fair-play.paperform.co Open in urlscan Pro
18.245.60.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fair-play.paperform.co/
Effective URL:
https://fair-play.paperform.co/
Submission: On June 28 via api (June 28th 2024, 9:29:10 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 18.245.60.126, located in United States and belongs to AMAZON-02, US. The main domain is fair-play.paperform.co.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 7th 2024. Valid for: a year.

This is the only time fair-play.paperform.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.245.60.126 18.245.60.126	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:272... 2600:9000:2724:7800:e:f359:cf80:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.137.67 104.18.137.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.128 13.32.121.128	16509 (AMAZON-02) (AMAZON-02)
12	6

3 18.245.60.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-126.fra60.r.cloudfront.net

fair-play.paperform.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:7800:e:f359:cf80:21 (United States)

ASN16509 (AMAZON-02, US)

duube1y6ojsji.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.137.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.chess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-128.fra60.r.cloudfront.net

img.paperform.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	paperform.co fair-play.paperform.co img.paperform.co — Cisco Umbrella Rank: 320029	23 KB
3	gstatic.com fonts.gstatic.com	84 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
2	cloudfront.net duube1y6ojsji.cloudfront.net	305 KB
1	chess.com www.chess.com — Cisco Umbrella Rank: 20546	5 KB
12	5

	Domain	Requested by
3	fonts.gstatic.com	fonts.googleapis.com
3	fair-play.paperform.co	fair-play.paperform.co duube1y6ojsji.cloudfront.net
2	fonts.googleapis.com	fair-play.paperform.co duube1y6ojsji.cloudfront.net
2	duube1y6ojsji.cloudfront.net	fair-play.paperform.co
1	img.paperform.co
1	www.chess.com	fair-play.paperform.co
12	6

This site contains links to these domains. Also see Links.

Domain
chesscom-support.paperform.co
www.chess.com
support.chess.com
paperform.co

Subject Issuer	Validity	Valid
paperform.co Amazon RSA 2048 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.chess.com Cloudflare Inc ECC CA-3	`2023-10-16` - `2024-10-14`	a year	crt.sh
img.paperform.co Amazon RSA 2048 M03	`2024-02-20` - `2025-03-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fair-play.paperform.co/
Frame ID: 120577C695C0E5B775862606C07D1D55
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FP New Account Form V2

Page URL History Show full URLs

http://fair-play.paperform.co/ HTTP 307
https://fair-play.paperform.co/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

419 kB
Transfer

1255 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chesscom-support.paperform.co/

Search URL Search Domain Scan URL

URL: https://www.chess.com/legal/fair-play
Title: Fair Play Policy

Search URL Search Domain Scan URL

URL: https://support.chess.com/article/648-what-do-i-need-to-know-about-fair-play-on-chess-com
Title: Fair Play FAQ

Search URL Search Domain Scan URL

URL: https://paperform.co/?utm_source=footer&utm_medium=referral&utm_content=fair-play&utm_term=chess.com&business=chess.com
Title: Powered By Paperform

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fair-play.paperform.co/ HTTP 307
https://fair-play.paperform.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fair-play.paperform.co/
Redirect Chain

http://fair-play.paperform.co/
https://fair-play.paperform.co/

98 KB
19 KB

659ms
568ms

Document
text/html

18.245.60.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fair-play.paperform.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-126.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

f414ba1f65794d1be6108e2ff914c6bd9904b640fc309b77fea39ef4651bd7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 28 Jun 2024 09:29:04 GMT
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-id: GjQ8riAEtPtmWpkkJ8T8TKkGtJU_B8Da4mTTsYjIqjHNNt-DY0F7sw==
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront

Redirect headers

Location: https://fair-play.paperform.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style-CApxY3jb.css
duube1y6ojsji.cloudfront.net/paperform-form-assets/ 118 KB
23 KB 142ms
44ms Stylesheet
text/css 2600:9000:2724:7800:e:f359:cf80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://duube1y6ojsji.cloudfront.net/paperform-form-assets/style-CApxY3jb.css
Requested by: Host: fair-play.paperform.co
URL: https://fair-play.paperform.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:7800:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7227b3417ecc7ad970153845fc1c2740d87977e7830e4f9eb4cbb2005a89dd44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:25:07 GMT
content-encoding: gzip
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
last-modified: Fri, 31 May 2024 10:13:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
age: 2109839
etag: W/"37476a9dfd3ad7b809dfe5c1c97a879d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000
x-amz-cf-id: ylfQG4umQkOaKwUdzRhQbwxFmVUHhqj21sZbMRn2lfGaXkmmA-80Ww==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
838 B 137ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: fair-play.paperform.co
URL: https://fair-play.paperform.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jun 2024 09:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 07:48:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jun 2024 09:29:05 GMT

GET
H2 200 2024-04-08-172944
fair-play.paperform.co/css/form/iojsyuuo/ 3 KB
2 KB 428ms
427ms Stylesheet
text/css 18.245.60.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fair-play.paperform.co/css/form/iojsyuuo/2024-04-08-172944

Requested by

Host: fair-play.paperform.co
URL: https://fair-play.paperform.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-126.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cac588b5a05937109ef42d8392c06f41645975eeb16c371bbeb9957750a1ddc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 09:29:05 GMT
content-encoding: gzip
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=300
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
cache-control: must-revalidate, no-cache, no-store, private
x-amz-cf-id: bt0zbJdnoFrHaDKSJQ03jIlS2vkIxIezDAgXmVRU2w7lacci4hxc_w==
expires: 0

GET
H2 200 form-form-CPgYnExQ.js Show response
duube1y6ojsji.cloudfront.net/ 938 KB
282 KB 142ms
44ms Script
application/javascript 2600:9000:2724:7800:e:f359:cf80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://duube1y6ojsji.cloudfront.net/form-form-CPgYnExQ.js
Requested by: Host: fair-play.paperform.co
URL: https://fair-play.paperform.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:7800:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 308d92e45940f9cec33a724e6264f69e013f6a2454cc77f0d885d1610300068e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Origin: https://fair-play.paperform.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 23:23:40 GMT
content-encoding: gzip
via: 1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
age: 295525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 24 Jun 2024 22:36:16 GMT
server: AmazonS3
etag: W/"b4c99036b6d2313091d1a2ed86ca7619"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=31536000
x-amz-cf-id: KT1pU8Mpjaxs1ZhLcqQ2uFE5_UqU5dHp-Y_P_7TaKYi4pao-o8qfaA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
832 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700,bold%7Cui-sans-serif,+-apple-system,+BlinkMacSystemFont,+%22Segoe+UI%22,+Helvetica,+%22Apple+Color+Emoji%22,+Arial:,bold,0,400%7CInter:600,bold

Requested by

Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/form-form-CPgYnExQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c473924851f60735a232895de844571343503a21637b4039bdd86998aad660d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jun 2024 09:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 09:29:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jun 2024 09:29:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 200ms
100ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fair-play.paperform.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:56:54 GMT
x-content-type-options: nosniff
age: 239531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:56:54 GMT

GET
H3 200 chesscom_logo_white.png
www.chess.com/bundles/web/images/brand/ 4 KB
5 KB 147ms
83ms Image
image/png 104.18.137.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chess.com/bundles/web/images/brand/chesscom_logo_white.png
Requested by: Host: fair-play.paperform.co
URL: https://fair-play.paperform.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.137.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e5269620365bd969eaf9defbe94bf65a20c9b2cca2425e1177560dd7dbb0b62

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 09:29:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":1,"report_to":"cf-nel","max_age":604800}
age: 1946134
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 4067
cf-bgj: imgq:100,h2pri
last-modified: Mon, 13 May 2024 22:36:26 GMT
server: cloudflare
etag: "664295ea-fe3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiTJ4Og0qaV1oRyq8mU64rAVseEmF%2BCHzYyxRvmAZ%2FdEnLJQldjJghBnegav0kuUwCSNc%2BOyNWI7a6cud9feh0sDHm%2BUwtzYs6vDSqCbrp091WdkQcsUiZUkqpLneww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2419200
accept-ranges: bytes
cf-ray: 89aca681aacc9f48-FRA

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 148ms
87ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,bold%7Cui-sans-serif,+-apple-system,+BlinkMacSystemFont,+%22Segoe+UI%22,+Helvetica,+%22Apple+Color+Emoji%22,+Arial:,bold,0,400%7CInter:600,bold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fair-play.paperform.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:59:39 GMT
x-content-type-options: nosniff
age: 239366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15240
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:45:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:59:39 GMT

PUT
H2 200 event Show response
fair-play.paperform.co/api/v1/form/64923eaa4f29ed893b0c2b9f/ 1 B
384 B 419ms
419ms Fetch
text/html 18.245.60.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fair-play.paperform.co/api/v1/form/64923eaa4f29ed893b0c2b9f/event

Requested by

Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/form-form-CPgYnExQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-126.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-paperform-visitorid: 3e5840af907b16407a1994f9bba0b8bf
x-xsrf-token: eyJpdiI6IkQ3N1JHN0pCVEdOcXhlODg5K1VIZlE9PSIsInZhbHVlIjoiQjd6L2JqS1Y3bVAxZlM3VjZDOXd6ajVHK0o3KzljZkZ4MHQ1T25mRHRIckRaY214aC9PVytjREFQOWVOeVZFZys0Mjc3cmtkWmdvdjBHNTNRaFlaRUZkYU9LNDVEWkloclZGSUpmK3BsMnJHOWdXc1hMcWZNV0pNSmNTSW5Ea3UiLCJtYWMiOiJiN2NmM2E5NWExYTQ2OWVhNzYyMWY4YTA2MmJkNTljYzIxM2YzNDczMzAxZGM4YTdhM2Y5MTc2OTQzNDgxOTc3IiwidGFnIjoiIn0=
x-csrf-token
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://fair-play.paperform.co/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 09:29:05 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding
x-ratelimit-remaining: 59
content-type: text/html; charset=UTF-8
x-cache: Miss from cloudfront
cache-control: no-cache, private
x-ratelimit-limit: 60
x-amz-cf-id: Yi3iiPYYv58Z9asC3EfOF3SKgQ5se8aWVWyoZJz-W0gN-MlAs07wSw==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 92ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://fair-play.paperform.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:44:52 GMT
x-content-type-options: nosniff
age: 240253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:44:52 GMT

GET
H2 200 android-chrome-512x512.png
img.paperform.co/fetch/w_32,h_32,f_png/https://s3.amazonaws.com/pf-form-assets-01/u-120715/assets/2023-05-10/gp03ap7/ 1 KB
2 KB 134ms
40ms Other
image/png 13.32.121.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.paperform.co/fetch/w_32,h_32,f_png/https://s3.amazonaws.com/pf-form-assets-01/u-120715/assets/2023-05-10/gp03ap7/android-chrome-512x512.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-128.fra60.r.cloudfront.net
Software: /
Resource Hash: 712cfb67ac82f90a27849f809fcfc13831afb6cdda970caedddbe8d08de8bcc6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fair-play.paperform.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 13:27:02 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront), 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2, FRA60-P1
age: 763323
x-amzn-trace-id: Root=1-6672dca6-46960f403c04148d41359c52;Parent=0c71bf34fea4516d;Sampled=0;lineage=faab2783:0
x-amzn-requestid: e1665ec6-3043-4613-a453-f191b26e20fe
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-apigw-id: ZndqAGU7IAMEcQg=
content-length: 1478
x-amz-cf-id: 4QBlOddeaR4d72TF6w8mTNXRLWO7-AvICjayKxJUxg3Su97W3GOeUg==

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fair-play.paperform.co/	1970-01-20 21:49:31	Name: XSRF-TOKEN Value: eyJpdiI6IkQ3N1JHN0pCVEdOcXhlODg5K1VIZlE9PSIsInZhbHVlIjoiQjd6L2JqS1Y3bVAxZlM3VjZDOXd6ajVHK0o3KzljZkZ4MHQ1T25mRHRIckRaY214aC9PVytjREFQOWVOeVZFZys0Mjc3cmtkWmdvdjBHNTNRaFlaRUZkYU9LNDVEWkloclZGSUpmK3BsMnJHOWdXc1hMcWZNV0pNSmNTSW5Ea3UiLCJtYWMiOiJiN2NmM2E5NWExYTQ2OWVhNzYyMWY4YTA2MmJkNTljYzIxM2YzNDczMzAxZGM4YTdhM2Y5MTc2OTQzNDgxOTc3IiwidGFnIjoiIn0%3D
fair-play.paperform.co/	1970-01-20 21:49:31	Name: laravel_session Value: eyJpdiI6ImRuZUhxdzRMbkJ1WjIzUEoyZWFmZ3c9PSIsInZhbHVlIjoiMXFNcDd3b2MvQVJHT0ZaQmp2aDNKOE9UR3U3azVNa3crRWhwQVFpNVE2dUFDYWhoalNCL2RYWUJ2WXNXTVZLRUd1QkJ6TCtvaHdScXk5NkExZWFRdWlwdTdjcG1hTlM1VjlubzhlNlozWE90WWtsSVVzT3F6ZnpKMHlmZFpPbXQiLCJtYWMiOiJkNGUxZTU1MGNlNjJkYzFhMWRmMDBiNzMxYmRmM2UxYzJkNGQxM2ZlZmJkMTI1MzBkODI2MjgxNWY1MWY2YTIzIiwidGFnIjoiIn0%3D
.chess.com/	1970-01-20 21:39:28	Name: __cf_bm Value: 7rUFXnuTIRD_Jox5GDVub3.jCTRp.mTjXTgy76hGN5M-1719566945-1.0.1.1-m48Eg1SXTAJ5r6A6vz3XfHQWnc2LeJtn1R2sBlQz7u0IJoP75BvUhxlNMIa.MQKmIs.zqoaIRJLG7WFpJdYFCcJtXRSUo3hG1HgJB1M7jDY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duube1y6ojsji.cloudfront.net
fair-play.paperform.co
fonts.googleapis.com
fonts.gstatic.com
img.paperform.co
www.chess.com
104.18.137.67
13.32.121.128
18.245.60.126
2600:9000:2724:7800:e:f359:cf80:21
2a00:1450:4001:800::200a
2a00:1450:4001:829::2003
308d92e45940f9cec33a724e6264f69e013f6a2454cc77f0d885d1610300068e
5c473924851f60735a232895de844571343503a21637b4039bdd86998aad660d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5269620365bd969eaf9defbe94bf65a20c9b2cca2425e1177560dd7dbb0b62
712cfb67ac82f90a27849f809fcfc13831afb6cdda970caedddbe8d08de8bcc6
7227b3417ecc7ad970153845fc1c2740d87977e7830e4f9eb4cbb2005a89dd44
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
cac588b5a05937109ef42d8392c06f41645975eeb16c371bbeb9957750a1ddc8
f414ba1f65794d1be6108e2ff914c6bd9904b640fc309b77fea39ef4651bd7f0

fair-play.paperform.co Open in urlscan Pro 18.245.60.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

419 kBTransfer

1255 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

fair-play.paperform.co Open in urlscan Pro
18.245.60.126 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

419 kB
Transfer

1255 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions