urlscan.io logo urlscan.io
SecurityTrails logo

auth.wetransfer.com Open in urlscan Pro
13.32.99.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pasteapp.com/
Effective URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000...
Submission: On January 03 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 23 domains to perform 68 HTTP transactions. The main IP is 13.32.99.13, located in United States and belongs to AMAZON-02, US. The main domain is auth.wetransfer.com.
TLS certificate: Issued by Amazon on August 8th 2021. Valid for: a year.
This is the only time auth.wetransfer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 18.66.112.55 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.16.89.50 13335 (CLOUDFLAR...)
1 52.222.206.6 16509 (AMAZON-02)
3 151.101.130.133 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3 142.250.185.102 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 3 185.33.223.38 29990 (ASN-APPNEX)
1 18.158.49.19 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 1 13.32.99.25 16509 (AMAZON-02)
3 18.66.139.61 16509 (AMAZON-02)
1 5 13.32.99.13 16509 (AMAZON-02)
1 18.66.97.114 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
9 13.32.99.68 16509 (AMAZON-02)
2 52.212.68.163 16509 (AMAZON-02)
1 1 151.101.64.217 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
68 25
7    18.66.112.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-55.fra56.r.cloudfront.net
pasteapp.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.embedly.com
1    52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net
cdn.amplitude.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
api.filestackapi.com
dialog.filestackapi.com
www.filestackapi.com
5    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
8444178.fls.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    18.158.49.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-49-19.eu-central-1.compute.amazonaws.com
pixel.mediaiqdigital.com
3    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    13.32.99.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-25.fra60.r.cloudfront.net
widget.intercom.io
3    18.66.139.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-61.fra60.r.cloudfront.net
js.intercomcdn.com
5    13.32.99.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-13.fra60.r.cloudfront.net
auth.wetransfer.com
1    18.66.97.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-114.fra56.r.cloudfront.net
fonts.fiftythree.com
1    2600:9000:223f:c800:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)
d19ptbnuzhibkh.cloudfront.net
9    13.32.99.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-68.fra60.r.cloudfront.net
auth-cdn.wetransfer.com
2    52.212.68.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-163.eu-west-1.compute.amazonaws.com
snowplow.wetransfer.com
1    151.101.64.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
1    2a02:26f0:6c00::210:ba23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vod-progressive.akamaized.net
Domain Requested by
9 auth-cdn.wetransfer.com auth.wetransfer.com
auth-cdn.wetransfer.com
7 pasteapp.com 1 redirects pasteapp.com
5 auth.wetransfer.com 1 redirects pasteapp.com
auth-cdn.wetransfer.com
5 www.google-analytics.com pasteapp.com
www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com pasteapp.com
auth.wetransfer.com
www.googletagmanager.com
3 js.intercomcdn.com widget.intercom.io
3 stats.g.doubleclick.net pasteapp.com
www.google-analytics.com
3 secure.adnxs.com 2 redirects 8444178.fls.doubleclick.net
3 8444178.fls.doubleclick.net 1 redirects www.googletagmanager.com
pasteapp.com
3 bat.bing.com pasteapp.com
bat.bing.com
2 snowplow.wetransfer.com d19ptbnuzhibkh.cloudfront.net
2 www.facebook.com pasteapp.com
2 www.google.co.uk pasteapp.com
auth.wetransfer.com
2 www.google.com pasteapp.com
auth.wetransfer.com
2 connect.facebook.net pasteapp.com
1 vod-progressive.akamaized.net auth.wetransfer.com
1 player.vimeo.com 1 redirects
1 d19ptbnuzhibkh.cloudfront.net auth.wetransfer.com
1 fonts.fiftythree.com pasteapp.com
1 www.filestackapi.com pasteapp.com
1 dialog.filestackapi.com pasteapp.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com pasteapp.com
1 adservice.google.com 8444178.fls.doubleclick.net
1 pixel.mediaiqdigital.com pasteapp.com
1 api.filestackapi.com pasteapp.com
1 cdn.amplitude.com pasteapp.com
1 cdn.embedly.com pasteapp.com
0 api-iam.intercom.io Failed js.intercomcdn.com
0 bam.nr-data.net Failed pasteapp.com
js-agent.newrelic.com
0 api.amplitude.com Failed pasteapp.com
68 31

This site contains no links.

Subject Issuer Validity Valid
pasteapp.com
Amazon		 2021-10-07 -
2022-11-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.embedly.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-09 -
2022-10-10		 a year crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.filestackapi.com
R3		 2021-12-13 -
2022-03-13		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
wetransfer.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
fiftythree.com
Amazon		 2021-09-29 -
2022-10-28		 a year crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
snowplow.wetransfer.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Frame ID: 29E403AE59F5E6D38D1B3072B79B0AC6
Requests: 67 HTTP requests in this frame

Frame: https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
Frame ID: E92B4669EB4F851F588ED1B9AD17AFF8
Requests: 3 HTTP requests in this frame

Frame: https://dialog.filestackapi.com/dialog/comm_iframe/
Frame ID: EC21C7372153E5743697B7C0577D1668
Requests: 1 HTTP requests in this frame

Frame: https://www.filestackapi.com/dialog/comm_iframe/
Frame ID: 19185E80C21BB252C21D3E640EB2DFFB
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.21272555.js
Frame ID: 8E07C3A2EC7402861889E71BCF346B17
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WeTransfer account | Paste

Page URL History Show full URLs

  1. http://pasteapp.com/ HTTP 301
    https://pasteapp.com/ Page URL
  2. https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpa... HTTP 302
    https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /lock/([\d.]+)/lock(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

68
Requests

87 %
HTTPS

42 %
IPv6

23
Domains

31
Subdomains

25
IPs

6
Countries

5542 kB
Transfer

17189 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pasteapp.com/ HTTP 301
    https://pasteapp.com/ Page URL
  2. https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&state=STdrdVdYOXdmZm9DVk1LTFNPdXlSY0dNSllZNWVEVUdodVhoYXB6Y3JwZQ%3D%3D&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9 HTTP 302
    https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pasteapp.com/ HTTP 301
  • https://pasteapp.com/
Request Chain 14
  • https://8444178.fls.doubleclick.net/activityi;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F HTTP 302
  • https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
Request Chain 17
  • https://secure.adnxs.com/px?id=1244963&seg=21740900&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1244963%26uid%3D%24%7BUID%7D&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1244963%26seg%3D21740900%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1244963%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5192467869634551854
Request Chain 30
  • https://widget.intercom.io/widget/jgz9nkp3 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js
Request Chain 54
  • https://player.vimeo.com/external/427097722.hd.mp4?s=d30c2b2a328e0efea7fa15ac8cc8b0673e24285f&profile_id=174 HTTP 302
  • https://vod-progressive.akamaized.net/exp=1641229130~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F419%2F17%2F427097722%2F1851947026.mp4~hmac=434fe946a87c8d1d2ec930fcb6d83d92988957bb3bbfbc14f877d6b4394fdcf6/vimeo-prod-skyfire-std-us/01/419/17/427097722/1851947026.mp4?filename=Homepage_Paste_PR_Video-60s-060820.mp4

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pasteapp.com/
Redirect Chain
  • http://pasteapp.com/
  • https://pasteapp.com/
69 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
7c98a58ca9be7ba480c82207df42ff7d14c5c5e88f366e4a52280faac86f1d81
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
Cowboy
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=86400
X-Download-Options
noopen
X-Xss-Protection
1; mode=block
X-App-Version
v1563
X-Request-Id
4a58966c-975e-42c4-9ebf-bdbc8c5d6ce3
Cache-Control
private
ETag
W/"11500-r4InlF0l/8JvOMxnqu1ujOVysLk"
Content-Encoding
gzip
Date
Mon, 03 Jan 2022 12:58:47 GMT
Via
1.1 vegur, 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
KmUkOpYgDtWBTXGlN8n778-zFDMQnoyex66UqmkkKEJxEIAI7opS-g==

Redirect headers

Server
CloudFront
Date
Mon, 03 Jan 2022 12:58:47 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://pasteapp.com/
X-Cache
Redirect from cloudfront
Via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
m59tm3efTsrNDMMl-2lLE-S_wHHZdOoM3HGFfd_KqcZ5obL9eIkE1Q==
vendor.abbecb5e788e3682f82b.css
pasteapp.com/styles/ 		309 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/styles/vendor.abbecb5e788e3682f82b.css
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
6800541f3fa1eb8649d45fb0836aee81202d5ae34de7bd2aadab7cc3950a8422
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
15da3aaa-bf00-4360-b5a9-c01636260004
X-App-Version
v1563
Last-Modified
Wed, 01 Dec 2021 18:54:12 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur, 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"4d23f-17d7758dc20"
Accept-Ranges
bytes
X-Amz-Cf-Id
1uHnSAfsRQ8iulbAvD43XaHvQFBdXxtwAS9-8fFp3tYMuTaFyP0FGw==
app.75d709b17784db45a9ae.css
pasteapp.com/styles/ 		32 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/styles/app.75d709b17784db45a9ae.css
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
5dee50e1240bcc11f20cb426f624e2ebfdfde595578ee8895e0034261094b974
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
8e5eb3b0-9436-4b49-be01-f48fe72e94d9
X-App-Version
v1563
Last-Modified
Wed, 01 Dec 2021 18:54:12 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur, 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"7f2a-17d7758dc20"
Accept-Ranges
bytes
X-Amz-Cf-Id
epqmvQ-UWsyViZcRK8IAZ412TVfe3DiGGc2bS3-fTSow3DxeS1p6vg==
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30418293-15
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1389d6af52602e5b50d46f8916913c79e54ff3896babee24d6ac3ce7f0085f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36179
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 12:58:48 GMT
platform.js
cdn.embedly.com/widgets/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.embedly.com/widgets/platform.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 12:58:48 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
NTDSQE62QXMH2589
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
LZ1Dnzdgsik6ujhDq99bz6Nen0w7e3n+zA20nuXNeJVqCRocWqkdsfFvHhu+BUlhLjTxLDYnSGE=
CF-RAY
6c7c6692ba4ddfeb-FRA
Last-Modified
Wed, 02 Jun 2021 21:18:28 GMT
Server
cloudflare
ETag
W/"1515208cf0f82e612ecf50bd9e1c1a3e"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
x-amz-version-id
kp_mKzjWqdPYjEdl.9aSC0zrgqj54UQa
Cache-Control
public, max-age=300
Content-Type
application/javascript
Expires
Mon, 03 Jan 2022 13:03:48 GMT
vendor.ceff9bc43ab3533f83cd.js
pasteapp.com/scripts/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/vendor.ceff9bc43ab3533f83cd.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
7318baed560e1cb45acb0a70e2ce9f9e8fd35a3542657dfd9fbff3c7121ec250
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
262a6d0d-510c-4049-8ea9-e5b44b2d106f
X-App-Version
v1563
Last-Modified
Wed, 01 Dec 2021 18:54:12 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"47c2ae-17d7758dc20"
Accept-Ranges
bytes
X-Amz-Cf-Id
uhDUG0v35vingTyt6vNbTnV0vldIIea-J9MDy1b0yJweYC4EozKi3g==
polyfill.e1a7c1a02309257cc7a5.js
pasteapp.com/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/polyfill.e1a7c1a02309257cc7a5.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
9d803552f9342d3bc7e5a237ec52f0c6afefdcf54cc5645e641fdf86d95a1cc5
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
83a61f42-bba5-4b9e-8e05-de36caf51551
X-App-Version
v1563
Last-Modified
Wed, 01 Dec 2021 18:54:12 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"5e5-17d7758dc20"
Accept-Ranges
bytes
X-Amz-Cf-Id
v7bI4L6BaGLy_ByCmewrnHZ9H4R3tfeptAp2SYoEnv1xNQFEEijg7w==
app.6362c0d8f69cf354c6ad.js
pasteapp.com/scripts/ 		6 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasteapp.com/scripts/app.6362c0d8f69cf354c6ad.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-55.fra56.r.cloudfront.net
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=86400
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-P5
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
98b4bddc-7427-4a33-8b1f-96a0697b2813
X-App-Version
v1563
Last-Modified
Wed, 01 Dec 2021 18:54:12 GMT
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur, 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
Cache-Control
public, max-age=300
ETag
W/"5c839e-17d7758dc20"
Accept-Ranges
bytes
X-Amz-Cf-Id
fy5KDOkRVQveNn87R6F7VAhU5IrnCVG-fT19Me75Klv-HjO8QeeTrg==
gtm.js
www.googletagmanager.com/ 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXNZVGZ
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ae6bfd0f558fad6bd37d53d79357ffa670960086a64faa7d8c657950d08ff08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62471
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 12:58:48 GMT
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Referer
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 04:42:37 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
16013772
x-cache
Hit from cloudfront
content-length
17889
access-control-allow-origin
*
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
server
AmazonS3
etag
"b568e7b3c9d94da6a1d4845b18400f7a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via
1.1 4c692717a0e85914a993c3aa5c8a2ef7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
8k8dpphYWPZjiuX5C9eq-nrG17njqa9fsqLHT8eY4zyVumV_Q9VLhQ==
filestack.js
api.filestackapi.com/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.filestackapi.com/filestack.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
content-encoding
gzip
age
134354
x-cache
HIT
content-length
21025
x-amz-id-2
jkCQ+AS58Q9Ymir1KdKrFBEPKjjgfY6suUhxEw2JyGu3viKIzHdBSmICex/l3e0uckXqenXAu3M=
x-served-by
cache-fra19154-FRA
last-modified
Wed, 05 Feb 2020 09:37:22 GMT
server
AmazonS3
x-timer
S1641214729.626533,VS0,VE0
etag
"e907365d304fff6d1a662335ce6bb88f"
vary
Accept-Encoding
x-amz-request-id
K3BXTF3TF0694P1R
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1632
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30418293-14&l=dataLayer&cx=c
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a6aa2f4c5a1233f7079884100260478b3a0ba016aa21e54d11dfdff02ca3143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36205
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 12:58:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7062
date
Mon, 03 Jan 2022 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 13:01:06 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7DEA03B733CC41EFB9DF950F7D2A5D14 Ref B: FRAEDGE1507 Ref C: 2022-01-03T12:58:48Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
8444178.fls.doubleclick.net/ Frame E92B
Redirect Chain
  • https://8444178.fls.doubleclick.net/activityi;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
  • https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%...
497 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXNZVGZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
efde8425d168298b4ae4f6d6a709d82140944987ea3d04c379c07afb1e664b96
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jan 2022 12:58:48 GMT
expires
Mon, 03 Jan 2022 12:58:48 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jan 2022 12:58:48 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
P/leJmKBydkMvmRvefmGHNypTIcbXBMNAnBmuZcjCl/kIBSFnpCs2aWNHz9cTCMNlayue8KMCWiI8wZrkfyO3Q==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 03 Jan 2022 12:58:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=5,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;register_conversion=1;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
8444178.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8444178.fls.doubleclick.net/activityi;register_conversion=1;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
pixel
pixel.mediaiqdigital.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1244963&seg=21740900&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1244963%26uid%3D%24%7BUID%7D&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1244963%26seg%3D21740900%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1244963%2526uid%253D%2524%257BUID%257D%2...
  • https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5192467869634551854
2 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5192467869634551854
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
HTTP/1.1
Server
18.158.49.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-49-19.eu-central-1.compute.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 12:58:48 GMT
Server
nginx/1.19.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length
2

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Proxy-Origin
91.238.82.159; 91.238.82.159; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f6efbada-bd47-4762-b0c7-614576441621
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1244963&uid=5192467869634551854
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11792855-25&cid=1111120512.1641214728&jid=295368597&gjid=1162305635&_gid=838994020.1641214728&_u=YGBAgEABAAAAAE~&z=189308095
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 12:58:48 GMT
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1696997929&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2F&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=295368597&gjid=1162305635&cid=1111120512.1641214728&tid=UA-11792855-25&_gid=838994020.1641214728&gtm=2wgc10MXNZVGZ&z=558072625
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 02:32:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37590
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1696997929&t=pageview&_s=1&dl=https%3A%2F%2Fpasteapp.com%2F&ul=en-us&de=UTF-8&dt=Paste%20by%20WeTransfer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAG~&jid=686693558&gjid=1800829048&cid=1111120512.1641214728&tid=UA-30418293-14&_gid=838994020.1641214728&_r=1&gtm=2ouc10&z=2025419184
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1904796869803472
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1904796869803472?v=2.9.48&r=stable
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0400d96803a66b734e5ea57eced23db6263d5d3c94655334daf9559977eb1767
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89019
x-xss-protection
0
pragma
public
x-fb-debug
FTcyz+c6/GdRyhorwYTobGBxJ0ardxS0UwyudtIKw3uUDE9JZOd9YxDgC7XogdkpDoIesYvWBU5X8HrYyNnsSw==
x-frame-options
DENY
date
Mon, 03 Jan 2022 12:58:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30418293-14&cid=1111120512.1641214728&jid=686693558&gjid=1800829048&_gid=838994020.1641214728&_u=aGDACUABBAAAAG~&z=518950074
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 12:58:48 GMT
content-type
text/plain
access-control-allow-origin
https://pasteapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
17116656.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17116656.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 03 Jan 2022 12:58:48 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 446948611AA84EA89375419ED68D1677 Ref B: FRAEDGE1507 Ref C: 2022-01-03T12:58:48Z
x-cache
CONFIG_NOCACHE
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-25&cid=1111120512.1641214728&jid=295368597&_u=YGBAgEABAAAAAE~&z=219852934
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-25&cid=1111120512.1641214728&jid=295368597&_u=YGBAgEABAAAAAE~&z=219852934
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=PageView&dl=https%3A%2F%2Fpasteapp.com%2F&rl=&if=false&ts=1641214728146&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641214728145.459038324&it=1641214728095&coo=false&exp=p0&rqm=GET
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 03 Jan 2022 12:58:48 GMT
px
secure.adnxs.com/ Frame E92B 		0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1251256&seg=21908706&t=1
Requested by
Host: 8444178.fls.doubleclick.net
URL: https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8444178.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jan 2022 12:58:48 GMT
X-Proxy-Origin
91.238.82.159; 91.238.82.159; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
96117790-1ed1-4e4e-9724-9942b1ea819c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
adservice.google.com/ddm/fls/z/ Frame E92B 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F
Requested by
Host: 8444178.fls.doubleclick.net
URL: https://8444178.fls.doubleclick.net/activityi;dc_pre=CN-aoafRlfUCFdpCHQkdDp4PCw;src=8444178;type=count0;cat=paste007;ord=5978861326943;gtm=2wgc10;auiddc=351578124.1641214728;ps=1;~oref=https%3A%2F%2Fpasteapp.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8444178.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-spa-1212.min.js
js-agent.newrelic.com/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding
gzip
etag
"8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id
VG6YBKXNYMJ05RRS
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16636
x-amz-id-2
CN/OtP3A9z0ShcwSC84Dp2716OPSVqHtXjTa3tL4kDFfrY9FTweTMDz1ynWsKHz8NETzizCEpEw=
x-served-by
cache-fra19148-FRA
last-modified
Thu, 04 Nov 2021 21:16:16 GMT
server
AmazonS3
x-timer
S1641214730.549616,VS0,VE0
date
Mon, 03 Jan 2022 12:58:49 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6219
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/jgz9nkp3
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 03 Jan 2022 12:53:57 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 10:02:35 GMT
server
AmazonS3
age
293
etag
"c3f703bb44857da89fd76e7d568dd2be"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6063
x-amz-cf-id
30kaN8iqPH8DiDBWaxlGCXOiuUF5yKDYa8de31F_JX9i1t93bwCS0w==

Redirect headers

date
Wed, 29 Dec 2021 12:53:23 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
AmazonS3
age
432327
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
_dcPQYKmIm1mKGgopjLsWU2bs_icdL1UOzd9XKebkMMOmsHSV_eU6w==
/
dialog.filestackapi.com/dialog/comm_iframe/ Frame EC21 		2 KB
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dialog.filestackapi.com/dialog/comm_iframe/
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
last-modified
Mon, 06 Dec 2021 12:44:38 GMT
etag
W/"61ae05b6-82a"
p3p
CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-headers
Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-credentials
true
content-encoding
gzip
accept-ranges
bytes
date
Mon, 03 Jan 2022 12:58:49 GMT
via
1.1 varnish
age
479612
x-served-by
cache-fra19154-FRA
x-cache
HIT
x-cache-hits
7898
x-timer
S1641214730.540625,VS0,VE0
content-length
945
/
www.filestackapi.com/dialog/comm_iframe/ Frame 1918 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.filestackapi.com/dialog/comm_iframe/
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
last-modified
Mon, 06 Dec 2021 12:44:38 GMT
etag
W/"61ae05b6-82a"
p3p
CP="OTI DSP COR ADM DEV TAIo PSA PSD IVAi IVDi CONi HIS OUR IND CNT COM INT NAV"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-headers
Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Origin, X-File-Name, Key, Content-Type, X-Requested-With, Origin
access-control-allow-credentials
true
content-encoding
gzip
accept-ranges
bytes
date
Mon, 03 Jan 2022 12:58:49 GMT
via
1.1 varnish
age
1861737
x-served-by
cache-fra19154-FRA
x-cache
HIT
x-cache-hits
34922
x-timer
S1641214730.531987,VS0,VE0
content-length
945
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17116656&tm=gtm002&Ver=2&mid=fbaa4d6c-5279-4add-ab4d-2c2fee659a77&sid=e4a7f8606c9411ecb7f0230683e4d758&vid=e4a814606c9411ec83c701dab4bf8c25&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paste%20by%20WeTransfer&kw=presentation,deck,collaborate,team,brainstorm,storyboard,slide,pdf,powerpoint,keynote,slack,work,report,creative,productivity,business&p=https%3A%2F%2Fpasteapp.com%2F&r=&lt=1908&evt=pageLoad&msclkid=N&sv=1&rn=374212
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42A4ABB7EB114D6483205D11F7BA0C82 Ref B: FRAEDGE1507 Ref C: 2022-01-03T12:58:49Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1904796869803472&ev=Microdata&dl=https%3A%2F%2Fpasteapp.com%2F&rl=&if=false&ts=1641214728885&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paste%20by%20WeTransfer%22%2C%22meta%3Akeywords%22%3A%22presentation%2Cdeck%2Ccollaborate%2Cteam%2Cbrainstorm%2Cstoryboard%2Cslide%2Cpdf%2Cpowerpoint%2Ckeynote%2Cslack%2Cwork%2Creport%2Ccreative%2Cproductivity%2Cbusiness%22%2C%22meta%3Adescription%22%3A%22Fast%2C%20collaborative%20presentations%20for%20creative%20teams.%20Share%20your%20work%20in%20realtime%20and%20collaborate%20with%20reactions%2C%20comments%2C%20and%20Slack%20integration.%20Embed%20files%2C%20links%2C%20and%20docs%20for%20strategy%20decks%2C%20design%20handoffs%2C%20brainstorms%2C%20research%20gathering.%20Integrates%20with%20Giphy%2C%20Figma%2C%20Dropbox%2C%20Google%20Docs%2C%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Paste%20by%20WeTransfer%22%2C%22og%3Adescription%22%3A%22Fast%2C%20collaborative%20presentations%20for%20creative%20teams.%20Share%20your%20work%20in%20realtime%20and%20collaborate%20with%20reactions%2C%20comments%2C%20and%20Slack%20integration.%20Embed%20files%2C%20links%2C%20and%20docs%20for%20strategy%20decks%2C%20design%20handoffs%2C%20brainstorms%2C%20research%20gathering.%20Integrates%20with%20Giphy%2C%20Figma%2C%20Dropbox%2C%20Google%20Docs%2C%20and%20more.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpasteapp.com%2Fimages%2Fog-image-paste.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641214728145.459038324&it=1641214728095&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 03 Jan 2022 12:58:49 GMT
/
api.amplitude.com/ 		0
0
Primary Request login
auth.wetransfer.com/
Redirect Chain
  • https://auth.wetransfer.com/authorize?client_id=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=op...
  • https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaO...
23 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/scripts/vendor.ceff9bc43ab3533f83cd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
aa9dfd12b41a96834fdb8d9b08defb23e8e9ae8ce36d226b71176f9e3655c859
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Mon, 03 Jan 2022 12:58:49 GMT
cf-ray
6c7c669d1e367039-FRA
cache-control
no-store, max-age=0, no-transform
etag
W/"5c67-9dkyF4dJRJJtVB5au3FGV6e6r0A"
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'none'
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6c7c669d1e367039
ot-tracer-sampled
true
ot-tracer-spanid
049584d767b2bad0
ot-tracer-traceid
651ba9570b40d4b3
pragma
no-cache
referrer-policy
same-origin
x-auth0-requestid
d6632c0c0e7dfe351d19
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1641214730
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
server
cloudflare
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
2bIfpBKUMifzReIwAwO395najS0uMNm38fa5g7_Iuix207ADdimyAg==

Redirect headers

content-type
text/html; charset=utf-8
content-length
1436
date
Mon, 03 Jan 2022 12:58:49 GMT
location
/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
cf-ray
6c7c669c3ea38b96-FRA
cache-control
no-store, max-age=0, no-transform
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id
6c7c669c3ea38b96
ot-tracer-sampled
true
ot-tracer-spanid
5c6622fd6cb46c99
ot-tracer-traceid
5d7086057cc58efb
pragma
no-cache
x-auth0-requestid
01fd194ab1661690a13e
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1641214730
server
cloudflare
vary
Accept,Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
atNkonngFHAvsnsWzsPgMuE9dX9Aiu20K5KLnonere6AZauH35WNfQ==
ActiefGrotesque_W_Regular.woff
fonts.fiftythree.com/actief/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.fiftythree.com/actief/ActiefGrotesque_W_Regular.woff?cachebuster=01
Requested by
Host: pasteapp.com
URL: https://pasteapp.com/styles/app.75d709b17784db45a9ae.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://pasteapp.com/
Origin
https://pasteapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 09:23:24 GMT
via
1.1 80a51c83bb9479e2a3aa1ea59b366459.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
12926
x-cache
Hit from cloudfront
content-length
31208
last-modified
Tue, 28 Apr 2020 16:43:38 GMT
server
AmazonS3
etag
"f035c164fc875a8b318179b4f5ccd9f2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
CpjQIPJmOw-xFEDv89nG8a7I5o6u7Yyf77-MqjclHHJIB2fyO8yofQ==
378e1eac2f
bam.nr-data.net/1/ 		0
0
frame-modern.21272555.js
js.intercomcdn.com/ Frame 8E07 		294 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.21272555.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgz9nkp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 03 Jan 2022 12:02:37 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 10:01:27 GMT
server
AmazonS3
age
3373
etag
"8c58314eec3b841c67600c3194f8b68f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
80127
x-amz-cf-id
eP0Kk2A0hqt5YLkRB7A5FUj8Lgy6ieszqK1Z1g-HMkAua2Rhf_CyAA==
vendor-modern.aed2a635.js
js.intercomcdn.com/ Frame 8E07 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.aed2a635.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jgz9nkp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 03 Jan 2022 12:02:38 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 10:01:28 GMT
server
AmazonS3
age
3372
etag
"54ae25b5f120a40657e92e7e493e2cf6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
39073
x-amz-cf-id
IL3If_dqN74Nbvc9TQg6S0eopQA13DV_-YSFibz7X9XOINZBb_0KkQ==
ping
api-iam.intercom.io/messenger/web/ Frame 8E07 		0
0
0
bat.bing.com/actionp/ 		0
0
378e1eac2f
bam.nr-data.net/events/1/ 		0
0
378e1eac2f
bam.nr-data.net/jserrors/1/ 		0
0
gtm.js
www.googletagmanager.com/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
468c271c049086bd5e69b5339a1117b07cc0373ebf61b19b2b05bb365c2dd16a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39693
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 12:58:49 GMT
c1d2aa5e.lite.js
d19ptbnuzhibkh.cloudfront.net/3.1.0/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d19ptbnuzhibkh.cloudfront.net/3.1.0/c1d2aa5e.lite.js
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c800:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb757840ff584d17f7fc070a06d1296efe56bbc968402e7bbd1a16fe63a64874

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 08:45:28 GMT
content-encoding
gzip
last-modified
Thu, 01 Jul 2021 11:08:36 GMT
server
AmazonS3
age
11765602
etag
"c1cde1620a16051115e3ac73a587e7b0"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
13504
x-amz-cf-id
nJo-WDZ2tw2DHiRgzaPV8Y226HX3ZyCpm6ILFlxzzarEoRy0UPIcgw==
g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js
auth-cdn.wetransfer.com/assets/scripts/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/scripts/g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js?v=b1cf26d7a6e0d5db3296571d3d4641b8
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1e81832a19de048c473aa70db05c6c0e3aad1853784321aa31a1c99a1c84d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 15:40:27 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 12:47:39 GMT
server
AmazonS3
age
76703
etag
W/"efb31704f445766998427bd441fb8a40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
XOfbYTUitcfazhI48jSU7IlHsPW_F7MKqW-cNvmrW0rDRXHU-8b-kQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f39a1017906d512934d04cef8dbd816ebe0206eab872da92d30fdb554c84a89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
lock.min.js
auth-cdn.wetransfer.com/js/lock/11.27.2/ 		822 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/js/lock/11.27.2/lock.min.js
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b59022f20ed865d2a5241757ad702172f32434fe14c210eb3d6adec159b948d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 01:54:54 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 17:32:12 GMT
server
AmazonS3
age
39836
etag
W/"c81e14f9d9ab128978924d236f76436f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
BVOMz-wu4HdDbAUPXwLIKv2qrb53lLLIhsmt6mFAgn5z7a2dHEt0mA==
gtm.js
www.googletagmanager.com/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJMTXWX&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8910632332d04f097b7cf9596a61aa0de5f0f9536b8b26820b659e03ffe89159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45964
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 12:58:49 GMT
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 		2 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/3.1.0/c1d2aa5e.lite.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.68.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-68-163.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://auth.wetransfer.com
date
Mon, 03 Jan 2022 12:58:50 GMT
access-control-allow-credentials
true
server
akka-http/10.2.7
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
content-type
text/plain; charset=UTF-8
tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.68.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-68-163.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.7 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://auth.wetransfer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 03 Jan 2022 12:58:50 GMT
content-length
0
access-control-allow-origin
https://auth.wetransfer.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.2.7
fonts.css
auth-cdn.wetransfer.com/assets/styles/ 		824 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/scripts/g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js?v=b1cf26d7a6e0d5db3296571d3d4641b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cde80e58fff4561911f7397ef39dca6cfd699cf91ae6a205ff0a38b248d9d2d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 15:43:28 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified
Mon, 01 Feb 2021 13:06:52 GMT
server
AmazonS3
age
76522
etag
"c407710c4d344d6ac8cea97689e02199"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
824
x-amz-cf-id
FsHVtCHpxE5YXxPHNA2DzGgAx7qQg8Wnf2-IVKd-iuZAD75tC1anPA==
paste_login_styles.css
auth-cdn.wetransfer.com/assets/styles/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/styles/paste_login_styles.css?v=b1cf26d7a6e0d5db3296571d3d4641b8
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/scripts/g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js?v=b1cf26d7a6e0d5db3296571d3d4641b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79ce73befa835a927290c2464f393e0277312d9933f07272adac094592cb504f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 04:42:13 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 07:56:32 GMT
server
AmazonS3
age
29797
etag
W/"c219fd6d5d1a6b9ffb764ff57e63a015"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
m0qhIKl7pt-FlN3197hDqJ4NBcvhMWGnGRJRhZ0VeC-NKqIrp1K14w==
1851947026.mp4
vod-progressive.akamaized.net/exp=1641229130~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F419%2F17%2F427097722%2F1851947026.mp4~hmac=434fe946a87c8d1d2ec930fcb6d83d92988957bb3bbfbc14f877d6b4394fdcf6/vime...
Redirect Chain
  • https://player.vimeo.com/external/427097722.hd.mp4?s=d30c2b2a328e0efea7fa15ac8cc8b0673e24285f&profile_id=174
  • https://vod-progressive.akamaized.net/exp=1641229130~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F419%2F17%2F427097722%2F1851947026.mp4~hmac=434fe946a87c8d1d2ec930fcb6d83d92988957bb3bbfbc14f877d6b4394fd...
3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vod-progressive.akamaized.net/exp=1641229130~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F419%2F17%2F427097722%2F1851947026.mp4~hmac=434fe946a87c8d1d2ec930fcb6d83d92988957bb3bbfbc14f877d6b4394fdcf6/vimeo-prod-skyfire-std-us/01/419/17/427097722/1851947026.mp4?filename=Homepage_Paste_PR_Video-60s-060820.mp4
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 12:58:50 GMT
X-VIM-CACHEBC
EP:H11,E:m,PE:h
X-GUploader-UploadID
AAANsUnWmbgPO4ciZpcTAMD-sjOX7L7YWGW_8KfjKRISJPv-9nQsEHmpFzWrsycjM54ydLj8rhDJiCOTGi9icH6_cuY
x-goog-storage-class
STANDARD
Connection
keep-alive
Content-Length
4382373
AK-REFERENCE-ID
0.1fba1002.1641214730.13d35e12
Content-Range
bytes 0-4382372/4382373
Akamai-Mon-Iucid-Del
875210
Last-Modified
Mon, 08 Jun 2020 17:48:10 GMT
Server
UploadServer
Aka-c-hit
cache-hit
ETag
"0d7a9a776a295a66d2ba9c65b288adb5"
x-goog-hash
crc32c=pIUM+g==, md5=DXqad2opWmbSupxlsoittQ==
Content-Type
video/mp4
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Cache-Control
private, max-age=10342212
Akamai-Edge-IP
2a02:26f0:6c00::210:ba23
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 03 May 2022 05:49:02 GMT

Redirect headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via
1.1 google, 1.1 varnish
X-Content-Type-Options
nosniff
Age
0
X-Cache
MISS
X-Host
player-backend-5cb457cd5d-w52v7
Connection
keep-alive
Content-Length
0
X-Xss-Protection
1; mode=block
X-Served-By
cache-fra19157-FRA
X-Player-Backend
g
X-Timer
S1641214730.007127,VS0,VE151
Date
Mon, 03 Jan 2022 12:58:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Location
https://vod-progressive.akamaized.net/exp=1641229130~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F419%2F17%2F427097722%2F1851947026.mp4~hmac=434fe946a87c8d1d2ec930fcb6d83d92988957bb3bbfbc14f877d6b4394fdcf6/vimeo-prod-skyfire-std-us/01/419/17/427097722/1851947026.mp4?filename=Homepage_Paste_PR_Video-60s-060820.mp4
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
0
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0c304cfa2ccd7352a1b840d59f170fc61d26ae87608ed9aa46e45d451c7ed90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
ActiefGrotesque-W-Regular.woff
auth-cdn.wetransfer.com/assets/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/fonts/ActiefGrotesque-W-Regular.woff
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

Request headers

Referer
https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Origin
https://auth.wetransfer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 08:53:26 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
14814
x-cache
Hit from cloudfront
content-length
31120
last-modified
Mon, 01 Feb 2021 13:06:51 GMT
server
AmazonS3
etag
"57cbbfdafc43e0deecc75a309dd042c6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://auth.wetransfer.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
xIdB5Vrv6z2OTnWrf9gk1XcjO6YhJVp0R1hijLfPgMG2kOjYVwDSWA==
en.js
auth-cdn.wetransfer.com/js/lock/11.27.2/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/js/lock/11.27.2/en.js
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/js/lock/11.27.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9549286538bb1c7d9cec783ee33ffbae4f5566341e8efad47d31db235e5dba25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 05:49:20 GMT
content-encoding
gzip
last-modified
Tue, 27 Jul 2021 14:42:11 GMT
server
AmazonS3
age
25783
etag
W/"6aa1e28f6ec77bb16d20589fdffa73d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
y1KNQxhfjK_5ugUXsiQPU2bSFI9Tka2IA3INs0ZOOf_5f3ysZCi9KQ==
g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js
auth.wetransfer.com/client/ 		765 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/client/g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe.js?t1641214729421
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/js/lock/11.27.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
71d0d2793996c84f43f961f4c0375015bfd437ef9a6fab0a9ef10d08d32a762c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-auth0-requestid
b06656b63cc626593321
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000
server
cloudflare
ot-tracer-sampled
true
etag
W/"2fd-P9EPz+hm+szowuRT69CC9u7Amk0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
ot-tracer-traceid
741f004169210fa8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id
6c7c669eff72440d
cf-ray
6c7c669eff72440d-FRA
x-amz-cf-id
-B9XNZ5APcAxX-cWKx54Ucx4cnwYj7nQLdi9OFSLeEqnNsaLxrUmQA==
ot-tracer-spanid
4210c2c0260a6a1c
challenge
auth.wetransfer.com/usernamepassword/ 		18 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/usernamepassword/challenge
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/js/lock/11.27.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Auth0-Client
eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCIsImVudiI6eyJsb2NrLmpzLXVscCI6IjExLjI3LjIiLCJhdXRoMC5qcy11bHAiOiI5LjE0LjAiLCJhdXRoMC5qcyI6IjkuMTQuMCJ9fQ==
Referer
https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Jan 2022 12:58:50 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
09239c6dd84b6cc73cbd
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000
content-length
18
server
cloudflare
ot-tracer-sampled
true
etag
W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ot-tracer-traceid
313b8b1d12440bf8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id
6c7c669ef9054303
cf-ray
6c7c669ef9054303-FRA
x-amz-cf-id
8xaGzmLFDuabdoegUMXZuMgyCqNv3ohuz8BYCF94FBdcOBgr2UIzzw==
ot-tracer-spanid
3259a7df4528b937
GT-Super-WT-Regular.woff
auth-cdn.wetransfer.com/assets/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/fonts/GT-Super-WT-Regular.woff
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c

Request headers

Referer
https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Origin
https://auth.wetransfer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 04:18:57 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
32130
x-cache
Hit from cloudfront
content-length
43796
last-modified
Mon, 01 Feb 2021 13:06:52 GMT
server
AmazonS3
etag
"5321545e6fd1cec2eb1ee4b745f450a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://auth.wetransfer.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
CeRCbcPoUcAV1pHxfZVw4wfGlqG5NUhQF2Zb64s2xPSEWaUtQTS0cg==
GT-Super-WT-Super.woff
auth-cdn.wetransfer.com/assets/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/fonts/GT-Super-WT-Super.woff
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

Request headers

Referer
https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Origin
https://auth.wetransfer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 08:34:25 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
16108
x-cache
Hit from cloudfront
content-length
43188
last-modified
Mon, 01 Feb 2021 13:06:51 GMT
server
AmazonS3
etag
"55576599a2d772f9297c5036d355b1fb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://auth.wetransfer.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
hKG_H1Ot0GtvZ5E3f5ItB5PgBfU0Q-2xprrR4XF4jr8vdeaOtZgXVw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMTXWX&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7064
date
Mon, 03 Jan 2022 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 13:01:06 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1234781608&t=pageview&_s=1&dl=https%3A%2F%2Fauth.wetransfer.com%2Flogin%3Fstate%3DhKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ%26client%3Dg2cVmFDvQL6A6K390TM5XhaXta9Z8KQe%26protocol%3Doauth2%26audience%3Daud%253A%252F%252Fpaste-api-prod.wetransfer%252F%26redirect_uri%3Dhttps%253A%252F%252Fpasteapp.com%252Fauth%252Fcallback%26scope%3Dopenid%2520profile%2520email%2520offline_access%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DYjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%253D%253D%26code_challenge%3DPbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9&dp=%2Flogin&ul=en-us&de=UTF-8&dt=WeTransfer%20account%20%7C%20Paste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=853758481&gjid=383133147&cid=1794883441.1641214729&tid=UA-11792855-4&_gid=1998966432.1641214729&_r=1&gtm=2wgc10WJMTXWX&z=435504321
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11792855-4&cid=1794883441.1641214729&jid=853758481&gjid=383133147&_gid=1998966432.1641214729&_u=YEBAAUAAAAAAAC~&z=1491150585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 03 Jan 2022 12:58:50 GMT
content-type
text/plain
access-control-allow-origin
https://auth.wetransfer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-4&cid=1794883441.1641214729&jid=853758481&_u=YEBAAUAAAAAAAC~&z=580782041
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11792855-4&cid=1794883441.1641214729&jid=853758481&_u=YEBAAUAAAAAAAC~&z=580782041
Requested by
Host: auth.wetransfer.com
URL: https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jan 2022 12:58:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ssodata
auth.wetransfer.com/user/ 		0
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.wetransfer.com/user/ssodata
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/js/lock/11.27.2/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.wetransfer.com/login?state=hKFo2SBCMm16QnZuRGdodmhOSkJoUi1RX1hhOWNaVmhyeF83YaFupWxvZ2luo3RpZNkgRVhkWjZJb1czS000T0U1S2xBQXhzemEtRFhFVzRrMDajY2lk2SBnMmNWbUZEdlFMNkE2SzM5MFRNNVhoYVh0YTlaOEtRZQ&client=g2cVmFDvQL6A6K390TM5XhaXta9Z8KQe&protocol=oauth2&audience=aud%3A%2F%2Fpaste-api-prod.wetransfer%2F&redirect_uri=https%3A%2F%2Fpasteapp.com%2Fauth%2Fcallback&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg%3D%3D&code_challenge=PbIgEcVii3e6sGmkknuwTkH_PFoKZRhluiQ_P8tm02Q&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 12:58:50 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
b679d30acf6a8cd8f95e
x-amz-cf-pop
FRA60-P3
x-cache
Error from cloudfront
strict-transport-security
max-age=31536000
content-length
0
server
cloudflare
ot-tracer-sampled
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
ot-tracer-traceid
20d7831e2e1df7d4
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id
6c7c669fd9dd8bf4
cf-ray
6c7c669fd9dd8bf4-FRA
x-amz-cf-id
VfTjv2HcBp731rrPixYlxj39JIisSFz-xk9rEPHLs4GKeKklIsRDSw==
ot-tracer-spanid
0de1fbf930078e29
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb8ef0dd77714598c4b2620b39cf40804c8abef9790a8d7aef3a151f85be25ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
198390069136bd1758672f5f615435c2a2acfddf3f8deee425d83a1b1367a781

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		943 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7bf2df0a16db084dfa378e073c399b14fa4c48e92764bdb5497051f9786ce77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		565 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c52bdbaa9c00ee5d298c01ccd6399083ff9283156da45904f679542243fe24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
ActiefGrotesque-W-Medium.woff
auth-cdn.wetransfer.com/assets/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth-cdn.wetransfer.com/assets/fonts/ActiefGrotesque-W-Medium.woff
Requested by
Host: auth-cdn.wetransfer.com
URL: https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

Request headers

Referer
https://auth-cdn.wetransfer.com/assets/styles/fonts.css
Origin
https://auth.wetransfer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 03:56:42 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
32532
x-cache
Hit from cloudfront
content-length
32124
last-modified
Mon, 01 Feb 2021 13:06:52 GMT
server
AmazonS3
etag
"868aedeefe7669e8a4f7196f7df5d058"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://auth.wetransfer.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
wsvC1eoR2rxTPA-5oPpGzuGf8CSmDQtWMemD36lMIxsVlzRk5AElvA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dbba1863bcfe251266f22a6c3b047f788a4851623c58c7b6b750809f0885dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.amplitude.com
URL
https://api.amplitude.com/
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/378e1eac2f?a=21782324&v=1212.e95d35c&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YThtVDFBcCxIZGg1eWgcYFgQYH0kXRRpPHRgDQU0LGB9JF0FQBFxETR4VTFZRCFFbGk8%3D&rst=2000&ck=1&ref=https://pasteapp.com/&qt=-2&ap=2.854912&be=448&fe=1905&dc=1900&tt=2da6f935dc0de6&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1641214726971,%22n%22:0,%22f%22:15,%22dn%22:15,%22dne%22:15,%22c%22:15,%22s%22:21,%22ce%22:34,%22rq%22:34,%22rp%22:348,%22rpe%22:441,%22dl%22:351,%22di%22:1900,%22ds%22:1900,%22de%22:1900,%22dc%22:1905,%22l%22:1905,%22le%22:1908%7D,%22navigation%22:%7B%7D%7D&fp=1922&jsonp=NREUM.setToken
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping
Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=17116656&tm=gtm002&Ver=2&mid=fbaa4d6c-5279-4add-ab4d-2c2fee659a77&sid=e4a7f8606c9411ecb7f0230683e4d758&vid=e4a814606c9411ec83c701dab4bf8c25&vids=1&evt=pageHide
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/378e1eac2f?a=21782324&v=1212.e95d35c&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YThtVDFBcCxIZGg1eWgcYFgQYH0kXRRpPHRgDQU0LGB9JF0FQBFxETR4VTFZRCFFbGk8%3D&rst=2269&ck=1&ref=https://pasteapp.com/
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/jserrors/1/378e1eac2f?a=21782324&v=1212.e95d35c&to=YgBTYxBVVxBWVhFRWltKdE8SRlwQRF8WF3JwMR4YThtVDFBcCxIZGg1eWgcYFgQYH0kXRRpPHRgDQU0LGB9JF0FQBFxETR4VTFZRCFFbGk8%3D&rst=2270&ck=1&ref=https://pasteapp.com/

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| spConfig object| GlobalSnowplowNamespace function| snowplow object| auth0EncodedConfig object| WT_PAGE_CONFIG function| initializeUiFromConfig function| initializeAuth0 object| lockJsScript object| google_tag_manager object| LockConfiguration object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

30 Cookies

Domain/Path Name / Value
auth.wetransfer.com/usernamepassword/login Name: _csrf
Value: Q6pg0iq4urddFNRkVUaXd7NP
www.filestackapi.com/dialog/comm_iframe Name:
Value: testcookie
dialog.filestackapi.com/dialog/comm_iframe Name:
Value: testcookie
pasteapp.com/ Name: present_session
Value: eyJjc3JmU2VjcmV0IjoibTFLYmJtYkh3UXI2R0lucFB2Xzd4bEtoIn0=
pasteapp.com/ Name: present_session.sig
Value: zf9Ge-YTZVvrLjxUt8h2oVBYvyI
.pasteapp.com/ Name: _gcl_au
Value: 1.1.351578124.1641214728
.pasteapp.com/ Name: _ga
Value: GA1.2.1111120512.1641214728
.pasteapp.com/ Name: _gid
Value: GA1.2.838994020.1641214728
.pasteapp.com/ Name: _dc_gtm_UA-11792855-25
Value: 1
.pasteapp.com/ Name: _gat_gtag_UA_30418293_14
Value: 1
.bing.com/ Name: MUID
Value: 1EAC3E3400A3615739EB2F1501C860F3
.adnxs.com/ Name: uuid2
Value: 5192467869634551854
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C%sgp2K1!]tbP6j2F-XstGt!@D5v$Rz0k
.pasteapp.com/ Name: _fbp
Value: fb.1.1641214728145.459038324
.doubleclick.net/ Name: IDE
Value: AHWqTUnQIm-1cWtQgoBg1v7mRpyJVcJsHCJLBxlESHzkbqfH1DZMqSYn1gsmzaDaA_M
.pasteapp.com/ Name: _uetsid
Value: e4a7f8606c9411ecb7f0230683e4d758
.pasteapp.com/ Name: _uetvid
Value: e4a814606c9411ec83c701dab4bf8c25
.pasteapp.com/ Name: amplitude_id_0b99d1fe24ad918bbe8568945c86a142pasteapp.com
Value: eyJkZXZpY2VJZCI6IjVkMDZhMTY0LTMxNmYtNDZkNC1iMTNjLWYzMWYzMTk3N2E4M1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY0MTIxNDcyNzk4OCwibGFzdEV2ZW50VGltZSI6MTY0MTIxNDcyODkwMCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
pasteapp.com/ Name: _legacy_a0.spajs.txs
Value: {%22nonce%22:%22YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg==%22%2C%22code_verifier%22:%22kNRwNA.LvbUKvSR9kjDSTrnbP2BuGfKT~Bn9.iRHCIb%22%2C%22scope%22:%22openid%20profile%20email%20offline_access%22%2C%22audience%22:%22aud://paste-api-prod.wetransfer/%22%2C%22redirect_uri%22:%22https://pasteapp.com/auth/callback%22}
pasteapp.com/ Name: a0.spajs.txs
Value: {%22nonce%22:%22YjFKQWVWSHpoSWFmdG1UR05VWC5BTHROLVJSWnRkWEJXakVPNmhVTlc1Qg==%22%2C%22code_verifier%22:%22kNRwNA.LvbUKvSR9kjDSTrnbP2BuGfKT~Bn9.iRHCIb%22%2C%22scope%22:%22openid%20profile%20email%20offline_access%22%2C%22audience%22:%22aud://paste-api-prod.wetransfer/%22%2C%22redirect_uri%22:%22https://pasteapp.com/auth/callback%22}
auth.wetransfer.com/ Name: did
Value: s%3Av0%3Ae529e350-6c94-11ec-ace6-51f18c2f40c3.5Kwo0LZdZ7HriTDSW8tZl1XAgiVHKcE3W40dlDbG1Qw
auth.wetransfer.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHS4Zxbg30evV-NQQGk2RODCn4Y2vIUjZNcxXdFtLjQ3vDLWolL7-3HmhPbrDD0eHfRXZgVjdldbCpOdKgXAZiymY29va2llg6dleHBpcmVz1_-zh3kAYdbnia5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.grMaRuVIHooYGL8F1rpvBXgG2JFk9QhLQQgp2y7Lg0c
auth.wetransfer.com/ Name: did_compat
Value: s%3Av0%3Ae529e350-6c94-11ec-ace6-51f18c2f40c3.5Kwo0LZdZ7HriTDSW8tZl1XAgiVHKcE3W40dlDbG1Qw
auth.wetransfer.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHS4Zxbg30evV-NQQGk2RODCn4Y2vIUjZNcxXdFtLjQ3vDLWolL7-3HmhPbrDD0eHfRXZgVjdldbCpOdKgXAZiymY29va2llg6dleHBpcmVz1_-zh3kAYdbnia5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.grMaRuVIHooYGL8F1rpvBXgG2JFk9QhLQQgp2y7Lg0c
.wetransfer.com/ Name: _wt_snowplowses.38f1
Value: *
.wetransfer.com/ Name: _wt_snowplowid.38f1
Value: 1f555d76-af21-44b1-b9ae-f4b4468f0fcc.1641214729.1.1641214729.1641214729.3c361f9c-c405-4756-8826-47646cdf8c9c
.wetransfer.com/ Name: _ga
Value: GA1.2.1794883441.1641214729
.wetransfer.com/ Name: _gid
Value: GA1.2.1998966432.1641214729
.wetransfer.com/ Name: _gat_UA-11792855-4
Value: 1
.wetransfer.com/ Name: sp
Value: c1537dfd-d10f-4ad5-be54-bac1435fea82

1 Console Messages

Source Level URL
Text
network error URL: https://auth.wetransfer.com/user/ssodata
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8444178.fls.doubleclick.net
adservice.google.com
api-iam.intercom.io
api.amplitude.com
api.filestackapi.com
auth-cdn.wetransfer.com
auth.wetransfer.com
bam.nr-data.net
bat.bing.com
cdn.amplitude.com
cdn.embedly.com
connect.facebook.net
d19ptbnuzhibkh.cloudfront.net
dialog.filestackapi.com
fonts.fiftythree.com
js-agent.newrelic.com
js.intercomcdn.com
pasteapp.com
pixel.mediaiqdigital.com
player.vimeo.com
secure.adnxs.com
snowplow.wetransfer.com
stats.g.doubleclick.net
vod-progressive.akamaized.net
widget.intercom.io
www.facebook.com
www.filestackapi.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
api-iam.intercom.io
api.amplitude.com
bam.nr-data.net
bat.bing.com
104.16.89.50
13.32.99.13
13.32.99.25
13.32.99.68
142.250.185.102
151.101.130.133
151.101.194.137
151.101.64.217
18.158.49.19
18.66.112.55
18.66.139.61
18.66.97.114
185.33.223.38
2600:9000:223f:c800:6:bbf2:440:21
2620:1ec:c11::200
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c08::9b
2a02:26f0:6c00::210:ba23
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.212.68.163
52.222.206.6
0400d96803a66b734e5ea57eced23db6263d5d3c94655334daf9559977eb1767
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1389d6af52602e5b50d46f8916913c79e54ff3896babee24d6ac3ce7f0085f88
198390069136bd1758672f5f615435c2a2acfddf3f8deee425d83a1b1367a781
1ae6bfd0f558fad6bd37d53d79357ffa670960086a64faa7d8c657950d08ff08
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
1f39a1017906d512934d04cef8dbd816ebe0206eab872da92d30fdb554c84a89
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
42c52bdbaa9c00ee5d298c01ccd6399083ff9283156da45904f679542243fe24
468c271c049086bd5e69b5339a1117b07cc0373ebf61b19b2b05bb365c2dd16a
4b59022f20ed865d2a5241757ad702172f32434fe14c210eb3d6adec159b948d
53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492
5dee50e1240bcc11f20cb426f624e2ebfdfde595578ee8895e0034261094b974
6800541f3fa1eb8649d45fb0836aee81202d5ae34de7bd2aadab7cc3950a8422
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbba1863bcfe251266f22a6c3b047f788a4851623c58c7b6b750809f0885dad
71d0d2793996c84f43f961f4c0375015bfd437ef9a6fab0a9ef10d08d32a762c
7318baed560e1cb45acb0a70e2ce9f9e8fd35a3542657dfd9fbff3c7121ec250
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
79ce73befa835a927290c2464f393e0277312d9933f07272adac094592cb504f
7a6aa2f4c5a1233f7079884100260478b3a0ba016aa21e54d11dfdff02ca3143
7c98a58ca9be7ba480c82207df42ff7d14c5c5e88f366e4a52280faac86f1d81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
8910632332d04f097b7cf9596a61aa0de5f0f9536b8b26820b659e03ffe89159
9549286538bb1c7d9cec783ee33ffbae4f5566341e8efad47d31db235e5dba25
9d803552f9342d3bc7e5a237ec52f0c6afefdcf54cc5645e641fdf86d95a1cc5
9fd58f081ef4b4904172eca648ccb15b0215e5a263f05da7694e43202cb0ec99
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
aa9dfd12b41a96834fdb8d9b08defb23e8e9ae8ce36d226b71176f9e3655c859
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c1e81832a19de048c473aa70db05c6c0e3aad1853784321aa31a1c99a1c84d80
cde80e58fff4561911f7397ef39dca6cfd699cf91ae6a205ff0a38b248d9d2d4
d0c304cfa2ccd7352a1b840d59f170fc61d26ae87608ed9aa46e45d451c7ed90
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bf2df0a16db084dfa378e073c399b14fa4c48e92764bdb5497051f9786ce77
eb757840ff584d17f7fc070a06d1296efe56bbc968402e7bbd1a16fe63a64874
eb8ef0dd77714598c4b2620b39cf40804c8abef9790a8d7aef3a151f85be25ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efde8425d168298b4ae4f6d6a709d82140944987ea3d04c379c07afb1e664b96
f95dc7465b90788f8d5cb452b298bb4e6639cec58821888da9be25f353035a8c