urlscan.io logo urlscan.io
SecurityTrails logo

tower.paperairmedia.com Open in urlscan Pro
54.203.30.26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fireinsidetheaterbuyouts.com/
Effective URL: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 08 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 54.203.30.26, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is tower.paperairmedia.com.
TLS certificate: Issued by R10 on October 16th 2024. Valid for: 3 months.
This is the only time tower.paperairmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.139.32 16509 (AMAZON-02)
8 54.203.30.26 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.163 15169 (GOOGLE)
1 51.195.5.58 16276 (OVH)
1 52.218.251.73 16509 (AMAZON-02)
24 7
1    3.33.139.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: aeedc42b70c898c66.awsglobalaccelerator.com
fireinsidetheaterbuyouts.com
8    54.203.30.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-30-26.us-west-2.compute.amazonaws.com
tower.paperairmedia.com
10    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
1    51.195.5.58 (Limburg an der Lahn, Germany)

ASN16276 (OVH, FR)
PTR: ns3169126.ip-51-195-5.eu
pro.ip-api.com
1    52.218.251.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
paperairplane-prod-assets.s3.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
168 KB
8 paperairmedia.com
tower.paperairmedia.com
1 MB
2 gstatic.com
fonts.gstatic.com
46 KB
1 amazonaws.com
paperairplane-prod-assets.s3.us-west-2.amazonaws.com
2 MB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6020
193 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
944 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
317 B
1 fireinsidetheaterbuyouts.com
fireinsidetheaterbuyouts.com
473 B
24 8
Domain Requested by
10 cdn.cookielaw.org tower.paperairmedia.com
cdn.cookielaw.org
8 tower.paperairmedia.com tower.paperairmedia.com
2 fonts.gstatic.com fonts.googleapis.com
1 paperairplane-prod-assets.s3.us-west-2.amazonaws.com
1 pro.ip-api.com tower.paperairmedia.com
1 fonts.googleapis.com tower.paperairmedia.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fireinsidetheaterbuyouts.com 1 redirects
24 8

This site contains links to these domains. Also see Links.

Domain
privacy.thewaltdisneycompany.com
usprivacy.disney.com
www.iabprivacy.com
www.onetrust.com
Subject Issuer Validity Valid
tower.paperairmedia.com
R10		 2024-10-16 -
2025-01-14		 3 months crt.sh
cookielaw.org
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-09-14 -
2025-08-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Frame ID: 3BC2CBBD07E7FD2D424534CA7E90C289
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Tower | Paper Airplane

Page URL History Show full URLs

  1. http://fireinsidetheaterbuyouts.com/ HTTP 307
    https://fireinsidetheaterbuyouts.com/ HTTP 307
    http://fireinsidetheaterbuyouts.com/ HTTP 301
    https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

24
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

3293 kB
Transfer

7654 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fireinsidetheaterbuyouts.com/ HTTP 307
    https://fireinsidetheaterbuyouts.com/ HTTP 307
    http://fireinsidetheaterbuyouts.com/ HTTP 301
    https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tower.paperairmedia.com/intake/
Redirect Chain
  • http://fireinsidetheaterbuyouts.com/
  • https://fireinsidetheaterbuyouts.com/
  • http://fireinsidetheaterbuyouts.com/
  • https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a4ed52a94ba5fbaee8e24ac9a63e3c678d2c40fb5cebe6802431e9e6f2c0f1cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 08 Nov 2024 14:00:45 GMT
ETag
W/"672bc7b9-5dc"
Expires
Fri, 08 Nov 2024 14:00:44 GMT
Last-Modified
Wed, 06 Nov 2024 19:47:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
116
Content-Security-Policy
script-src 'self'
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Nov 2024 14:00:44 GMT
Expires
-1
Location
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Pragma
no-cache
Vary
Accept
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
animate.min.css
tower.paperairmedia.com/ 		88 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/animate.min.css
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
583ab75f9313b8588e966708824c4a697ca5e87b311c0ceacd03f3b234a95d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"672bc761-15fff"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:44 GMT
Date
Fri, 08 Nov 2024 14:00:45 GMT
Content-Type
text/css
Last-Modified
Wed, 06 Nov 2024 19:45:37 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFE144367E31E
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28477
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:45 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 03:36:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
ceba4afd-e01e-00a7-1568-30aa69000000
cf-ray
8df6175438fabadb-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
main.44ca1b5c.js
tower.paperairmedia.com/static/js/ 		4 MB
953 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/static/js/main.44ca1b5c.js
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
445e2f1b8aee5e59c4d68df18a01da73bfc33549cde7ad1542423dc6c68e1f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"672bc7b9-3e556f"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:44 GMT
Date
Fri, 08 Nov 2024 14:00:45 GMT
Content-Type
application/javascript
Last-Modified
Wed, 06 Nov 2024 19:47:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
main.191454c9.css
tower.paperairmedia.com/static/css/ 		649 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/static/css/main.191454c9.css
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c1a1aca47c39fba04766ae846960f025491013b2224ecd7b020183721ae66ceb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"672bc7b9-a2457"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:44 GMT
Date
Fri, 08 Nov 2024 14:00:45 GMT
Content-Type
text/css
Last-Modified
Wed, 06 Nov 2024 19:47:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
018ee3f0-7038-7040-9d56-869be18fe9ac.json
cdn.cookielaw.org/consent/018ee3f0-7038-7040-9d56-869be18fe9ac/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018ee3f0-7038-7040-9d56-869be18fe9ac/018ee3f0-7038-7040-9d56-869be18fe9ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b244fd601c6dc64f1e98cec1613fd4a687bcfff79a1c52eb07d9d6c4fbf893c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
+NsPjLJza6IZsigGb0QcgQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC5DA2314445F1
age
68917
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 09 Nov 2024 14:00:45 GMT
date
Fri, 08 Nov 2024 14:00:45 GMT
content-type
application/json
last-modified
Mon, 15 Apr 2024 23:17:17 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
58a93297-001e-000c-384d-267d7b000000
cf-ray
8df6175569494c5c-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1563
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
Referer
https://tower.paperairmedia.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8df617566b16bab2-MXP
access-control-allow-origin
*
date
Fri, 08 Nov 2024 14:00:45 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202403.2.0/ 		447 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa3819e372a2dea8481006260ec87104757d05c61221164e95d11f0ef00113f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
UXUCHIIw+nYfl5bUBeOrfg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
25834
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=457713
date
Fri, 08 Nov 2024 14:00:45 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 21:46:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
cccacf1b-f01e-0056-4672-257bfa000000
cf-ray
8df61756cda0badb-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn.cookielaw.org/consent/018ee3f0-7038-7040-9d56-869be18fe9ac/7f169f91-6963-4102-ad7c-8dc61639310f/ 		67 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/018ee3f0-7038-7040-9d56-869be18fe9ac/7f169f91-6963-4102-ad7c-8dc61639310f/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6ca3b9896d0a11a74c4384d93dd7218e4a1f63818eaffbbaa9051635ee546a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
MiqbajvsSo55eqwAD5GosQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC5DA23347BA24
age
68917
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 09 Nov 2024 14:00:46 GMT
date
Fri, 08 Nov 2024 14:00:46 GMT
content-type
application/json
last-modified
Mon, 15 Apr 2024 23:17:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
cb31e0bd-b01e-0037-334d-263f25000000
cf-ray
8df617578c444c5c-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
23390
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
Q9brtORRsvfuS5CuJpEeaA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E0C5BC479B
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
68917
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:46 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 21:46:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
97021338-c01e-0038-4460-d8d2d3000000
cf-ray
8df617580cf34c5c-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
3041
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
oYYJ7dskMKBLan6YgY9GHg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E0C716ABC1
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
68917
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:46 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 21:46:41 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
7a8fd002-f01e-00d5-51ff-d7db57000000
cf-ray
8df617580cf44c5c-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
12755
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906696b6eda58302976c520c1c37e981beb5e14702bd2445b987083bacb52116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
4ErYmXXFNbMLrnc9DrDTsg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
68917
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=24823
date
Fri, 08 Nov 2024 14:00:46 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 21:46:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
72d80344-001e-002e-400f-d8134d000000
cf-ray
8df617580cf64c5c-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
css
fonts.googleapis.com/ 		3 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/static/css/main.191454c9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 14:00:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 14:00:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 13:01:01 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
68917
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:47 GMT
content-type
image/svg+xml
last-modified
Thu, 07 Nov 2024 17:33:49 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
bee474b2-501e-00d3-7245-312c2f000000
cf-ray
8df617617ae74c5c-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_company_logo.png
cdn.cookielaw.org/logos/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
E8+sk/ECzKgTUVtDLikiIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCFF5257872802
age
31188
cf-cache-status
HIT
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:47 GMT
content-type
image/png
last-modified
Thu, 07 Nov 2024 17:33:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
508b3388-901e-00a8-1840-31479f000000
cf-ray
8df617619c65badb-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
4036
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
29379
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Nov 2024 14:00:47 GMT
content-type
image/svg+xml
last-modified
Wed, 06 Nov 2024 03:37:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
d5a456e4-d01e-0086-4770-30c758000000
cf-ray
8df617619c69badb-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tower.paperairmedia.com
Referer
https://fonts.googleapis.com/

Response headers

age
167650
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:26:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:26:37 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
/
pro.ip-api.com/json/ 		38 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=country,countryCode&key=UOFNAGQu7N4KnB9
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/static/js/main.44ca1b5c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.5.58 Limburg an der Lahn, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3169126.ip-51-195-5.eu
Software
/
Resource Hash
e40276b8b114c83d3d4d3c912b2dd78364294449737bc3262f0b7fb0a165a8b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://tower.paperairmedia.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
38
Date
Fri, 08 Nov 2024 14:00:47 GMT
Content-Type
application/json; charset=utf-8
gravy
tower.paperairmedia.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/gravy
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/static/js/main.44ca1b5c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
36cdbbf1ef00cfd56c242e8fd92b2f6dba628c4a3b6e53aa3be46a668565088b

Request headers

Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
*/*
content-type
application/json
token
null

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"121d-P82j5hQZb8XGxzoZ61hmqdvUL3s"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:46 GMT
Access-Control-Allow-Origin
*
Date
Fri, 08 Nov 2024 14:00:47 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)
gravy
tower.paperairmedia.com/ 		102 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/gravy
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/static/js/main.44ca1b5c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7bb7b4453fff848ea6459bd96a4ef5b01afc319c6329d1701c4ea8cb82f4867a

Request headers

Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
*/*
content-type
application/json
token
null

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"1968f-sEgwv9mAatuqPdRhEM7jAEvr3uc"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:46 GMT
Access-Control-Allow-Origin
*
Date
Fri, 08 Nov 2024 14:00:47 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)
favicon.ico
tower.paperairmedia.com/images/ 		186 KB
57 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8ab319c382a23c2a62517aa392019c883c78b2cf93e7d3c5ed8b201b650f34c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"672bc761-2e72d"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:46 GMT
Date
Fri, 08 Nov 2024 14:00:47 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 06 Nov 2024 19:45:37 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tower.paperairmedia.com
Referer
https://fonts.googleapis.com/

Response headers

age
167055
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:36:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:36:32 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
gravy
tower.paperairmedia.com/ 		477 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tower.paperairmedia.com/gravy
Requested by
Host: tower.paperairmedia.com
URL: https://tower.paperairmedia.com/static/js/main.44ca1b5c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.203.30.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-30-26.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
705f1471dda8b7b8914b079acf46cce0c0843a312ccffa4933d328eec56005e0

Request headers

Referer
https://tower.paperairmedia.com/intake/?campaignId=6716cc08a4dc6da82013922c
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
*/*
content-type
application/json
token
null

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Content-Encoding
gzip
ETag
W/"1dd-u051PYox89eKZQ3rIPMPQ/ob8rs"
Connection
keep-alive
Expires
Fri, 08 Nov 2024 14:00:47 GMT
Access-Control-Allow-Origin
*
Date
Fri, 08 Nov 2024 14:00:48 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)
FI%20Tower%203.png
paperairplane-prod-assets.s3.us-west-2.amazonaws.com/campaigns/6716cc08a4dc6da82013922c/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paperairplane-prod-assets.s3.us-west-2.amazonaws.com/campaigns/6716cc08a4dc6da82013922c/FI%20Tower%203.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=ASIAZ5CIXZLVZSFP7IW2%2F20241108%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20241108T140047Z&X-Amz-Expires=86400&X-Amz-Security-Token=IQoJb3JpZ2luX2VjENX%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLXdlc3QtMiJGMEQCIBBUL7SykFWTF%2BXLYiphg%2BD4vICVLbhg1W4M%2F0CHDftlAiAZNhvJTDRbuwA24tQgDf1XL3W46TUWG%2BYXzKow6z5Pfiq8BQheEAEaDDY4MDkwNDg3MDYzNSIM6vOSMgQMupgoCkVGKpkFidw%2BBosE7hosl2cBFLZN4rwlNgdudH82bIgiRbypV%2FSxZQY%2FXJYtM5VgTa8NXWXzHkDyMHd7iYFsSccmoBJPIbOOSijXQjENUkjnjKrjMJ4Nwoh3wtzzKF9Y%2FIzgQxMaE4HxyvG%2FAXNwoQ9xQjpTOBo3juczzKPhy3RL%2FBvALpUgHWqt5HS%2FOjUVh%2FEqopkDThxOz6%2Fovz8Dqw5c9g1WpEw3n0iQ7EG9g3ojar%2FnwqpgGUhla3TLIAWCLfCGfwROjN4Dwc8XWWbkwmGHg5zsNJpsEHc3ek6RQ98ZzTJ%2B6oktwQCHzplVt48JzHcdUw3P2ZNSJOq9zf38wf8KonU5VgTXeTAZOBhVrJ4UqdTtTdZevEltWyKnLzhnUdhvo8TYXdGYBwib9Vk3dWBBiCsDsAfCn5AzxRMIDXK69g5ZhyN%2BlryX9qkNpLVGH2BdtQPNppphlfx%2F9BAGqaK%2BVFawzaVNa5EyTSATHZ8bdrENVbzHPf85xtwu%2BeOt1n8snqveMHEJByWKQ5Dm2jTKS9f3xavQL8fEHShBeZ159jAvJ%2BvbP9R1la7CfCOPzTuo2gZeGdiqLdQ95rYr7NnjgYwiah8Mjxj2TaWptX69DvbnvBrovD%2FB85Dgsn1DS0W5Rx9%2FhwmoJuJLNhhIwc2EWYuD%2B5stQItym4f2rSJTBOPDRGEWSlnrKpo6cBXOYVocm0p02efMpg4fTjlX7NVK6X9TtlBqXSlLoTBuX9ADNnkfNGDfF%2Fp8Mt0MinsWKucWlnyXrVe5tdT7YnqcO32UwHLOoMKsJgVB191Cq4QxJekLp826pstnuZS8Gn3RwvZEsanaSNVxkU7LCCTMxTFoPMnOFjNOw4T8XMkGui6hljw5dYDCuJrNEgA5AhQw%2Fpu4uQY6sgFBqwOK430SVXKjyzekprP7slr36%2FOTOG5Wk5xpwyVh2xXOplhwgzYwVN133aVplJzSi3GiVvtfX8GHhSXu5gV2BMFfzNLmjefotC70OrrFqpGoJHHoCmKjhgOKoWJfD9axvDv0S26NQDeV6ThgcGkKHAwAJd5xUhk%2FF5IW4GfyGtQWZLthSLil%2B1c%2FX5yeCyrqZ87AulPY5aEyKCzP%2FJCsAZrgVFN4Jgkg7%2BsZIwfi5yA3&X-Amz-Signature=13309e5e04eef8a47ccacd59a88dd36e42379584424a00b7b0a92550dffad12e&X-Amz-SignedHeaders=host&x-id=GetObject
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.218.251.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b4baff0d79d18648f51fee0d4b489bbee7dc92a5f7043a64b780464e2601f324

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tower.paperairmedia.com/

Response headers

x-amz-id-2
VyYHVi00wEDac0MB/BPh4SP/SxzoGb5osUtKqYM435z8MnAVwy3HUlo6NGmkHmQ0GjvLU7AaUFU=
ETag
"e89110f066b32f47dd3355e34c433a03"
x-amz-request-id
XVSCWZ6CV948WE27
Accept-Ranges
bytes
Content-Length
1982052
Date
Fri, 08 Nov 2024 14:00:49 GMT
Last-Modified
Mon, 21 Oct 2024 21:55:32 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust object| webpackChunkpaperairmedia_tower_react function| saveAs function| _ string| appVersion object| __APOLLO_CLIENT__

1 Cookies

Domain/Path Name / Value
tower.paperairmedia.com/intake Name: onetrust
Value: grouptickets-wds

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fireinsidetheaterbuyouts.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
paperairplane-prod-assets.s3.us-west-2.amazonaws.com
pro.ip-api.com
tower.paperairmedia.com
142.250.185.163
2606:4700:4400::6812:2089
2606:4700::6812:572a
2a00:1450:4001:81d::200a
3.33.139.32
51.195.5.58
52.218.251.73
54.203.30.26
2b244fd601c6dc64f1e98cec1613fd4a687bcfff79a1c52eb07d9d6c4fbf893c
36cdbbf1ef00cfd56c242e8fd92b2f6dba628c4a3b6e53aa3be46a668565088b
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
445e2f1b8aee5e59c4d68df18a01da73bfc33549cde7ad1542423dc6c68e1f07
583ab75f9313b8588e966708824c4a697ca5e87b311c0ceacd03f3b234a95d59
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
705f1471dda8b7b8914b079acf46cce0c0843a312ccffa4933d328eec56005e0
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
7bb7b4453fff848ea6459bd96a4ef5b01afc319c6329d1701c4ea8cb82f4867a
8ab319c382a23c2a62517aa392019c883c78b2cf93e7d3c5ed8b201b650f34c1
906696b6eda58302976c520c1c37e981beb5e14702bd2445b987083bacb52116
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a4ed52a94ba5fbaee8e24ac9a63e3c678d2c40fb5cebe6802431e9e6f2c0f1cb
b4baff0d79d18648f51fee0d4b489bbee7dc92a5f7043a64b780464e2601f324
c1a1aca47c39fba04766ae846960f025491013b2224ecd7b020183721ae66ceb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caa3819e372a2dea8481006260ec87104757d05c61221164e95d11f0ef00113f
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
e40276b8b114c83d3d4d3c912b2dd78364294449737bc3262f0b7fb0a165a8b3
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
ff6ca3b9896d0a11a74c4384d93dd7218e4a1f63818eaffbbaa9051635ee546a