
Server: cloudflare
ETag: W/"fafe8010d7f162a8122738ef88644e77"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
x-amz-version-id: M4_NQYOkFvYl0EHhUxDwAV5hlmW9kpy6
Cache-Control: public, max-age=300
CF-RAY: 578b0819b93abf46-AMS
Expires: Mon, 23 Mar 2020 20:56:39 GMT

GET
H/1.1 200
OK vendor.04bc460c22d3240d64e3.js Show response
pasteapp.com/scripts/ 3 MB
822 KB 581ms
578ms Script
application/javascript 99.86.3.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pasteapp.com/scripts/vendor.04bc460c22d3240d64e3.js

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.16 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-16.fra6.r.cloudfront.net

Software

Cowboy /

Resource Hash

1ef259f8e6a92d34906548717ca06a63a50239b777c0e6855494230d596a1725

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=86400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: 1cbb1d4d-9540-4c10-9e65-06a3f7ae4a6a
X-App-Version: v1385
Last-Modified: Mon, 23 Mar 2020 10:38:54 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Mon, 23 Mar 2020 20:51:39 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur, 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
ETag: W/"32956d-17106f94e30"
Accept-Ranges: bytes
X-Amz-Cf-Id: mdY7UTiYHXnreDN4YV8AtNkvJAZwtyRK281RP7aSoIBSqz231_5Myg==

GET
H/1.1 200
OK polyfill.f12587c33e75921a6368.js Show response
pasteapp.com/scripts/ 2 KB
2 KB 405ms
387ms Script
application/javascript 99.86.3.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pasteapp.com/scripts/polyfill.f12587c33e75921a6368.js

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.16 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-16.fra6.r.cloudfront.net

Software

Cowboy /

Resource Hash

3fde30368f4b6ace44e5de07c7a44f3dc131e553fc635e52763130249f7ecf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=86400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: a7271788-d788-4f0d-a32c-8ca9999598fd
X-App-Version: v1385
Last-Modified: Mon, 23 Mar 2020 10:38:54 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Mon, 23 Mar 2020 20:51:39 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur, 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
ETag: W/"61f-17106f94e30"
Accept-Ranges: bytes
X-Amz-Cf-Id: JtK0nbMcT1yCS3uAqCChOIacB3AdB8Yw4qopGNv2iXzGoPxTa3rGqA==

GET
H/1.1 200
OK app.7d96fa1baf6ef9ffe68d.js Show response
pasteapp.com/scripts/ 2 MB
389 KB 521ms
501ms Script
application/javascript 99.86.3.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pasteapp.com/scripts/app.7d96fa1baf6ef9ffe68d.js

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.86.3.16 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-16.fra6.r.cloudfront.net

Software

Cowboy /

Resource Hash

4f8b3f1a4e517e21c6ae92694e3ed99dd6a6635f8aa12bcef317821b3b2e609a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=86400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA6-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-Id: e29afbf6-4aaf-4b2e-9f3e-e5a82e002978
X-App-Version: v1385
Last-Modified: Mon, 23 Mar 2020 10:38:54 GMT
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Date: Mon, 23 Mar 2020 20:51:39 GMT
X-Download-Options: noopen
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur, 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
ETag: W/"1a08b5-17106f94e30"
Accept-Ranges: bytes
X-Amz-Cf-Id: TsPaGMhuBwLD2GeR6hSvaKN-VAxJWo6-PrP4EZkf3uDBfJZ4XCN7Dg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
24 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MXNZVGZ

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8277e23e43c3da2226f46a38dea9fa3e766551606443e581a7e0069a9fa91e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 20:51:39 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24317
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 19:46:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Mar 2020 20:51:39 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 30ms
13ms Script
application/javascript 143.204.208.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.215 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-215.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Origin: https://pasteapp.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 00:03:17 GMT
content-encoding: gzip
age: 74903
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 17889
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BNXXMJcSW1DpAGdD6daZf8wMqdQ1XXQyoofrWS7E0ZoaoBAwHDaZZg==

GET
H2 200 filestack.js Show response
api.filestackapi.com/ 66 KB
21 KB 62ms
10ms Script
application/javascript 151.101.113.177
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.filestackapi.com/filestack.js
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.177 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 20:51:39 GMT
content-encoding: gzip
age: 126792
x-cache: HIT
status: 200
content-length: 21025
x-amz-id-2: sCBsoM6mvdBlverjEXqBMODhBFxRKCVUtS34zy+qjXqIO0vIYksKHtBkX8Re6aY1Blh90Ij3mSc=
x-served-by: cache-hhn4021-HHN
last-modified: Wed, 05 Feb 2020 09:37:22 GMT
server: AmazonS3
x-timer: S1584996699.481591,VS0,VE0
etag: "e907365d304fff6d1a662335ce6bb88f"
vary: Accept-Encoding
x-amz-request-id: C0612432E997D1F8
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1262

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 784
date: Mon, 23 Mar 2020 20:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 23 Mar 2020 22:38:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: DL34+how+VcgnrT8uaHFZ2S/KBtrKNvbUfzWOBpbxMb2pTs7P/pwM+tOEmVPUq1turnaBc1ZKan945xtb07M5g==
x-fb-trip-id: 420120009
date: Mon, 23 Mar 2020 20:51:39 GMT, Mon, 23 Mar 2020 20:51:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1617997895&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2Fp%2F90WNYuWeUWD%2Fs%2FdnWFJuclDlE%3Fview%3DwDKX7aBewOw&ul=en-us&de=UTF-8&dt=Paste%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30418293-14&cid=1882595714.1584996699&jid=138272440&_gid=876744181.1584996699&gjid=1879391792&_v=j81&z=1355239467

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30418293-14&cid=1882595714.1584996699&jid=138272440&_gid=876744181.1584996699&gjid=1879391792&_v=j81&z=1355239467

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 23 Mar 2020 20:51:39 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 20:51:39 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30418293-14&cid=1882595714.1584996699&jid=138272440&_gid=876744181.1584996699&gjid=1879391792&_v=j81&z=1355239467
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1617997895&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2Fp%2F90WNYuWeUWD%2Fs%2FdnWFJuclDlE%3Fview%3DwDKX7aBewOw&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiUABB~&jid=899893659&gjid=565129416&cid=1882595714.1584996699&tid=UA-11792855-25&_gid=876744181.1584996699&gtm=2wg3b2MXNZVGZ&z=745888758

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 23:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2409016
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&gjid=565129416&_gid=876744181.1584996699&_u=YGDAiUABB~&z=1338118839
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839&slf_rd=1&random=2148581751

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839&slf_rd=1&random=2148581751

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 20:51:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Mar 2020 20:51:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-11792855-25&cid=1882595714.1584996699&jid=899893659&_v=j81&z=1338118839&slf_rd=1&random=2148581751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1233943480101647 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1233943480101647?v=2.9.15&r=stable

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2bd60de7442230c92c4140e0920e43f9ac89f75a7f49b474da962edd1e1c718

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 114963
x-xss-protection: 0
pragma: public
x-fb-debug: /oePGqzfmUO52n/KHPR+C2k458w8w1oMFcDqol51mpvZ5ex2coJZL5//SUPHUZsxxgYyNpfZ1JDQmH/8phuD8g==
x-fb-trip-id: 420120009
date: Mon, 23 Mar 2020 20:51:39 GMT, Mon, 23 Mar 2020 20:51:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233943480101647&ev=PageView&dl=https%3A%2F%2Fpasteapp.com%2Fp%2F90WNYuWeUWD%2Fs%2FdnWFJuclDlE%3Fview%3DwDKX7aBewOw&rl=&if=false&ts=1584996699524&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1584996699523.1923321333&it=1584996699489&coo=false&rqm=GET

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 20:51:39 GMT, Mon, 23 Mar 2020 20:51:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 23 Mar 2020 20:51:39 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
130 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-MXNZVGZ&cv=14&v=3&t=t&pid=941283994&rv=3b2&es=1&e=gtm.js&eid=4&tc=14&tr=1ua.1cl.1lcl.1lcl.1lcl.1cl.1cl.1cl.1html.5html.5cl.5lcl.5lcl.5lcl.5cl.5cl.5cl.5ua&ti=1ua.1cl.1lcl.1lcl.1lcl.1cl.1cl.1cl.1html.1html.1cl.1lcl.1lcl.1lcl.1cl.1cl.1cl.1ua&z=0

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 20:51:39 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233943480101647&ev=Microdata&dl=https%3A%2F%2Fpasteapp.com%2Fp%2F90WNYuWeUWD%2Fs%2FdnWFJuclDlE%3Fview%3DwDKX7aBewOw&rl=&if=false&ts=1584996700027&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paste%20by%20WeTransfer%22%2C%22meta%3Akeywords%22%3A%22presentation%2Cdeck%2Ccollaborate%2Cteam%2Cbrainstorm%2Cstoryboard%2Cslide%2Cpdf%2Cpowerpoint%2Ckeynote%2Cslack%2Cwork%2Creport%2Ccreative%2Cproductivity%2Cbusiness%22%2C%22meta%3Adescription%22%3A%22Fast%2C%20collaborative%20presentations%20for%20creative%20teams.%20Share%20your%20work%20in%20realtime%20and%20collaborate%20with%20reactions%2C%20comments%2C%20and%20Slack%20integration.%20Embed%20files%2C%20links%2C%20and%20docs%20for%20strategy%20decks%2C%20design%20handoffs%2C%20brainstorms%2C%20research%20gathering.%20Integrates%20with%20Giphy%2C%20Figma%2C%20Dropbox%2C%20Google%20Docs%2C%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Managing%20Clinical%20Resources%22%2C%22og%3Adescription%22%3A%22View%20Managing%20Clinical%20Resources%20on%20Paste%20by%20WeTransfer%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpstar-internal-api.fiftythree.com%2Fpresentations%2F90WNYuWeUWD%2Fthumbnail%3FviewToken%3DwDKX7aBewOw%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1584996699523.1923321333&it=1584996699489&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 20:51:40 GMT, Mon, 23 Mar 2020 20:51:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 23 Mar 2020 20:51:40 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 671ms
252ms XHR
text/html 54.244.33.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.33.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-33-223.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Mon, 23 Mar 2020 20:51:40 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H/1.1 204
No Content policy Show response
pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/ 0
493 B 369ms
123ms XHR
text/plain 52.1.17.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/policy
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.17.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-17-102.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-device-token

Response headers

Date: Mon, 23 Mar 2020 20:51:40 GMT
Via: 1.1 vegur
X-App-Version: v2617
Server: Cowboy
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,PATCH,DELETE
Access-Control-Allow-Origin: https://pasteapp.com
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: authorization,referer,x-requested-with,x-device-token,content-type,x-analytics-session-id
Content-Length: 0
Access-Control-Expose-Headers: location,x-app-version

GET
H2 200 nr-spa-1167.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 44ms
14ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1167.min.js
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33724c06ccbe331cd5b05f949e06fe180f3472e1b9fa150f0c58803b5e63a99d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 20:51:40 GMT
content-encoding: gzip
x-amz-request-id: 5E5FAF5AAB59D2B3
x-cache: HIT
status: 200
content-length: 13893
x-amz-id-2: Hz71/5jHq+Mt5AOLPBWJC3qvnZQ/brf2Qq/ocj+wxLRg9/pt9xXM77WWhMvcfgc6fa7TvR/C1hM=
x-served-by: cache-hhn4045-HHN
last-modified: Fri, 07 Feb 2020 23:39:57 GMT
server: AmazonS3
x-timer: S1584996700.436372,VS0,VE0
etag: "85cffa0ca71f4cc2b7455585c9a4c43d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 127

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/jgz9nkp3
https://js.intercomcdn.com/shim.latest.js

7 KB
3 KB

43ms
13ms

Script
application/javascript

99.86.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48ca267bac892e8a4a5879bb8a7ef7e5ec67673b0975eadec0b9df36a9ae22cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 20:49:36 GMT
content-encoding: gzip
age: 125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2830
last-modified: Mon, 23 Mar 2020 19:54:27 GMT
server: AmazonS3
etag: "72bf0d578cafaf37f683a6d80ddd1a4a"
content-type: application/javascript; charset=UTF-8
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: xuDTcmHpuvnA6LLJcJ5IpELV1anLY8e_k8vj4rZ0C8UKz-gnlDYQjw==

Redirect headers

date: Mon, 09 Mar 2020 12:18:41 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: AmazonS3
age: 1240380
location: https://js.intercomcdn.com/shim.latest.js
x-cache: Hit from cloudfront
status: 302
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: PphY4JoDUOyj1v6fOZCSxw4aZxajyrvrVgcbuFsn-FbZIlsqFyiDJw==

GET
H/1.1 200
OK /
dialog.filestackapi.com/dialog/comm_iframe/ Frame B536 0
0 461ms
124ms Document
text/html 34.206.192.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dialog.filestackapi.com/dialog/comm_iframe/
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.192.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-192-183.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: dialog.filestackapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Server: nginx
Date: Mon, 23 Mar 2020 20:51:40 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 04 Feb 2020 09:45:58 GMT
Transfer-Encoding: chunked
ETag: W/"5e393d56-815"
P3P: CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.filestackapi.com/dialog/comm_iframe/ Frame 4B6D 0
0 443ms
122ms Document
text/html 34.202.84.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.filestackapi.com/dialog/comm_iframe/
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.84.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-84-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: www.filestackapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

Server: nginx
Date: Mon, 23 Mar 2020 20:51:40 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 04 Feb 2020 09:37:11 GMT
Transfer-Encoding: chunked
ETag: W/"5e393b47-815"
P3P: CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

GET
H2 204 a
www.googletagmanager.com/ 0
56 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-MXNZVGZ&cv=14&v=3&t=t&pid=941283994&rv=3b2&es=1&e=gtm.dom&eid=6&tc=14&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 23 Mar 2020 20:51:40 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 378e1eac2f Show response
bam.nr-data.net/1/ 57 B
275 B 108ms
108ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/378e1eac2f?a=21782324&v=1167.2a4546b&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YEhsDB1JWDm1gfCEeRE0OSg9eUQB0WlYEXX4G&rst=2569&ref=https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE&qt=9&ap=351.365217&be=1024&fe=2509&dc=2508&tt=2e53cc0b5e6d2e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1584996697889,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:25,%22c%22:25,%22s%22:31,%22ce%22:70,%22rq%22:70,%22rp%22:927,%22rpe%22:1188,%22dl%22:929,%22di%22:2508,%22ds%22:2508,%22de%22:2508,%22dc%22:2509,%22l%22:2509,%22le%22:2512%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 frame-modern.3c0969b1.js Show response
js.intercomcdn.com/ Frame 1696 196 KB
55 KB 15ms
15ms Script
application/javascript 99.86.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f8e958c199f11a1955b997c110ed162d21ba8f6757d99ff3af2024186ce0780

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 19:54:31 GMT
content-encoding: gzip
age: 3429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 55623
last-modified: Mon, 23 Mar 2020 19:48:01 GMT
server: AmazonS3
etag: "3c9a15bb453514efb2105d6b66103683"
content-type: application/javascript; charset=UTF-8
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 3nBF7QKhB1YvpCHHqKfcrQJCCYsaFDEx18xQC0pExTyTuYy6XsapmQ==

GET
H2 200 vendor-modern.b44097f3.js Show response
js.intercomcdn.com/ Frame 1696 153 KB
46 KB 33ms
33ms Script
application/javascript 99.86.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.b44097f3.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 19:09:23 GMT
content-encoding: gzip
age: 6139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 46566
last-modified: Tue, 10 Mar 2020 11:03:49 GMT
server: AmazonS3
etag: "badc3f3a05921b12bad394d1096f9168"
content-type: application/javascript; charset=UTF-8
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: pCDYTu4LyJRxgvHSV4j6ZIl8k0qRotToklGy84xgMt61Z28fH_ECtg==

GET
H2 200 vendors~app-modern.cbcf51d6.js Show response
js.intercomcdn.com/ Frame 1696 264 KB
82 KB 13ms
13ms Script
application/javascript 99.86.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.cbcf51d6.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 19:09:21 GMT
content-encoding: gzip
age: 6139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 83198
last-modified: Tue, 10 Mar 2020 11:03:49 GMT
server: AmazonS3
etag: "3cb267cc1afb2cb8e5d00ec53cf1ea70"
content-type: application/javascript; charset=UTF-8
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: mZDHrY7x9745LtV7aQh1lD4jgl6z2Q4vYgAHYfBqLAkSqdUTweDqIA==

GET
H2 200 app-modern.a19adab9.js Show response
js.intercomcdn.com/ Frame 1696 65 KB
19 KB 19ms
19ms Script
application/javascript 99.86.3.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.a19adab9.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-118.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 23 Mar 2020 19:09:22 GMT
content-encoding: gzip
age: 6139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 19057
last-modified: Tue, 10 Mar 2020 11:03:48 GMT
server: AmazonS3
etag: "d94f62cee712bbc1ecde963e220e4bd8"
content-type: application/javascript; charset=UTF-8
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: mNGX-ufVOqlBj1jVJaA2jvQo_GzGHN-QaxChi9aYCpQsOar8Wv4tJg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 1696 4 KB
2 KB 568ms
372ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c9be0006c7722d84d21bf08087d627d93774551c16eb3b24f448c26040d9f027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Mar 2020 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000bb65oumjtqr14ncd0
x-runtime: 0.250307
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c9be0006c7722d84d21bf08087d627d9"
x-ratelimit-remaining: 19992
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pasteapp.com
x-intercom-version: d81a93c6161579d3b5fbdf8c36963c5b85075eda
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1584996720
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

POST
H/1.1 200
OK 378e1eac2f Show response
bam.nr-data.net/resources/1/ 0
155 B 106ms
106ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/378e1eac2f?a=21782324&v=1167.2a4546b&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YEhsDB1JWDm1gfCEeRE0OSg9eUQB0WlYEXX4G&rst=2680&ref=https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE&st=1584996697889
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://pasteapp.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK policy Show response
pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/ 668 B
1 KB 131ms
131ms XHR
application/json 52.1.17.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/policy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.17.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-17-102.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 80ad6397dbe0a96e80387e19ea28470a9307705c07ace19241a6d15fe83c56e4

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Device-Token: <anonymous>

Response headers

Date: Mon, 23 Mar 2020 20:51:40 GMT
Via: 1.1 vegur
X-App-Version: v2617
Server: Cowboy
Etag: W/"29c-z+oPDlL60LyDx2E7IMUYd2d5iKc"
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pasteapp.com
Access-Control-Expose-Headers: location,x-app-version
Connection: keep-alive
Content-Length: 668

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 309ms
309ms XHR
text/html 54.244.33.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.33.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-33-223.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Mon, 23 Mar 2020 20:51:41 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 1696 0
573 B 173ms
173ms XHR
text/html 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Mar 2020 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000asckji1u98eli1tc0
x-runtime: 0.039461
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 19953
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://pasteapp.com
x-intercom-version: d81a93c6161579d3b5fbdf8c36963c5b85075eda
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1584996720
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 1696 0
574 B 216ms
216ms XHR
text/html 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Mar 2020 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0008bh7n80qns63l77u0
x-runtime: 0.097596
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 19954
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://pasteapp.com
x-intercom-version: d81a93c6161579d3b5fbdf8c36963c5b85075eda
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1584996720
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 1696 0
574 B 411ms
411ms XHR
text/html 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Mar 2020 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000bb68rrrksmethflpg
x-runtime: 0.289069
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 19953
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://pasteapp.com
x-intercom-version: d81a93c6161579d3b5fbdf8c36963c5b85075eda
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1584996720
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 1696 0
573 B 187ms
187ms XHR
text/html 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Mar 2020 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0005d5mis80sfjas1rag
x-runtime: 0.063794
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 19955
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://pasteapp.com
x-intercom-version: d81a93c6161579d3b5fbdf8c36963c5b85075eda
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1584996720
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

GET
H2 200 AvenirNext-Regular.woff
fonts.fiftythree.com/avenir-next/ 124 KB
125 KB 55ms
18ms Font
application/font-woff 99.86.3.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.fiftythree.com/avenir-next/AvenirNext-Regular.woff
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/scripts/app.7d96fa1baf6ef9ffe68d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 488711ae3363789dbdbeebbac2c75a55269356e3d11467cf731df8dd3026119b

Request headers

Referer: https://pasteapp.com/styles/app.239524fe10f5bb1e5a6a.css
Origin: https://pasteapp.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 10:47:34 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
age: 36248
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 127352
last-modified: Fri, 30 Mar 2018 20:25:21 GMT
server: AmazonS3
etag: "bb1d34b713edf9e7d394ce3008728301"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: Iv95m0OjPWmyKsBpTbm6mMLNGZttnmXwdte3GaHwv0Zm2wtzdBEKcA==

GET
H2 200 AvenirNext-DemiBold.woff
fonts.fiftythree.com/avenir-next/ 91 KB
92 KB 56ms
19ms Font
application/font-woff 99.86.3.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.fiftythree.com/avenir-next/AvenirNext-DemiBold.woff
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/scripts/app.7d96fa1baf6ef9ffe68d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.3.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7851278d1fa9aadf6b50a7e0f340985a927888afe06a6f2f8f7ec6733995c0a

Request headers

Referer: https://pasteapp.com/styles/app.239524fe10f5bb1e5a6a.css
Origin: https://pasteapp.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 19:08:33 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
age: 6189
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 93460
last-modified: Fri, 30 Mar 2018 20:25:21 GMT
server: AmazonS3
etag: "21b8b38b583a1ebfe5e35b412336189d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: wk4dsOpNN29tpU6z5_OPfdVnEgeBaLP7BTBUjnJf3uOBHoGD5DXlYA==

GET
H2

200

CM5EERHASkKv8gsKWgux
process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJDTTVFRVJIQVNrS3Y4Z3NLV2d1eCJ9,signature:8ca54b948cee2c30df8ac0852f...
Redirect Chain

https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/process/CM5EERHASkKv8gsKWgux?policy=eyJleHBpcnkiOjE1ODUwMDc1MDEsImNhbGwiOlsicmVhZCIsInN0YXQiLCJjb252ZXJ0Il0sImNvbnRhaW5...
https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJDTTVFRVJIQVNrS3Y4Z3NLV2d1eCJ9,signature:8ca54b948cee2c30df...

311 KB
312 KB

114ms
109ms

Image
image/png

151.101.113.177
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJDTTVFRVJIQVNrS3Y4Z3NLV2d1eCJ9,signature:8ca54b948cee2c30df8ac0852fc0f50ef6ce45370c6a7b207e3c84e0af3b0d29/resize=height:362/cache=expiry:max/compress/CM5EERHASkKv8gsKWgux
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.177 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8b68cd86e6b913cc1cc8ce20cb2da3227f3f272176ea7d484cf4ac7ae865032

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 20:51:42 GMT
originfetch: HIT
etag: "29c9968e7f867f9b9ab9398ab84a4e58"
age: 350614
x-cache: HIT, MISS
status: 200
content-disposition: inline; filename="Screen Shot 2020-03-06 at 8.32.58 AM.png"
content-length: 318389
x-served-by: cache-bwi5142-BWI, cache-hhn4021-HHN
access-control-allow-origin: *
last-modified: Thu, 19 Mar 2020 19:28:09 GMT
server: nginx
x-timer: S1584996702.092169,VS0,VE88
x-file-name: Screen Shot 2020-03-06 at 8.32.58 AM.png
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/png
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
filestack-trace-id: 1584646086-D3XgIKiSWe
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 1, 0

Redirect headers

Date: Mon, 23 Mar 2020 20:51:42 GMT
Via: 1.1 vegur
X-App-Version: v2617
Server: Cowboy
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Location: https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJDTTVFRVJIQVNrS3Y4Z3NLV2d1eCJ9,signature:8ca54b948cee2c30df8ac0852fc0f50ef6ce45370c6a7b207e3c84e0af3b0d29/resize=height:362/cache=expiry:max/compress/CM5EERHASkKv8gsKWgux
Connection: keep-alive
Content-Length: 343

GET
H2

200

KevbMXNCTL2qzatnY00k
process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJLZXZiTVhOQ1RMMnF6YXRuWTAwayJ9,signature:f79b83878bb227589f04412a05...
Redirect Chain

https://pstar-internal-api.fiftythree.com/presentations/90WNYuWeUWD/filestack/process/KevbMXNCTL2qzatnY00k?policy=eyJleHBpcnkiOjE1ODUwMDc1MDEsImNhbGwiOlsicmVhZCIsInN0YXQiLCJjb252ZXJ0Il0sImNvbnRhaW5...
https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJLZXZiTVhOQ1RMMnF6YXRuWTAwayJ9,signature:f79b83878bb227589f...

665 KB
665 KB

217ms
215ms

Image
image/png

151.101.113.177
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJLZXZiTVhOQ1RMMnF6YXRuWTAwayJ9,signature:f79b83878bb227589f04412a05df33cee1b8c68a7f471a557c85fb138d8b45a2/resize=height:972/cache=expiry:max/compress/KevbMXNCTL2qzatnY00k
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.177 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd62d13700ad30a29141cc212fa750cd2abbcad0264acf2ec79d31a424b099e7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Mar 2020 20:51:42 GMT
originfetch: HIT
etag: "c84a756e2a08816a8e77a1ad93681d68"
age: 104439
x-cache: HIT, MISS
status: 200
content-disposition: inline; filename="Screen Shot 2020-03-19 at 12.08.20 PM.png"
content-length: 680671
x-served-by: cache-bwi5145-BWI, cache-hhn4021-HHN
access-control-allow-origin: *
last-modified: Sun, 22 Mar 2020 15:51:03 GMT
server: nginx
x-timer: S1584996702.108658,VS0,VE88
x-file-name: Screen Shot 2020-03-19 at 12.08.20 PM.png
access-control-max-age: 21600
access-control-allow-methods: GET, POST
content-type: image/png
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
filestack-trace-id: 1584892256-68fVMJyxRW
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 1, 0

Redirect headers

Date: Mon, 23 Mar 2020 20:51:42 GMT
Via: 1.1 vegur
X-App-Version: v2617
Server: Cowboy
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8
Location: https://process.filestackapi.com/ANs5GzckSsCNgMQMn0daCz/security=policy:eyJleHBpcnkiOjIxMTQzODA4MDAsImNhbGwiOlsiY29udmVydCJdLCJoYW5kbGUiOiJLZXZiTVhOQ1RMMnF6YXRuWTAwayJ9,signature:f79b83878bb227589f04412a05df33cee1b8c68a7f471a557c85fb138d8b45a2/resize=height:972/cache=expiry:max/compress/KevbMXNCTL2qzatnY00k
Connection: keep-alive
Content-Length: 343

GET
H/1.1 200
OK 1580310261276_4NvlCXf.png
studio-paste-cdn.fiftythree.com/team-uploads/19b5eb08-03ae-4745-8c26-77cf9fd81588/watermarks/ 1 KB
1 KB 745ms
684ms Image
image/png 13.227.198.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studio-paste-cdn.fiftythree.com/team-uploads/19b5eb08-03ae-4745-8c26-77cf9fd81588/watermarks/1580310261276_4NvlCXf.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.198.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-198-78.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4b86033d3ee321a8290bbfbe79082f41e8896d461964eb494ee42b0b2ee4fbb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 23 Mar 2020 20:51:43 GMT
Via: 1.1 d3fdd96b3ada000b1a8c2d522534c125.cloudfront.net (CloudFront)
Last-Modified: Wed, 29 Jan 2020 15:04:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS54-C1
ETag: "b865e61c1e2b14790d3640d6b927b9fb"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1044
X-Amz-Cf-Id: L_s9xMXIyxfk3WI8FkVavI6LqfHaAcrgTR2ST-p1FN6D1H6Wjtlphg==

POST
H/1.1 200
OK 378e1eac2f Show response
bam.nr-data.net/events/1/ 24 B
179 B 103ms
103ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/378e1eac2f?a=21782324&v=1167.2a4546b&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YEhsDB1JWDm1gfCEeRE0OSg9eUQB0WlYEXX4G&rst=3903&ref=https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://pasteapp.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H/1.1 200
OK 378e1eac2f Show response
bam.nr-data.net/events/1/ 24 B
179 B 106ms
105ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/378e1eac2f?a=21782324&v=1167.2a4546b&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YEhsDB1JWDm1gfCEeRE0OSg9eUQB0WlYEXX4G&rst=12569&ref=https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE
Requested by: Host: pasteapp.com
URL: https://pasteapp.com/p/90WNYuWeUWD/s/dnWFJuclDlE?view=wDKX7aBewOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Origin: https://pasteapp.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://pasteapp.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pasteapp.com/	1970-01-22 23:52:36	Name: amplitude_id_a2b33c641874eb6f58e2319537cae56fpasteapp.com Value: eyJkZXZpY2VJZCI6IjMwZWRiOTUwLTY5OTctNDMwOC1iZjRjLTZiODM3ZjgzYTNkMVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4NDk5NjY5OTQ4MCwibGFzdEV2ZW50VGltZSI6MTU4NDk5NjcwMDM5MSwiZXZlbnRJZCI6MiwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjJ9
.pasteapp.com/	1970-01-19 10:26:12	Name: _fbp Value: fb.1.1584996699523.1923321333
.pasteapp.com/	1970-01-19 08:16:36	Name: _dc_gtm_UA-11792855-25 Value: 1
.pasteapp.com/	1970-01-19 08:16:36	Name: _gat_gtag_UA_30418293_14 Value: 1
pasteapp.com/	1970-01-19 17:10:51	Name: present_session.sig Value: 3HkLa95J9rt2LD1iqhK_YMiNAvg
.pasteapp.com/	1970-01-19 08:18:03	Name: _gid Value: GA1.2.876744181.1584996699
.pasteapp.com/	1970-01-20 01:47:48	Name: _ga Value: GA1.2.1882595714.1584996699
pasteapp.com/	1970-01-19 17:02:12	Name: em_cdn_uid Value: t%3D1584996699425%26u%3D9dbb9ad80ce642a591569409862821b7
pasteapp.com/	1970-01-19 17:10:51	Name: present_session Value: eyJjc3JmU2VjcmV0IjoiVVJsTDh6b01vM19CQTVVSDBzSWZqVjhZIn0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.amplitude.com
api.filestackapi.com
bam.nr-data.net
cdn.amplitude.com
cdn.embedly.com
connect.facebook.net
dialog.filestackapi.com
fonts.fiftythree.com
js-agent.newrelic.com
js.intercomcdn.com
pasteapp.com
process.filestackapi.com
pstar-internal-api.fiftythree.com
stats.g.doubleclick.net
studio-paste-cdn.fiftythree.com
widget.intercom.io
www.facebook.com
www.filestackapi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.90.50
13.227.198.78
143.204.208.215
151.101.113.177
151.101.114.110
162.247.242.20
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2003
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.202.84.106
34.206.192.183
52.1.17.102
54.244.33.223
99.83.219.81
99.86.3.113
99.86.3.118
99.86.3.16
99.86.3.29
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f4cba43d13fba87424da0f35b9bfbdeca38375ff9872a8d193734a9224bddb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13fad1e60ab456df878c9de01e367d99b6a226b81a2920d25875fecf02235790
1ef259f8e6a92d34906548717ca06a63a50239b777c0e6855494230d596a1725
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2752aa19835e890dc1e6b573400160708812035495898599c651fe0947280674
33724c06ccbe331cd5b05f949e06fe180f3472e1b9fa150f0c58803b5e63a99d
3fde30368f4b6ace44e5de07c7a44f3dc131e553fc635e52763130249f7ecf18
488711ae3363789dbdbeebbac2c75a55269356e3d11467cf731df8dd3026119b
48ca267bac892e8a4a5879bb8a7ef7e5ec67673b0975eadec0b9df36a9ae22cf
4f8b3f1a4e517e21c6ae92694e3ed99dd6a6635f8aa12bcef317821b3b2e609a
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
80ad6397dbe0a96e80387e19ea28470a9307705c07ace19241a6d15fe83c56e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f8e958c199f11a1955b997c110ed162d21ba8f6757d99ff3af2024186ce0780
9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99
a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156
a7851278d1fa9aadf6b50a7e0f340985a927888afe06a6f2f8f7ec6733995c0a
ae69a1f47832ec1d40b610de157db9d1180c8772bcceacb4a79da520ea2a20b0
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b8b68cd86e6b913cc1cc8ce20cb2da3227f3f272176ea7d484cf4ac7ae865032
bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9
c4b86033d3ee321a8290bbfbe79082f41e8896d461964eb494ee42b0b2ee4fbb
c9be0006c7722d84d21bf08087d627d93774551c16eb3b24f448c26040d9f027
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e2bd60de7442230c92c4140e0920e43f9ac89f75a7f49b474da962edd1e1c718
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8277e23e43c3da2226f46a38dea9fa3e766551606443e581a7e0069a9fa91e4
fd62d13700ad30a29141cc212fa750cd2abbcad0264acf2ec79d31a424b099e7

pasteapp.com Open in urlscan Pro 99.86.3.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

32 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

3040 kBTransfer

8530 kBSize

9 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pasteapp.com Open in urlscan Pro
99.86.3.16 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

32 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

3040 kB
Transfer

8530 kB
Size

9
Cookies

46 HTTP transactions
0 data transactions