urlscan.io logo urlscan.io
SecurityTrails logo

paperform.co Open in urlscan Pro
108.138.128.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paperform.ca/
Effective URL: https://paperform.co/invite/bcbnkl
Submission: On March 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 1 countries across 21 domains to perform 69 HTTP transactions. The main IP is 108.138.128.33, located in United States and belongs to AMAZON-02, US. The main domain is paperform.co. The Cisco Umbrella rank of the primary domain is 79356.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 7th 2024. Valid for: a year.
This is the only time paperform.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.164.116.62 16509 (AMAZON-02)
6 108.138.128.33 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:220... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.40.98 15169 (GOOGLE)
2 2620:1ec:46::40 8075 (MICROSOFT...)
8 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 52.152.143.207 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.226.34.3 ()
1 2 20.110.205.119 ()
69 28
1    2606:4700:3035::ac43:861b (United States)

ASN13335 (CLOUDFLARENET, US)
paperform.ca
1    18.164.116.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-62.jfk50.r.cloudfront.net
pxl.to
6    108.138.128.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-33.jfk50.r.cloudfront.net
paperform.co
1    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4004:c08::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
3    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.recaptcha.net
2    2600:9000:2209:ba00:e:f359:cf80:21 (United States)

ASN16509 (AMAZON-02, US)
duube1y6ojsji.cloudfront.net
1    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
8    2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:80a::2006 (United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2607:f8b0:4006:820::2016 (United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4006:821::2001 (United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    13.226.34.3 (None, )

ASN- ()
widget.intercom.io
2    20.110.205.119 (None, )

ASN- ()
c.clarity.ms
Apex Domain
Subdomains		 Transfer
10 google.com
accounts.google.com — Cisco Umbrella Rank: 20
analytics.google.com — Cisco Umbrella Rank: 148
www.google.com — Cisco Umbrella Rank: 2
152 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
489 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
1008 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
static.doubleclick.net — Cisco Umbrella Rank: 259
3 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 756
o.clarity.ms — Cisco Umbrella Rank: 7606
c.clarity.ms
23 KB
6 paperform.co
paperform.co — Cisco Umbrella Rank: 79356
309 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
jnn-pa.googleapis.com — Cisco Umbrella Rank: 218
41 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com
14 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1274
30 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
2 cloudfront.net
duube1y6ojsji.cloudfront.net
2 KB
1 intercom.io
widget.intercom.io
3 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
9 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
95 KB
1 pxl.to
pxl.to
13 KB
1 paperform.ca
paperform.ca
451 B
0 intercomcdn.com Failed
js.intercomcdn.com Failed
69 21
Domain Requested by
8 www.youtube.com paperform.co
www.youtube.com
6 paperform.co pxl.to
paperform.co
5 www.gstatic.com www.recaptcha.net
www.youtube.com
www.gstatic.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.google.com paperform.co
www.youtube.com
www.gstatic.com
4 accounts.google.com paperform.co
accounts.google.com
3 fonts.gstatic.com www.youtube.com
paperform.co
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
3 bat.bing.com paperform.co
bat.bing.com
3 www.recaptcha.net paperform.co
www.gstatic.com
www.recaptcha.net
2 c.clarity.ms 1 redirects
2 www.facebook.com paperform.co
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 o.clarity.ms www.clarity.ms
2 connect.facebook.net paperform.co
connect.facebook.net
2 www.google-analytics.com paperform.co
www.google-analytics.com
2 www.clarity.ms paperform.co
www.clarity.ms
2 duube1y6ojsji.cloudfront.net paperform.co
1 c.bing.com 1 redirects
1 widget.intercom.io paperform.co
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.googleadservices.com paperform.co
1 www.googletagmanager.com paperform.co
1 fonts.googleapis.com paperform.co
1 pxl.to
1 paperform.ca 1 redirects
0 js.intercomcdn.com Failed widget.intercom.io
69 30

This site contains no links.

Subject Issuer Validity Valid
pxl.to
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-18		 a year crt.sh
paperform.co
Amazon RSA 2048 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh

This page contains 5 frames:

Primary Page: https://paperform.co/invite/bcbnkl
Frame ID: 55F879DB7A7F588704DAF23159562CB1
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Frame ID: 287A719E946578EDCCD718D973EBFC55
Requests: 20 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=continue_with&shape=pill&logo_alignment=left&width=260&client_id=934432529405-ji2k2idb3ao04jpj5prs79f583k0ifpd.apps.googleusercontent.com&iframe_id=gsi_673752_412842&as=5vlRqdPKIqK9jlGARLtZuw
Frame ID: 9003B0FEC191C7D6B90B5BD02E090DB8
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
Frame ID: 0E2B0F4A1C480BA57BF0E4D356A2B965
Requests: 5 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.8f1ca375.js
Frame ID: DE0DF59B59830182128A005AF71EFEC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Someone has given you 10% off Paperformâ„¢ forever

Page URL History Show full URLs

  1. https://paperform.ca/ HTTP 301
    https://pxl.to/paperform Page URL
  2. https://paperform.co/invite/bcbnkl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

69
Requests

94 %
HTTPS

79 %
IPv6

21
Domains

30
Subdomains

28
IPs

1
Countries

2304 kB
Transfer

6662 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paperform.ca/ HTTP 301
    https://pxl.to/paperform Page URL
  2. https://paperform.co/invite/bcbnkl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://paperform.ca/ HTTP 301
  • https://pxl.to/paperform
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 65
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&RedC=c.clarity.ms&MXFR=1750955EFF9C630E04E38168FB9C6D86 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&MUID=34E3B52887E664A617F4A11E8641653E

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
paperform
pxl.to/
Redirect Chain
  • https://paperform.ca/
  • https://pxl.to/paperform
74 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxl.to/paperform
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-62.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eef2a8f007c3d9bb0aa6d33039a85d383b7f2f276408e8b70e4d8bd9b55fce4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
16783
cache-control
private, no-cache, no-store
content-encoding
gzip
content-type
text/html
date
Sat, 02 Mar 2024 02:01:30 GMT
etag
W/"4442b2c3a5ca457c059bffd89835d4f4"
last-modified
Fri, 01 Mar 2024 01:55:54 GMT
referrer-policy
no-referrer
server
AmazonS3
vary
Accept-Encoding
via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-id
0iKzqig-VK8SaDyt5Eu9Nol3C8AinJyALVacgFZ_XGVdmu5PjIScRw==
x-amz-cf-pop
JFK50-P6
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
85df66517bf1db2d-MIA
date
Sat, 02 Mar 2024 06:41:11 GMT
expires
Sat, 02 Mar 2024 07:41:11 GMT
location
https://pxl.to/paperform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fW6%2Fmo1KMTcXcdgFLxQNpgWaKFJjCf1SbsHffOTI4tMDuFj8Z35Ix7yaMERIlvBtukoe1IW5OTDHgClWio9J%2F3S3w89jliqnVTSYqe93Zz7FXOWIOMZbh8FD%2FjO4g%2FOvoaQI%2BvvOjWF4P6Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request bcbnkl
paperform.co/invite/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paperform.co/invite/bcbnkl
Requested by
Host: pxl.to
URL: https://pxl.to/paperform
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0f25bdab13edc183ea085f254a9fc4344bc7e02c4a94295bc9710c370122ed8d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 02 Mar 2024 06:41:12 GMT
expires
0
pragma
no-cache
server
nginx
strict-transport-security
max-age=300
vary
Accept-Encoding
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
x-amz-cf-id
9W0yylKkDMQkDPGqW5Zrau8TdpzWolFMuNWrHeznKLJwsoyR0gekdw==
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc60af09a2dd81632db1bd9adcfbf9ee781148115dad62f33c3ca8f3c92e877f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 06:41:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Mar 2024 06:41:12 GMT
theme.css
paperform.co/css/ 		165 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paperform.co/css/theme.css?017
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
4794b8beb48280803ce585233d77467867ed6b194f2c0ccea4d6f8eea0c7a2b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/invite/bcbnkl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2024 00:13:59 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
etag
W/"65e11dc7-29338"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
BTl1I2zSlQrONpETseEikkxKdU8KV-RVmpkMJOvmxE2ZirqYp90_DA==
Paperform_Master_Black.png
paperform.co/images/logo-v3/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paperform.co/images/logo-v3/Paperform_Master_Black.png
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
c0ca4324f9657a4a78ffc94fa64e61e0a1050aedec54f3b3c8d919f4527306b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/invite/bcbnkl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2024 00:14:03 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
etag
"65e11dcb-8cf1"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
36081
x-amz-cf-id
pdPDY08l9YxcNGNUvaS2cC5oCCl9ckB1Pr9KxMLyDWdNPv4rWBHerQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
client
accounts.google.com/gsi/ 		214 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f99c19e895fc2456e50cd1349d89bf796d30fd7794fed5d6b10d07706d0dfc7e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bEpi5BJbbLPWD4xZd6wC9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bEpi5BJbbLPWD4xZd6wC9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 02 Mar 2024 06:41:12 GMT
Paperform_Master_Symbol_Black.png
paperform.co/images/logo-v3/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paperform.co/images/logo-v3/Paperform_Master_Symbol_Black.png
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0ff177a962924647199c8f486039cc3d85533e40d07591f237219ec01669305b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/invite/bcbnkl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2024 00:13:59 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
etag
"65e11dc7-3dbc"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15804
x-amz-cf-id
Pe5_74DXiIJf72Xxpz8LhXeT6Pj56WCyDQZ3QwGdGwG5TdY3q-kO-A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.recaptcha.net/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea32fc863915247dcf0b8fdd5bd64e18c7d3876b3d520d1e89134dbc61c5dea4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 02 Mar 2024 06:41:12 GMT
common-analytics-osSRTcod.js
duube1y6ojsji.cloudfront.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/common-analytics-osSRTcod.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6a1ab0e36bc16266626a2861c6d4e1e1106d6a5080931a8f5fe68e6cd7338dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 03:48:22 GMT
content-encoding
gzip
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 03:11:58 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
5021571
etag
W/"05bb66ff97aca6a265e910ceb8b8265e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-id
X0i4XajMnX6fEJR3Ocx4ysKGL1123sywUqvOgLcZVqDlzJXGVtUCPw==
js
www.googletagmanager.com/gtag/ 		285 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LRJPP419ST
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe3f02920a170a0b196861a50ae1675587e796770d23a23ee30ad4146e1b9c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96587
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 06:41:12 GMT
conversion.js
www.googleadservices.com/pagead/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
b1f0bbc2b9daf242743af55978f3a9cdc6770c4f37c7b99fe002146060b1e92c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19733
x-xss-protection
0
server
cafe
etag
1736371864581673419
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 06:41:12 GMT
2689e5b80568a29576ec.home.min.js
duube1y6ojsji.cloudfront.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/2689e5b80568a29576ec.home.min.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
fbape1pzbj
www.clarity.ms/tag/ 		651 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fbape1pzbj
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30a48b675d82b04ff44e47bef7e803f5cebc1beea3ae63a46c1a512c8098beaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Sat, 02 Mar 2024 06:41:12 GMT
x-azure-ref
0CMriZQAAAACPHuTh6gXcSZI6ir864H4rTUlBRURHRTMwMDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
651
expires
-1
pkZE0M-fr4o
www.youtube.com/embed/ Frame 287A 		91 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50eb16e9403cd0b49e627349c2168c6bb3f5b906991326b6d1a87117c00e6cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paperform.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Mar 2024 06:41:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
WorkSans-VariableFont_wght.ttf
paperform.co/images/logo-v3/fonts/work-sans/ 		388 KB
182 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paperform.co/images/logo-v3/fonts/work-sans/WorkSans-VariableFont_wght.ttf
Requested by
Host: paperform.co
URL: https://paperform.co/css/theme.css?017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e995fd56a2ffa28aaac2f6a49416a16f17f594beb143f4946a9647af49ea5bef

Request headers

Referer
https://paperform.co/css/theme.css?017
Origin
https://paperform.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2024 00:14:08 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
etag
W/"65e11dd0-60f44"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/octet-stream
x-amz-cf-id
1la6O9NLJlOmVdxpb9_vbikNWww5ceKofffepmVhUaBdTioLGEXbHA==
BRSonoma-Light.otf
paperform.co/images/logo-v3/fonts/br-sonoma/ 		83 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paperform.co/images/logo-v3/fonts/br-sonoma/BRSonoma-Light.otf
Requested by
Host: paperform.co
URL: https://paperform.co/css/theme.css?017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-33.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
c38e4e023ed1887bc2ccce0d9c5b235742192300393758783a224e03812b3060

Request headers

Referer
https://paperform.co/css/theme.css?017
Origin
https://paperform.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2024 00:13:59 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
etag
W/"65e11dc7-14c6c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/octet-stream
x-amz-cf-id
WllrOHvG8MmNQlGvcVbsWbt5h3Po5sjULjHW34j8PVqTgCocshJpFQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paperform.co/
Origin
https://paperform.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 08:57:59 GMT
clarity.js
www.clarity.ms/s/0.7.22/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.22/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fbape1pzbj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:12 GMT
content-encoding
br
last-modified
Thu, 29 Feb 2024 15:07:22 GMT
x-azure-ref-originshield
0sgniZQAAAAAzrXKWMj4VSqlXVPu8s2DOTU5aMjIxMDYwNjEyMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DC39382173A2DD"
x-azure-ref
0CMriZQAAAAB7f7I5AUKfQamFBKpU6yM5TUlBRURHRTMwMDkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
dabc6a1f-201e-006e-7638-6b7bf4000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Mar 2024 05:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2971
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 02 Mar 2024 07:51:42 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 02 Mar 2024 06:41:12 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35423B94910E425091AEF3286AC4F7AA Ref B: MIAEDGE1620 Ref C: 2024-03-02T06:41:13Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13280
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 06:41:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
OZYUhBmfHZRcTcFkD398IT9FjFcd2sJJZLO54hK9UAUycEfVoqSOCdYwOSa25jLa8hrNHCgFaTBZDu01ti2P3Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/937242916/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937242916/?random=1709361673030&cv=9&fst=1709361673030&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&tiba=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d95333f7957b3bf3e230f48977db50c42324f131f7d7d5492e6b13e171bfaffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/31eb286a/ Frame 287A 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 16:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
52799
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47553
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Mar 2025 16:01:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 287A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:56:40 GMT
x-content-type-options
nosniff
age
251073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 08:56:40 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 287A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 09:09:27 GMT
x-content-type-options
nosniff
age
250306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 09:09:27 GMT
collect
o.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.22/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paperform.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paperform.co
Date
Sat, 02 Mar 2024 06:41:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
embed.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/ Frame 287A 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3431bee7e5352c420329536cc14790e5eded608e2b94b77e5506952b6ff65dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
253003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16765
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:24:30 GMT
www-embed-player.js
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame 287A 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
253003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97346
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:24:30 GMT
base.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/ Frame 287A 		2 MB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b3ab64c0a9c3d39734e3311b6c816d6383e3659944c61db0becf54128011153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795505
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:24:29 GMT
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LRJPP419ST&gtm=45je42t1v875223908za220&_p=1709361672939&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=637868896.1709361673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709361673&sct=1&seg=0&dl=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&dt=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=956
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRJPP419ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paperform.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LRJPP419ST&cid=637868896.1709361673&gtm=45je42t1v875223908za220&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRJPP419ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paperform.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LRJPP419ST&gtm=45je42t1v875223908za220&_p=1709361672939&gcd=13l3l3l3l1&npa=0&dma=0&cid=637868896.1709361673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1709361673&sct=1&seg=1&dl=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&dt=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&en=page_view&_ee=1&_et=4&tfd=984
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRJPP419ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paperform.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
187016110.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187016110.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 02 Mar 2024 06:41:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 536C768AD94E411AB12C95B1825FBFAC Ref B: MIAEDGE1620 Ref C: 2024-03-02T06:41:13Z
x-cache
CONFIG_NOCACHE
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1415542430&t=pageview&_s=1&dl=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&ul=en-us&de=UTF-8&dt=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1738752566&gjid=1700668844&cid=637868896.1709361673&tid=UA-82275604-1&_gid=613433053.1709361673&_r=1&_slc=1&z=1452230897
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paperform.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paperform.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/937242916/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/937242916/?random=1709361673030&cv=9&fst=1709359200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&tiba=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq9q43y0WJ9-1Qqyf9mad-R2HbuPeb8Q&random=3485185824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
382347415447340
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/382347415447340?v=2.9.148&r=stable&domain=paperform.co&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c2f7efa43b489c750a7787f550964d788a1a8229f2b929796163d9ea9132343
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 02 Mar 2024 06:41:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11103
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
HTAyvmhvx5ypMLqzjbtfxWvMLxztGL+h17ba6YofSo6dLWiofW4+4Aeu8mfYlWA7DL2BNXuQ9NlrylgK7tsmEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82275604-1&cid=637868896.1709361673&jid=1738752566&gjid=1700668844&_gid=613433053.1709361673&_u=IADAAEAAAAAAACAAI~&z=219331872
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paperform.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 02 Mar 2024 06:41:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paperform.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-82275604-1&cid=637868896.1709361673&jid=1738752566&_u=IADAAEAAAAAAACAAI~&z=60018136
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=382347415447340&ev=PageView&dl=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&rl=&if=false&ts=1709361673392&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709361673391.1965129830&ler=empty&cdl=API_unavailable&it=1709361673307&coo=false&rqm=GET
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 06:41:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=382347415447340&ev=ViewContent&dl=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&rl=&if=false&ts=1709361673394&sw=1600&sh=1200&v=2.9.148&r=stable&ec=1&o=4126&fbp=fb.1.1709361673391.1965129830&ler=empty&cdl=API_unavailable&it=1709361673307&coo=false&rqm=GET
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 02 Mar 2024 06:41:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
id
googleads.g.doubleclick.net/pagead/ Frame 287A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d52c69a8e529b74250e5f9c86bed6d8079036c014953c023b9c8ed36d3f816b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Mar 2024 06:41:13 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 287A 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:35:01 GMT
x-content-type-options
nosniff
age
372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Mar 2024 06:50:01 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Mar 2024 06:41:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 287A 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a320a6d6bb1694c42e4008c20554b93338701ddd630614b060d461ec014d73c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41066
x-xss-protection
0
remote.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/ Frame 287A 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981413e51edc49d3d5a048d113f0a9915a8c0ccaf1bcef6f657948fd4017a798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
253003
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33834
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:24:30 GMT
Hg8RJ6IYDEt2XfeS9TTatHSj5NgA1bkUUg8jx44YVvw.js
www.google.com/js/th/ Frame 287A 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Hg8RJ6IYDEt2XfeS9TTatHSj5NgA1bkUUg8jx44YVvw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e0f1127a2180c4b765df792f534dab474a3e4d800d5b914520f23c78e1856fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
87748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19900
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 06:18:45 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/pkZE0M-fr4o/ Frame 287A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/pkZE0M-fr4o/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2016 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21c5a7107eeb85d5e1c93244ce00c3f99a409c2b5203fe227c475ed6b8065996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
x-content-type-options
nosniff
server
sffe
etag
"1531184682"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9300
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 02 Mar 2024 08:41:13 GMT
truncated
/ Frame 287A 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
oQ9l1Uc9l5fkkroa_4MJsgKavKP0_7tqEHMYpJzLCG4VfcURvQKLS30FKJCBj_zO5es6oGsmxg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 287A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/oQ9l1Uc9l5fkkroa_4MJsgKavKP0_7tqEHMYpJzLCG4VfcURvQKLS30FKJCBj_zO5es6oGsmxg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
35eaf0e4045390a6071be90eb77bb2ab930d06282e284d3dfaccb6e8f40c8c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:09:23 GMT
x-content-type-options
nosniff
age
1910
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3814
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Mar 2024 06:09:23 GMT
generate_204
www.youtube.com/ Frame 287A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?1RCL9g
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 287A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 06:41:13 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-o9uBFjPJ76faV2AYKziB5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-o9uBFjPJ76faV2AYKziB5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 02 Mar 2024 06:41:13 GMT
button
accounts.google.com/gsi/ Frame 9003 		114 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=continue_with&shape=pill&logo_alignment=left&width=260&client_id=934432529405-ji2k2idb3ao04jpj5prs79f583k0ifpd.apps.googleusercontent.com&iframe_id=gsi_673752_412842&as=5vlRqdPKIqK9jlGARLtZuw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61decd440d8feea64ad7b91c2d7e4fd6840cd8495813f500cc94b18e370a0c93
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2Z0d7c_jrPGIyxYEoAzihQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paperform.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2Z0d7c_jrPGIyxYEoAzihQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Sat, 02 Mar 2024 06:41:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.recaptcha.net/recaptcha/api2/ Frame 0E2B 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
545e63d222a368f2d6d282e22ead522adf9065ade5baf25a766c8e8e2a8d07ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8DLHzwBYTbKbiGE5fyf1qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paperform.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8DLHzwBYTbKbiGE5fyf1qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Mar 2024 06:41:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187016110&Ver=2&mid=8ed641f6-c934-4aee-a6c1-fca37937e9f8&sid=dd182170d85f11eeb55429127fb86520&vid=dd182e70d85f11ee81f149d9628ffd47&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Someone%20has%20given%20you%2010%25%20off%20Paperform%E2%84%A2%20forever&kw=paperform,form%20online,registration,event,invitation,survey&p=https%3A%2F%2Fpaperform.co%2Finvite%2Fbcbnkl&r=&lt=1576&evt=pageLoad&sv=1&rn=99075
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 02 Mar 2024 06:41:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 00B7FF2FAE194DB78F315FE19D240A70 Ref B: MIAEDGE1620 Ref C: 2024-03-02T06:41:13Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Mar 2024 06:41:13 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 287A 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0028e65fc1060c160c83389da0e14d5b8264c73bfb5942b12f36cd9eb228149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Mar 2024 06:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 0E2B 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 08:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 08:16:54 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 0E2B 		492 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199830
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Feb 2025 08:57:59 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 9003 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 22:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Feb 2025 22:19:58 GMT
cast_sender.js
www.gstatic.com/eureka/clank/122/ Frame 287A 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/122/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 08:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14711
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 16:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 02 Mar 2024 08:58:01 GMT
722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js
www.google.com/js/bg/ Frame 0E2B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 11:00:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
70863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6963
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 11:00:11 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 0E2B 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9wYXBlcmZvcm0uY286NDQz&hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=f9p2h55zzn3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 02 Mar 2024 06:41:17 GMT
collect
o.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.22/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paperform.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paperform.co
Date
Sat, 02 Mar 2024 06:41:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
log_event
www.youtube.com/youtubei/v1/ Frame 287A 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time
1709361675593
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/pkZE0M-fr4o?showinfo=0&rel=0
X-YouTube-Client-Version
1.20240227.01.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtJSy1wakhCLTNCbyiIlIuvBjIKCgJVUxIEGgAgQw%3D%3D
X-YouTube-Ad-Signals
dt=1709361673284&flash=0&frm=2&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1500%2C1100&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 02 Mar 2024 06:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
s2s64ipo
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/s2s64ipo
Requested by
Host: paperform.co
URL: https://paperform.co/invite/bcbnkl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0726fa74d27db10ce2a2cfdce6a050582cee9afa46eeff2ba91ac310c6540815

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
IKUGy6vxDb.h9F9yZqT8GrhvQVqLS6lT
content-encoding
gzip
via
1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 06:36:25 GMT
x-amz-cf-pop
EWR53-C2
age
293
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2703
last-modified
Fri, 01 Mar 2024 16:55:57 GMT
server
AmazonS3
etag
"9b9434454a14dc2297889885db9823c9"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
EDj5LFMotDPXIdAjG93fV_N67Hnbnl7GfjF9CKv05SrnBa0gdgMvAg==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&RedC=c.clarity.ms&MXFR=1750955EFF9C630E04E38168FB9C6D86
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&MUID=34E3B52887E664A617F4A11E8641653E
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&MUID=34E3B52887E664A617F4A11E8641653E
Protocol
H2
Server
20.110.205.119 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:17 GMT
last-modified
Fri, 01 Mar 2024 22:53:54 GMT
server
Microsoft-IIS/10.0
etag
"32434d562b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 02 Mar 2024 06:41:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72BE55AE6D9E401FA323B0A91EEAA64B Ref B: MIAEDGE1620 Ref C: 2024-03-02T06:41:17Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C8FC93ACEF214B9B8A7307D72A93112F&MUID=34E3B52887E664A617F4A11E8641653E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=934432529405-ji2k2idb3ao04jpj5prs79f583k0ifpd.apps.googleusercontent.com&as=5vlRqdPKIqK9jlGARLtZuw
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
257c2d94258839977b48b9ae4f5011b223b0fc988e6a41dd942dfc9880ab4060
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KibPOI5V0hyTVZO_wmIKuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 06:41:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-KibPOI5V0hyTVZO_wmIKuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paperform.co
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
frame-modern.8f1ca375.js
js.intercomcdn.com/ Frame DE0D 		0
0
vendor-modern.2d2f7395.js
js.intercomcdn.com/ Frame DE0D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.intercomcdn.com
URL
https://js.intercomcdn.com/frame-modern.8f1ca375.js
Domain
js.intercomcdn.com
URL
https://js.intercomcdn.com/vendor-modern.2d2f7395.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| antiClickjack function| clarity function| googleIdentityTokenHandler object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| form boolean| tokenLoaded string| APP_ID string| INTERCOM_ID function| Intercom function| d function| N function| O function| T object| analytics string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| uetq function| fbq function| _fbq object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| default_gsi object| _F_toggles object| google object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_6f69ad4667 object| gaplugins object| gaData object| recaptcha object| __G_ID_CLIENT__ object| closure_lm_842768 object| closure_lm_186680

17 Cookies

Domain/Path Name / Value
paperform.co/ Name: XSRF-TOKEN
Value: eyJpdiI6ImdvNzNRMzliSTZmUUQzL1RDL24wWlE9PSIsInZhbHVlIjoiQXVyK3dQU0xOZjljamhJdjNLZnNqN3gzdnFaVlJZYzNkbS9TKzZGVlZIeWYyeWtuUy96VitVR1dSNHZ1WkxNTkRKeW9IVVZVQzNHcndrcnRubVlWanRzdVJPZ0JTbG84Rm1BVjh5bnJQejg0UmxkbE05dm1nemVrZmFQRUZNMi8iLCJtYWMiOiJhNDkyNTdjMWIwMTk1MzFlNjYwNmYwNzRiZjFmY2U5ZDQyYjZlMjI4ZjU4OWU4YTI4ZWUzNTgzYjk2YjYwZGE5IiwidGFnIjoiIn0%3D
paperform.co/ Name: laravel_session
Value: eyJpdiI6IjdNYjNPN0JjaXVlK0U3YVpjOUNsYXc9PSIsInZhbHVlIjoiWWZ2ekhoTklIbXVrbDNJMVFCK05PTGRVeVd2aHRaUXA5SDByeG9nTmtoSHdUdE9qWk5BNTF0T3k5T1FkV2hVbzQ1a1Baa3VzaDZ3QktWZHdOUGNrREU0dlJIVGZpbmVGc2NsWTRzZHNwWXhVc0VWR2RxbS9jZiszOGFwVG55TEkiLCJtYWMiOiIwYjI0OGZmOTUyMTg1NmFmYjgwOWU3M2IwOWU1MzAxMDU5NDA1MTU3NGUxZDRmOGU2MjM3YjFhOTE4MzU1N2U4IiwidGFnIjoiIn0%3D
www.clarity.ms/ Name: CLID
Value: 9b42635805f54877a711a26eda4b0090.20240302.20250302
.paperform.co/ Name: _clck
Value: 1rxng46%7C2%7Cfjq%7C0%7C1522
.youtube.com/ Name: YSC
Value: EiU2auFXv4w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: IK-pjHB-3Bo
.paperform.co/ Name: _ga_LRJPP419ST
Value: GS1.1.1709361673.1.1.1709361673.60.0.0
.paperform.co/ Name: _ga
Value: GA1.2.637868896.1709361673
.paperform.co/ Name: _gid
Value: GA1.2.613433053.1709361673
.paperform.co/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.paperform.co/ Name: _clsk
Value: 1i0ckwu%7C1709361673317%7C1%7C1%7Co.clarity.ms%2Fcollect
.paperform.co/ Name: _fbp
Value: fb.1.1709361673391.1965129830
.paperform.co/ Name: _uetsid
Value: dd182170d85f11eeb55429127fb86520
.paperform.co/ Name: _uetvid
Value: dd182e70d85f11ee81f149d9628ffd47
.bing.com/ Name: MUID
Value: 34E3B52887E664A617F4A11E8641653E
.bat.bing.com/ Name: MR
Value: 0

40 Console Messages

Source Level URL
Text
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 28)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/382347415447340?v=2.9.148&r=stable&domain=paperform.co&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://duube1y6ojsji.cloudfront.net/2689e5b80568a29576ec.home.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://paperform.co/invite/bcbnkl
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
duube1y6ojsji.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.intercomcdn.com
o.clarity.ms
paperform.ca
paperform.co
pxl.to
static.doubleclick.net
stats.g.doubleclick.net
widget.intercom.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.youtube.com
yt3.ggpht.com
js.intercomcdn.com
108.138.128.33
13.226.34.3
142.251.40.98
18.164.116.62
20.110.205.119
2001:4860:4802:38::181
2600:9000:2209:ba00:e:f359:cf80:21
2606:4700:3035::ac43:861b
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::54
2607:f8b0:4006:808::200e
2607:f8b0:4006:80a::2006
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:820::2016
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2008
2620:1ec:46::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
52.152.143.207
0726fa74d27db10ce2a2cfdce6a050582cee9afa46eeff2ba91ac310c6540815
0eef2a8f007c3d9bb0aa6d33039a85d383b7f2f276408e8b70e4d8bd9b55fce4
0f25bdab13edc183ea085f254a9fc4344bc7e02c4a94295bc9710c370122ed8d
0ff177a962924647199c8f486039cc3d85533e40d07591f237219ec01669305b
1b3ab64c0a9c3d39734e3311b6c816d6383e3659944c61db0becf54128011153
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e0f1127a2180c4b765df792f534dab474a3e4d800d5b914520f23c78e1856fc
21c5a7107eeb85d5e1c93244ce00c3f99a409c2b5203fe227c475ed6b8065996
257c2d94258839977b48b9ae4f5011b223b0fc988e6a41dd942dfc9880ab4060
2c2f7efa43b489c750a7787f550964d788a1a8229f2b929796163d9ea9132343
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
30a48b675d82b04ff44e47bef7e803f5cebc1beea3ae63a46c1a512c8098beaf
3431bee7e5352c420329536cc14790e5eded608e2b94b77e5506952b6ff65dff
35eaf0e4045390a6071be90eb77bb2ab930d06282e284d3dfaccb6e8f40c8c41
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4794b8beb48280803ce585233d77467867ed6b194f2c0ccea4d6f8eea0c7a2b9
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
50eb16e9403cd0b49e627349c2168c6bb3f5b906991326b6d1a87117c00e6cd0
545e63d222a368f2d6d282e22ead522adf9065ade5baf25a766c8e8e2a8d07ab
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61decd440d8feea64ad7b91c2d7e4fd6840cd8495813f500cc94b18e370a0c93
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d52c69a8e529b74250e5f9c86bed6d8079036c014953c023b9c8ed36d3f816b
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
981413e51edc49d3d5a048d113f0a9915a8c0ccaf1bcef6f657948fd4017a798
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a320a6d6bb1694c42e4008c20554b93338701ddd630614b060d461ec014d73c0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
b1f0bbc2b9daf242743af55978f3a9cdc6770c4f37c7b99fe002146060b1e92c
bc60af09a2dd81632db1bd9adcfbf9ee781148115dad62f33c3ca8f3c92e877f
c0ca4324f9657a4a78ffc94fa64e61e0a1050aedec54f3b3c8d919f4527306b5
c38e4e023ed1887bc2ccce0d9c5b235742192300393758783a224e03812b3060
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
d0028e65fc1060c160c83389da0e14d5b8264c73bfb5942b12f36cd9eb228149
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d95333f7957b3bf3e230f48977db50c42324f131f7d7d5492e6b13e171bfaffb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e995fd56a2ffa28aaac2f6a49416a16f17f594beb143f4946a9647af49ea5bef
ea32fc863915247dcf0b8fdd5bd64e18c7d3876b3d520d1e89134dbc61c5dea4
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8
f6a1ab0e36bc16266626a2861c6d4e1e1106d6a5080931a8f5fe68e6cd7338dd
f99c19e895fc2456e50cd1349d89bf796d30fd7794fed5d6b10d07706d0dfc7e
fe3f02920a170a0b196861a50ae1675587e796770d23a23ee30ad4146e1b9c19