paper.li Open in urlscan Pro
37.187.86.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capconsultants.com/
Effective URL:
https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
Submission: On March 15 via api (March 15th 2022, 8:03:17 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 37.187.86.201, located in France and belongs to OVH, FR. The main domain is paper.li. The Cisco Umbrella rank of the primary domain is 275653.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 16th 2021. Valid for: a year.

This is the only time paper.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.73.154.78 69.73.154.78	11042 (NTHL) (NTHL)
7	37.187.86.201 37.187.86.201	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
12	3

1 69.73.154.78 (United States) 1 redirects

ASN11042 (NTHL, US)
PTR: ron.nocdirect.com

capconsultants.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.187.86.201 (France)

ASN16276 (OVH, FR)
PTR: paper.li

paper.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	paper.li paper.li — Cisco Umbrella Rank: 275653	532 KB
4	gstatic.com fonts.gstatic.com	73 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	capconsultants.com 1 redirects capconsultants.com	280 B
12	4

	Domain	Requested by
7	paper.li	paper.li
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	paper.li
1	capconsultants.com	1 redirects
12	4

This site contains links to these domains. Also see Links.

Domain
jfjoutmonitor.w3spaces.com
twitter.com
www.facebook.com
www.linkedin.com
api.whatsapp.com

Subject Issuer	Validity	Valid
*.paper.li Sectigo RSA Domain Validation Secure Server CA	`2021-10-16` - `2022-11-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
Frame ID: E7304F19E35611BE810C94583CAE0DFE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kurt | Admin

Page URL History Show full URLs

http://capconsultants.com/ HTTP 302
https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx Page URL

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

607 kB
Transfer

2502 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://jfjoutmonitor.w3spaces.com/
Title: Visit Sharepoint to access files

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fpaper.li%2FtcCvaK0DwhfiBmInEqMcH%2Fstory%2Fkurt-vWgULMgVIH1YzopUymiLx&text=Kurt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fpaper.li%2FtcCvaK0DwhfiBmInEqMcH%2Fstory%2Fkurt-vWgULMgVIH1YzopUymiLx&quote=Kurt

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fpaper.li%2FtcCvaK0DwhfiBmInEqMcH%2Fstory%2Fkurt-vWgULMgVIH1YzopUymiLx&summary=Kurt

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Kurt+https%3A%2F%2Fpaper.li%2FtcCvaK0DwhfiBmInEqMcH%2Fstory%2Fkurt-vWgULMgVIH1YzopUymiLx

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capconsultants.com/ HTTP 302
https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request kurt-vWgULMgVIH1YzopUymiLx Show response
paper.li/tcCvaK0DwhfiBmInEqMcH/story/
Redirect Chain

http://capconsultants.com/
https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx

2 KB
1 KB

64ms
19ms

Document
text/html

37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.86.201 , France, ASN16276 (OVH, FR),
Reverse DNS: paper.li
Software: nginx /
Resource Hash: d09e3e5788b57bf10ba814e30b0dacc4d60017b92aafc2bd997a1d14f7f43f3b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 15 Mar 2022 08:03:11 GMT
Content-Type: text/html
Last-Modified: Thu, 09 Dec 2021 13:14:54 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"61b2014e-8b7"
Cache-Control: no-cache
Content-Encoding: gzip
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_6230483F_561770:14F9B
X-IPLB-Instance: 41457

Redirect headers

Date: Tue, 15 Mar 2022 08:03:11 GMT
Server: Apache
Location: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
Content-Length: 255
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 2.d77dbe3a.chunk.css
paper.li/stories/static/css/ 9 KB
3 KB 20ms
20ms Stylesheet
text/css 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://paper.li/stories/static/css/2.d77dbe3a.chunk.css

Requested by

Host: paper.li
URL: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

b96b175a962fb6635d9f209041a2072333a2efbc76bb2c23f69a7a15b4a36527

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 13:14:54 GMT
Server: nginx
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_6230483F_561771:14F9B
ETag: W/"61b2014e-23fc"
X-IPLB-Instance: 41457
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Transfer-Encoding: chunked
Expires: Tue, 22 Mar 2022 08:03:11 GMT

GET
H/1.1 200
OK 2.b44a3bd3.chunk.js Show response
paper.li/stories/static/js/ 2 MB
518 KB 64ms
43ms Script
application/javascript 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://paper.li/stories/static/js/2.b44a3bd3.chunk.js

Requested by

Host: paper.li
URL: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

f867da1c68acee7968e9f1f51d5db94d19d5854802794a3c361a32e19cbc7612

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 13:14:54 GMT
Server: nginx
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_6230483F_561772:14F9B
ETag: W/"61b2014e-254d97"
X-IPLB-Instance: 41457
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Transfer-Encoding: chunked
Expires: Tue, 22 Mar 2022 08:03:11 GMT

GET
H/1.1 200
OK main.5a1aa498.chunk.js Show response
paper.li/stories/static/js/ 12 KB
5 KB 61ms
18ms Script
application/javascript 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://paper.li/stories/static/js/main.5a1aa498.chunk.js

Requested by

Host: paper.li
URL: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

8815762c0c8a1786e8e4c2d832d08ba9c80293003a5709bf20c84c4188117ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 13:14:54 GMT
Server: nginx
X-IPLB-Request-ID: D9409720:E804_25BB56C9:01BB_6230483F_560FE1:1224E
ETag: W/"61b2014e-3003"
X-IPLB-Instance: 41458
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Transfer-Encoding: chunked
Expires: Tue, 22 Mar 2022 08:03:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700|IBM+Plex+Serif:400,500&display=swap

Requested by

Host: paper.li
URL: https://paper.li/stories/static/css/2.d77dbe3a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e07343bc9a6a1c3b2615c14a9f59920099a6b39faf59695d91b337c6be38d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:02:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 08:03:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 08:03:11 GMT

GET
H2 200 jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
fonts.gstatic.com/s/ibmplexserif/v14/ 18 KB
19 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexserif/v14/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700|IBM+Plex+Serif:400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e75a233afc04ee49453ab429df327ab951bfbc7264d6ce2e790fa7d928186c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paper.li
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 20:19:56 GMT
x-content-type-options: nosniff
age: 474197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18648
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 20:19:56 GMT

GET
H/1.1 200
OK vWgULMgVIH1YzopUymiLx Show response
paper.li/~api/stories/ 6 KB
3 KB 19ms
18ms Fetch
application/json 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://paper.li/~api/stories/vWgULMgVIH1YzopUymiLx

Requested by

Host: paper.li
URL: https://paper.li/stories/static/js/2.b44a3bd3.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

fe02162daf48bd8b810d0b3e33647d518013584e49421e43a89d4b59fe72474d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Token: 6f61e3f7c6669c04b70454ff3c1812c0b8694aec
X-IPLB-Instance: 41457
Transfer-Encoding: chunked
X-TokenValidity: 1647332564258
X-XSS-Protection: 1; mode=block
Server: nginx
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_6230483F_561773:14F9B
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://localhost.paper.li:3000
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK current Show response
paper.li/~api/users/ 48 B
705 B 28ms
28ms Fetch
application/json 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://paper.li/~api/users/current?origin=paper.li%3Amain&ver=full

Requested by

Host: paper.li
URL: https://paper.li/stories/static/js/2.b44a3bd3.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

f75744ce75130bb9496330ec9e91f9416e1677013a627c9aecfaa90a132db185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-IPLB-Instance: 41457
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Server: nginx
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_62304841_56178E:14F9B
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://localhost.paper.li:3000
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2
fonts.gstatic.com/s/ibmplexserif/v14/ 19 KB
19 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexserif/v14/jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700|IBM+Plex+Serif:400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8352c24b0192777b11a8b7ad96aab2853a2531e254c58dfc4774b8efc0cf6986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paper.li
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 00:21:55 GMT
x-content-type-options: nosniff
age: 459678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19256
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:19:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Mar 2023 00:21:55 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 18 KB
18 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700|IBM+Plex+Serif:400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paper.li
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 20:19:44 GMT
x-content-type-options: nosniff
age: 474209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 20:19:44 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 18 KB
18 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,400,500,700|IBM+Plex+Serif:400,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paper.li
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 20:19:49 GMT
x-content-type-options: nosniff
age: 474204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18232
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:00:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 20:19:49 GMT

GET
H/1.1 200
OK logo.28b6fb4b.svg
paper.li/stories/static/media/ 1 KB
2 KB 24ms
23ms Image
image/svg+xml 37.187.86.201
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paper.li/stories/static/media/logo.28b6fb4b.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.86.201 , France, ASN16276 (OVH, FR),

Reverse DNS

paper.li

Software

nginx /

Resource Hash

f023c1158acb0eefa1a892f956cc5bd788391b645e9ae05aea42b53553acd0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paper.li/tcCvaK0DwhfiBmInEqMcH/story/kurt-vWgULMgVIH1YzopUymiLx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 08:03:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Dec 2021 13:14:54 GMT
Server: nginx
X-IPLB-Request-ID: D9409720:E7F2_25BB56C9:01BB_62304841_561790:14F9B
ETag: "61b2014e-5e3"
X-IPLB-Instance: 41457
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Content-Length: 1507
Expires: Tue, 22 Mar 2022 08:03:13 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capconsultants.com
fonts.googleapis.com
fonts.gstatic.com
paper.li
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
37.187.86.201
69.73.154.78
20e75a233afc04ee49453ab429df327ab951bfbc7264d6ce2e790fa7d928186c
4e07343bc9a6a1c3b2615c14a9f59920099a6b39faf59695d91b337c6be38d36
8352c24b0192777b11a8b7ad96aab2853a2531e254c58dfc4774b8efc0cf6986
8815762c0c8a1786e8e4c2d832d08ba9c80293003a5709bf20c84c4188117ac3
b96b175a962fb6635d9f209041a2072333a2efbc76bb2c23f69a7a15b4a36527
d09e3e5788b57bf10ba814e30b0dacc4d60017b92aafc2bd997a1d14f7f43f3b
ea18ca3fe3ae4d94d21bb36a2912258193fb4f257be81be3dabe0e3809a312e5
f023c1158acb0eefa1a892f956cc5bd788391b645e9ae05aea42b53553acd0a1
f75744ce75130bb9496330ec9e91f9416e1677013a627c9aecfaa90a132db185
f867da1c68acee7968e9f1f51d5db94d19d5854802794a3c361a32e19cbc7612
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fe02162daf48bd8b810d0b3e33647d518013584e49421e43a89d4b59fe72474d

paper.li Open in urlscan Pro 37.187.86.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

607 kBTransfer

2502 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

paper.li Open in urlscan Pro
37.187.86.201 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

607 kB
Transfer

2502 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions