Submitted URL: http://links.ptp1.paperlesspost.com/ls/click?upn=VKKUq34M-2BFHK-2F1kwiaMxxtK7-2BbsSm1gAoThFdH-2FRDLET82a6nXlLYhINOC4PIwc0YBliZoRxegu...
Effective URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_...
Submission: On May 31 via manual from US — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 60 HTTP transactions. The main IP is 151.101.2.80, located in United States and belongs to FASTLY, US. The main domain is www.paperlesspost.com. The Cisco Umbrella rank of the primary domain is 42448.
TLS certificate: Issued by R3 on April 18th 2022. Valid for: 3 months.
This is the only time www.paperlesspost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
25 ppassets.com
p.ppassets.com — Cisco Umbrella Rank: 143764
c1.ppassets.com — Cisco Umbrella Rank: 124445
trk.ppassets.com — Cisco Umbrella Rank: 80556
pi.ppassets.com — Cisco Umbrella Rank: 152240
c2.ppassets.com — Cisco Umbrella Rank: 124968
4 MB
15 paperlesspost.com
links.ptp1.paperlesspost.com — Cisco Umbrella Rank: 96689
www.paperlesspost.com — Cisco Umbrella Rank: 42448
112 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 304
177 KB
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 789
831 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6117
611 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
611 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 732
19 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
117 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
85 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
17 KB
60 12
Domain Requested by
14 www.paperlesspost.com p.ppassets.com
13 p.ppassets.com www.paperlesspost.com
p.ppassets.com
5 trk.ppassets.com p.ppassets.com
4 pi.ppassets.com p.ppassets.com
4 maps.googleapis.com www.paperlesspost.com
maps.googleapis.com
2 c2.ppassets.com p.ppassets.com
2 ct.pinterest.com s.pinimg.com
www.paperlesspost.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de www.paperlesspost.com
2 www.google.com www.paperlesspost.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.googletagmanager.com www.paperlesspost.com
2 connect.facebook.net www.paperlesspost.com
connect.facebook.net
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 c1.ppassets.com www.paperlesspost.com
1 www.googleadservices.com www.paperlesspost.com
1 links.ptp1.paperlesspost.com 1 redirects
60 18

This site contains links to these domains. Also see Links.

Domain
app.smartsheet.com
www.google.com
calendar.yahoo.com
maps.google.com
paperlesspost.zendesk.com
Subject Issuer Validity Valid
*.paperlesspost.com
R3
2022-04-18 -
2022-07-17
3 months crt.sh
*.ppassets.com
R3
2022-04-18 -
2022-07-17
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-09 -
2022-06-07
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
www.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
www.google.de
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Frame ID: DCFFD1A42867E13632B137B3FF3A0BEA
Requests: 60 HTTP requests in this frame

Screenshot

Page Title

Paperless Post

Page URL History Show full URLs

  1. http://links.ptp1.paperlesspost.com/ls/click?upn=VKKUq34M-2BFHK-2F1kwiaMxxtK7-2BbsSm1gAoThFdH-2FRDLET82a6nXlLYhI... HTTP 302
    https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGR... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 75%
Detected patterns

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

60
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

18
Subdomains

13
IPs

4
Countries

4484 kB
Transfer

5366 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.ptp1.paperlesspost.com/ls/click?upn=VKKUq34M-2BFHK-2F1kwiaMxxtK7-2BbsSm1gAoThFdH-2FRDLET82a6nXlLYhINOC4PIwc0YBliZoRxeguYp3yP2dckeHXgdJZjGUixq611xcmJGq4BBPcj-2BVtZpAEtxm6qJGMvmkUQHF1sCPiGFwsI0P5WVFqcPg3BfgXvccldb6r6WfCoG2k9HCkCg-2BS4DKzFcxxOTbKUiFLz-2Fw-2BNok6q1OUv1oRcskjm2FwlWheh7IrsZ8PUF4xdnOumRo2Xi0z-2B0GfN008CZE3-2FTeX9IkXfV38EVw-3D-3DR-zz_Ps5uOjyCpFslDeso1wdwvhsdyCco80UKXzrbgYoHHeNyFCrLSS368mTX8TRaKJpiwsZSVJs9RrgEyQv4ybPhpiIvni7bdFrGNnVEzCX-2BMz54Auh-2BlWbQAU0wJrF6ZRlhCQse8kUudRyeQYfbVwv9nuFpuzHapPXPnDBIp1o-2BaR4eN38yAkQEikmN4zOd9fvzvXy5hiqjEGP7CHDH8CpwNm-2BrCQHKhQzlmOQVZJlYs-2FLh-2FmENRv9OKpIkW-2F9n0NEA0KznkdImuBpWDXWcWvjYCg-3D-3D HTTP 302
    https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 682100576-2c80666f
www.paperlesspost.com/events/47072104-7f0cb2d7/replies/
Redirect Chain
  • http://links.ptp1.paperlesspost.com/ls/click?upn=VKKUq34M-2BFHK-2F1kwiaMxxtK7-2BbsSm1gAoThFdH-2FRDLET82a6nXlLYhINOC4PIwc0YBliZoRxeguYp3yP2dckeHXgdJZjGUixq611xcmJGq4BBPcj-2BVtZpAEtxm6qJGMvmkUQHF1sCP...
  • https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
89 KB
90 KB
Document
General
Full URL
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
2d9ccaaa8df85eafddd934a6fa6177d9968f01fcffca65cdd33a88402d885ae2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
cache-control
max-age=0, private, must-revalidate
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Tue, 31 May 2022 14:11:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding,
x-cache
MISS
x-cache-hits
0
x-cdn
fastly
x-content-type-options
nosniff
x-download-options
noopen
x-fastly-is-edge
1
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-pp-dc
k8s
x-pp-static
false
x-request-id
39ab0318374aa7674752807927fe1257
x-revision
2022.05.24-13.55.30.production
x-runtime
0.047723
x-served-by
cache-fra19177-FRA
x-timer
S1654006283.702214,VS0,VE623
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
222
Content-Type
text/html; charset=utf-8
Date
Tue, 31 May 2022 14:11:22 GMT
Location
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Server
nginx
X-Robots-Tag
noindex, nofollow
screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
p.ppassets.com/assets/
345 KB
346 KB
Stylesheet
General
Full URL
https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
2154
x-cache
HIT, HIT
content-length
353382
x-amz-id-2
iELwWGqhBNJEwMQt6/rXDbBiHdSrreOcdLG3YeEANwRDdedtmQN2ZLiAONtJqjMNgMnvtA/hsC8=
x-served-by
cache-iad-kcgs7200178-IAD, cache-fra19183-FRA
last-modified
Fri, 06 May 2022 14:58:44 GMT
server
AmazonS3
x-timer
S1654006284.561159,VS0,VE1
etag
"c12876a2e491bd2de148b6faf25c5191"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
7DBGRS08KQS02EBP
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/css
x-cache-hits
1, 1
pages-6098ba7e7e5ee1d947892fe772ee156bdca3544f3b72857b82f02ab8952ce78e.css
p.ppassets.com/assets/
170 KB
170 KB
Stylesheet
General
Full URL
https://p.ppassets.com/assets/pages-6098ba7e7e5ee1d947892fe772ee156bdca3544f3b72857b82f02ab8952ce78e.css
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6098ba7e7e5ee1d947892fe772ee156bdca3544f3b72857b82f02ab8952ce78e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
2179
x-cache
HIT, HIT
content-length
174041
x-amz-id-2
C3942MrdRqvyX/wc/+IiszKw+rgAV1/D+A1dRqSenja1CdNjbrx2yBK9LEZml9INSuaGuWic98s=
x-served-by
cache-iad-kiad7000168-IAD, cache-fra19183-FRA
last-modified
Tue, 24 May 2022 14:19:35 GMT
server
AmazonS3
x-timer
S1654006284.561642,VS0,VE1
etag
"eb2d206588a96d85444a4ebbaaa2fbb4"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
8SPRMJSMBDBP7DJM
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/css
x-cache-hits
1, 1
styleguide-89aeee58f9317eca57294c08995ed8246d077c4b661ebe152f8be384d8857b65.css
p.ppassets.com/assets/
164 KB
165 KB
Stylesheet
General
Full URL
https://p.ppassets.com/assets/styleguide-89aeee58f9317eca57294c08995ed8246d077c4b661ebe152f8be384d8857b65.css
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89aeee58f9317eca57294c08995ed8246d077c4b661ebe152f8be384d8857b65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
2125
x-cache
HIT, HIT
content-length
168397
x-amz-id-2
T0xw90VGRQqpVY3M1qk8VvD/XaWZ0RMyadnKntYCAhnfCk4NWtlhn7ZDsaiYtjH5HuFBzL/jTmU=
x-served-by
cache-iad-kiad7000161-IAD, cache-fra19183-FRA
last-modified
Fri, 06 May 2022 14:58:46 GMT
server
AmazonS3
x-timer
S1654006284.561627,VS0,VE1
etag
"e90ee477ea76e677f27084b2a68ecab6"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
MB091GHAVRGWRJT7
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/css
x-cache-hits
1, 1
receiver_experience-716243213af347bee7a4c66d528dffad40dbdc7d85e6635443531ea6a7d5b793.css
p.ppassets.com/assets/responsive/receiver_experience/
169 KB
169 KB
Stylesheet
General
Full URL
https://p.ppassets.com/assets/responsive/receiver_experience/receiver_experience-716243213af347bee7a4c66d528dffad40dbdc7d85e6635443531ea6a7d5b793.css
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acc9357536d7eab75ec547f19c0d3f3050a61414357e19a598cf3d192da19958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
1282
x-cache
HIT, HIT
content-length
173206
x-amz-id-2
MkOLlzDZGBpipOiWpPCMLip1eHya6ROhyN4MP4QSloguFIMUeiL7QdoCsSoErL0AGQ8wgUtSMEs=
x-served-by
cache-iad-kcgs7200083-IAD, cache-fra19183-FRA
last-modified
Fri, 06 May 2022 14:58:44 GMT
server
AmazonS3
x-timer
S1654006284.561615,VS0,VE2
etag
"532d09388f1ef16a1ca2115695f62d0b"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
F8MVV67ZNQPF4NF6
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/css
x-cache-hits
1, 1
bugsnag.d1e52394.js
p.ppassets.com/js/
13 KB
13 KB
Script
General
Full URL
https://p.ppassets.com/js/bugsnag.d1e52394.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
419392fc7a728b020cca30765e6435a02282c4d038ce2e793700b28ed83d793f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
4745
x-cache
HIT, HIT
content-length
13188
x-amz-id-2
cMoiwFTgLI3Va/6cDH6m2o3OzBt7xXYiFONYI7ErHDnWSDeYdm5nnCRGWKufK5bgtiY4nAAkFhU=
x-served-by
cache-iad-kjyo7100138-IAD, cache-fra19183-FRA
last-modified
Thu, 28 Apr 2022 16:14:28 GMT
server
AmazonS3
x-timer
S1654006284.561583,VS0,VE1
etag
"d1e523944da1ec9a292f938cfe2d5401"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
WA5VV4G4AH8W9VTA
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/javascript
x-cache-hits
1, 1
base.c08ccc34.js
p.ppassets.com/js/
919 KB
919 KB
Script
General
Full URL
https://p.ppassets.com/js/base.c08ccc34.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b137431445bd917b141d4b1d3bbcc8a0571ede2b4839314415dd1f095f4f8c69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
3462
x-cache
HIT, HIT
content-length
940688
x-amz-id-2
EXPUlJ+PGbeG/wwj/bizhTQy8ZrwiQW61r9M0iOSYHIrm7eqjJiIy2Ivb6raRAF0LOOun16RoEQ=
x-served-by
cache-iad-kiad7000074-IAD, cache-fra19183-FRA
last-modified
Tue, 24 May 2022 14:19:38 GMT
server
AmazonS3
x-timer
S1654006284.561565,VS0,VE2
etag
"c08ccc34164e42a81f40db7e2e21433e"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
A53SB06K19B99G7Z
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/javascript
x-cache-hits
1, 1
conversion.js
www.googleadservices.com/pagead/
43 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
6b6dc0c6cb6db4cc3693a4bedc8e0ee24bbfb2d861da6039ae6a20c436410882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16851
x-xss-protection
0
server
cafe
etag
9111538430463144330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 May 2022 14:11:23 GMT
receiver_experience.30231770.js
p.ppassets.com/js/
469 KB
469 KB
Script
General
Full URL
https://p.ppassets.com/js/receiver_experience.30231770.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea8a50790e45260749e6ded88572c57410febe8be0dffefa7704392e3964eeaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
1434
x-cache
HIT, HIT
content-length
480100
x-amz-id-2
zRoQw/CiWAZ7Iy1Pji62gOfl0/4Gq4o6F2N1cjOkfP2poqi7SYDJA6wj1FTu0uVr4XK2yJkH5Rg=
x-served-by
cache-iad-kjyo7100020-IAD, cache-fra19183-FRA
last-modified
Mon, 23 May 2022 16:37:59 GMT
server
AmazonS3
x-timer
S1654006284.561537,VS0,VE1
etag
"30231770458aa6f6e009f176de771ef1"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
Q7B8NSQGXYFAGFY6
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/javascript
x-cache-hits
2, 1
js
maps.googleapis.com/maps/api/
166 KB
54 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDR5GcqQhyV8d8pf5dyE5f_qeUVY5dK_C4&v=3.exp&libraries=places
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
8287ab7937bdbdb9805f5db4753b1a0ed67a794a9f9e11c0020bbc7806b11284
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=27
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55352
x-xss-protection
0
expires
Tue, 31 May 2022 14:41:23 GMT
host_nav.cb9be40d.js
p.ppassets.com/js/
1 KB
1 KB
Script
General
Full URL
https://p.ppassets.com/js/host_nav.cb9be40d.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c0b92e046eb0d83de17bca266ffeb73e78130dfdf0fdf853a53df502c94c2b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
3199
x-cache
HIT, HIT
content-length
1035
x-amz-id-2
HBMHKBGKK4hwek7JyXZbmyW8KtOZXN/H3uDCW2scLoURMMW+VqQuBRJGXuSxOxwZaDTJzvj2uOA=
x-served-by
cache-iad-kiad7000162-IAD, cache-fra19183-FRA
last-modified
Fri, 06 May 2022 14:58:47 GMT
server
AmazonS3
x-timer
S1654006284.561594,VS0,VE1
etag
"cb9be40d622c7c734393a2321733b6e3"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
YDSWTHH2WCAZ0ZXN
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/javascript
x-cache-hits
4, 1
mixpanel.e0522e3b.js
p.ppassets.com/js/
60 KB
60 KB
Script
General
Full URL
https://p.ppassets.com/js/mixpanel.e0522e3b.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b19983e0003b21b69daa99230ff941abb9f3ca475a3cd58705f6e74452b2553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
4542
x-cache
HIT, HIT
content-length
61053
x-amz-id-2
WIB8zxhy0+8884znjOyWY08Tltp4u2cA12TbxetTgjcCxBoraRGOULq83G8xREKHNcpjeyu73UI=
x-served-by
cache-iad-kcgs7200125-IAD, cache-fra19183-FRA
last-modified
Mon, 23 May 2022 16:37:59 GMT
server
AmazonS3
x-timer
S1654006284.627646,VS0,VE1
etag
"e0522e3b27d4dfc439e1c109cb75cab3"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
05S81Q1YSZ1TZ1JF
access-control-allow-origin
*
accept-ranges
bytes
content-type
text/javascript
x-cache-hits
1, 1
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3364d3b23a9f1601de8a5c618b19f475dc58a6d0dbc67673b8ecc664f9bffa02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qkZMs7zFH4bd4Q87PgKwpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 31 May 2022 14:17:36 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
WYm8U0uH5YLHD9bK9uHyYpVNh2hyH9mAe7wkH9cGhIJogzKfHHu7etvi3STg19aSAq93cC+9YnCi4XaLHKsPmw==
x-fb-trip-id
686109401
x-fb-content-md5
994af5273957e6a6e3ab292260df7031
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 31 May 2022 14:11:23 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5df94d8bbc183f879c55271fa28ba75b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/
229 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M6SVJ7&gtm_auth=o8gxBYDICnW1O3EVg59lKg&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e85a26efea17b67008a7a0ed11ef434e0f9f072ec4c68a7817a6ded0f5c9be22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79823
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
compress90.jpeg
c1.ppassets.com/card_backgrounds/non_tiling_images/160/37827d6c7ad3ce1aa8ef8a8c09938b85-248-160/
225 KB
225 KB
Image
General
Full URL
https://c1.ppassets.com/card_backgrounds/non_tiling_images/160/37827d6c7ad3ce1aa8ef8a8c09938b85-248-160/compress90.jpeg
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4551caef874a5c008c6bebea99b2636519a0732f9433d8eb229ad7bce7495364

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish, 1.1 varnish
age
1212379
x-cache
HIT, HIT
x-amz-storage-class
INTELLIGENT_TIERING
content-length
230179
x-amz-id-2
gNvd1xliRvU8lIJPqQuT0n7Gb9yxErad+cgwuN0hdX2uWxalkeymd+Mg+Wr/tkTKd2DF9c8iyRs=
x-served-by
cache-iad-kcgs7200075-IAD, cache-fra19183-FRA
last-modified
Wed, 16 Aug 2017 20:53:16 GMT
server
AmazonS3
x-timer
S1654006284.651142,VS0,VE4
etag
"1cc3eeef85c6f7c927868485f427c728"
access-control-allow-methods
HEAD, GET, POST, OPTIONS
x-amz-request-id
P8FV3Y3WSAD50H7E
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1
/
trk.ppassets.com/decide/
1 B
40 B
XHR
General
Full URL
https://trk.ppassets.com/decide/?verbose=1&version=1&lib=web&token=681f969629fb1e240622f04a045d8a41&ip=1&_=1654006283719
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/mixpanel.e0522e3b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish
x-cache
HIT
content-length
1
x-served-by
cache-fra19183-FRA
server
Varnish
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
retry-after
0
x-cache-hits
0
/
trk.ppassets.com/track/
1 B
292 B
XHR
General
Full URL
https://trk.ppassets.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3d3dy5wYXBlcmxlc3Nwb3N0LmNvbS9ldmVudHMvNDcwNzIxMDQtN2YwY2IyZDcvcmVwbGllcy82ODIxMDA1NzYtMmM4MDY2NmY%2FbWtleT1aVzFwYkhrdWJXVmtaWEpsUUdSemN5NXpZeTVuYjNZJTNEJnV0bV9jYW1wYWlnbj1yZWRlbGl2ZXJfbGlua19lbnYmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWV2ZW50IiwiJGJyb3dzZXJfdmVyc2lvbiI6IDEwMiwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjIyLjQiLCJkaXN0aW5jdF9pZCI6ICIxODExYTc0ZmRjNDQxZS0wMTBiNzI3NGMwYTMwOS0xNzM3MzA3OS0xZDRjMDAtMTgxMWE3NGZkYzU4MWUiLCJ1dG1fc291cmNlIjogImV2ZW50IiwidXRtX21lZGl1bSI6ICJlbWFpbCIsInV0bV9jYW1wYWlnbiI6ICJyZWRlbGl2ZXJfbGlua19lbnYiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL3d3dy5wYXBlcmxlc3Nwb3N0LmNvbS9ldmVudHMvNDcwNzIxMDQtN2YwY2IyZDcvcmVwbGllcy82ODIxMDA1NzYtMmM4MDY2NmY%2FbWtleT1aVzFwYkhrdWJXVmtaWEpsUUdSemN5NXpZeTVuYjNZJTNEJnV0bV9jYW1wYWlnbj1yZWRlbGl2ZXJfbGlua19lbnYmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWV2ZW50IiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiNjgxZjk2OTYyOWZiMWUyNDA2MjJmMDRhMDQ1ZDhhNDEifX0%3D&ip=1&_=1654006283722
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/mixpanel.e0522e3b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
via
1.1 varnish
x-cache
HIT
content-length
1
x-served-by
cache-fra19183-FRA
server
Varnish
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
retry-after
0
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011408226/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011408226/?random=1654006283726&cv=9&fst=1654006283726&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent&tiba=Paperless%20Post&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a36f5874c9e8e67ea0fea7cd9353afb90772dc1e6a03250c850548a7bda32b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1130
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
me
www.paperlesspost.com/api/v1/international/
193 B
452 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/international/me
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
22bc5b44e319556fb1febb4c937d4d309c420df5209f82a13986130e1bcc3b1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
b2ce31666058d2cfd7085914f0d97b77
x-served-by
cache-fra19177-FRA
x-runtime
0.025065
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.735077,VS0,VE119
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:23 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
0
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"22bc5b44e319556fb1febb4c937d4d30"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
session
www.paperlesspost.com/api/v1/
221 B
837 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/session?filters%5B%5D=bandit&filters%5B%5D=eligible_rollouts
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
8c57c3e57f45330be53d6c2d560d1292429ba27c5dfabd650dcfbc2214a0e36e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
4e4f47a9112aeead989e8efc518b41d1
x-served-by
cache-fra19177-FRA
x-runtime
0.013862
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.735613,VS0,VE118
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:23 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"8c57c3e57f45330be53d6c2d560d1292"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
me
www.paperlesspost.com/api/v1/accounts/
144 B
935 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/accounts/me
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
71c656485a263cbe04600a805fe93790ab54e342254d7e3cf902f44d5250af0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-frame-options
SAMEORIGIN
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
75a20aa68b92ea1340a4407820d633d5
x-served-by
cache-fra19177-FRA
x-runtime
0.016128
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.870382,VS0,VE109
x-pp-dc
k8s
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubdomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept,
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
experiments
www.paperlesspost.com/api/v1/
7 KB
1 KB
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/experiments
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/receiver_experience.30231770.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10e4472b09196d7482af87fe176cb9221038d6d4c3f28ff8695c2dc3f2ff4c82
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
fastly
age
2
x-amz-server-side-encryption
AES256
x-cache
HIT
x-coredatacenter
(null) (null)
vary
Accept-Encoding
content-length
1024
x-amz-id-2
9l5rBD2lVBuMFAw9ZrUTE3dxncfTm+Vc58aHG9T3ojUppvoNDHV3NXtPwZAJHNY1trbWd3gCdZU=
x-served-by
cache-fra19177-FRA
x-frame-options
SAMEORIGIN
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Apr 2022 16:07:40 GMT
server
AmazonS3
x-pp-core-k8s-trace
(null) (null)
date
Tue, 31 May 2022 14:11:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-amz-request-id
S5E76WGST8B0MAZJ
x-fastly-is-edge
1
x-xss-protection
1; mode=block
cache-control
max-age=5
etag
"d5c605b6686f10941c3ad0131bb67665"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
content-type
application/json
x-pp-core-shash
(null) (null)
x-cache-hits
1
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
454 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDR5GcqQhyV8d8pf5dyE5f_qeUVY5dK_C4&v=3.exp&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/
289 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=73586c6fc360a0041b52eca08d5a9d0f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43a5b7e27d1ad3cc88487d81ec9e00f5c14131376c6e9042a56bf2f2d1365ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.paperlesspost.com/
Origin
https://www.paperlesspost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sox18GaQGV0NsIesUXIJWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 31 May 2023 10:03:51 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84261
x-fb-rlafr
0
x-fb-debug
uUpWt6vGpKQWLjCQ+hsIBX8whz0mdnXWJV0PIWQ6Qcbt9xzDm3SyqFOAEs4IaU+S/p7hH5ns2cIrZbDUqt/B5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9d502d7e713d0d2cb17e8787c5a2f7d5
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 31 May 2022 14:11:23 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9552744ee31f045433a1049810f76785"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6SVJ7&gtm_auth=o8gxBYDICnW1O3EVg59lKg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1a7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
accept-ranges
bytes
content-length
1142
access-control-expose-headers
X-CDN
js
www.googletagmanager.com/gtag/
100 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5885525-1
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15869f001d2a1569dd3672a81f5caaafc58af797fd53c2aa8d4008678fd5c5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39587
x-xss-protection
0
last-modified
Tue, 31 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 May 2022 14:11:24 GMT
/
www.google.com/pagead/1p-user-list/1011408226/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1011408226/?random=1654006283726&cv=9&fst=1654005600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent&tiba=Paperless%20Post&fmt=3&is_vtc=1&random=1853664940&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1011408226/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1011408226/?random=1654006283726&cv=9&fst=1654005600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent&tiba=Paperless%20Post&fmt=3&is_vtc=1&random=1853664940&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5885525-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2198
date
Tue, 31 May 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 31 May 2022 15:34:46 GMT
main.32155010.js
s.pinimg.com/ct/lib/
52 KB
18 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1a7::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
gzip
x-cdn
akamai
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18298
access-control-expose-headers
X-CDN
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1096289383&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent&ul=en-us&de=UTF-8&dt=Paperless%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=518077478&gjid=1560417797&cid=1052819366.1654006284&tid=UA-5885525-1&_gid=1281938516.1654006284&_r=1&gtm=2ou5p1&z=857406823
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paperlesspost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paperlesspost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5885525-1&cid=1052819366.1654006284&jid=518077478&gjid=1560417797&_gid=1281938516.1654006284&_u=YEBAAUAAAAAAAC~&z=110880651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paperlesspost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 May 2022 14:11:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.paperlesspost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/
488 B
735 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2621149453932&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&cb=1654006284225
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
content-encoding
gzip
referrer-policy
origin
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
pin-unauth
dWlkPVkyVmlPV1V3Tm1RdE5HTmhNQzAwT1RCaUxUZzBZakF0TWpOalpXTmtNVFl4WlRBeQ
x-pinterest-rid
1336999930727324
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
96 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2621149453932&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%2C%22md_frequency%22%3A1%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654006284228
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
x-pinterest-rid
1613283101357828
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5885525-1&cid=1052819366.1654006284&jid=518077478&_u=YEBAAUAAAAAAAC~&z=868414928
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5885525-1&cid=1052819366.1654006284&jid=518077478&_u=YEBAAUAAAAAAAC~&z=868414928
Requested by
Host: www.paperlesspost.com
URL: https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
682100576-2c80666f
www.paperlesspost.com/api/v1/receiver_experience/session_data/47072104-7f0cb2d7/
2 KB
1 KB
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/receiver_experience/session_data/47072104-7f0cb2d7/682100576-2c80666f
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
4e4908e7dee8e411cda5bdfc7c53bd7cf0b873e1c8c8b29cd89e11140979b4e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
0a9e4ae2311e58ff89e61f921a336289
x-served-by
cache-fra19177-FRA
x-runtime
0.053202
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.339656,VS0,VE475
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:24 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"4e4908e7dee8e411cda5bdfc7c53bd7c"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
77
www.paperlesspost.com/api/v1/envelopes/
6 KB
3 KB
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/envelopes/77?exclude_coins=true
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
9b3e7df1d609c3e537828c96dc53e06680682cdc28f6e4b290d3058ec04460e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
6e25ccd06d762feb07af1186ccf7394a
x-served-by
cache-fra19177-FRA
x-runtime
0.018333
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.340468,VS0,VE412
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:24 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"9b3e7df1d609c3e537828c96dc53e066"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
card_shadow.png
www.paperlesspost.com/images/receiver_experience/
9 KB
10 KB
Image
General
Full URL
https://www.paperlesspost.com/images/receiver_experience/card_shadow.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ea9cbf4b0542f99fab7f30672517d426981b6d6c52ca2602d164aab6b201b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
x-content-type-options
nosniff
x-cdn
fastly
x-amz-request-id
BJNY0JJ9TTVWHE0R
x-cache
MISS
x-pp-static
true
content-length
9495
x-amz-id-2
PIZtCVVFiWux0z72Hxo6A0CKLEyPEkwSVYUS4oSH4SrfsQlgFHu2yflPjhfsOYxpX5cx42okKoo=
x-served-by
cache-fra19177-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 24 May 2022 14:19:39 GMT
server
AmazonS3
x-timer
S1654006284.340789,VS0,VE383
x-frame-options
SAMEORIGIN
etag
"232bad6e8d1509b32cae6129f7beb0f8"
strict-transport-security
max-age=31536000; includeSubdomains
content-type
image/png
x-fastly-is-edge
1
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
x-cache-hits
0
712f35f68bb34aa95b6cadd9b87f4010-20-188502574
pi.ppassets.com/images/ppa/cards/images/600526730/original/
192 KB
192 KB
Image
General
Full URL
https://pi.ppassets.com/images/ppa/cards/images/600526730/original/712f35f68bb34aa95b6cadd9b87f4010-20-188502574?w=0.5&fm=png&sig=3e8afb6846a7afe3dfe4418e59c489fe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
fa6fcdf4957c464961632960b3d2f5c79b8623465528a94faf7b743b3f3f6f9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
age
497092
x-cache
HIT, MISS
x-cache-hits
1, 0
content-length
196814
x-served-by
cache-iad-kiad7000076-IAD, cache-fra19183-FRA
server
nginx/1.19.2
cache-control
max-age=31104000, public
x-timer
S1654006284.363088,VS0,VE95
date
Tue, 31 May 2022 14:11:24 GMT
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-pp-image-width
603
accept-ranges
bytes
x-pp-image-height
794
cd5714d5d96f57735438e28dc2ed2908-20-188502570
pi.ppassets.com/images/ppa/cards/images/600526727/original/
216 KB
217 KB
Image
General
Full URL
https://pi.ppassets.com/images/ppa/cards/images/600526727/original/cd5714d5d96f57735438e28dc2ed2908-20-188502570?w=0.5&fm=jpg&q=99&sig=5af4b9b064e30fc2713fe34f3d51450e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
d32ecc2cd63eae28f1d67b8bc684883a63fb99b0199d285d029728742081e712
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
age
495399
x-cache
HIT, MISS
x-cache-hits
1, 0
content-length
221358
x-served-by
cache-iad-kiad7000124-IAD, cache-fra19183-FRA
server
nginx/1.19.2
cache-control
max-age=31104000, public
x-timer
S1654006284.362951,VS0,VE94
date
Tue, 31 May 2022 14:11:24 GMT
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
x-pp-image-width
454
accept-ranges
bytes
x-pp-image-height
636
token
www.paperlesspost.com/api/v1/metrics/
117 B
412 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/metrics/token
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
a0c4f3a7ddb330cf675fd0e8ad24551aaa364af58f1ab01f60fec4a75715fd74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
c15388b1ee311ad0f87451e797be1c9f
x-served-by
cache-fra19177-FRA
x-runtime
0.014587
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006284.478107,VS0,VE113
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:24 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"a0c4f3a7ddb330cf675fd0e8ad24551a"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
store
www.paperlesspost.com/api/v1/sign_up_params/
74 B
828 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/sign_up_params/store
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
018803ca6d0b40337bab7e295a1722cf398246de2f7a265fdcc53713fd4e6a99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
yEXmugU5OYbbmHn6ntCvQO4UJ2zMi1wjIZG0uTUigq4=
accept-language
de-DE,de;q=0.9
X-APP-REVISION
2022.05.24-13.55.30.production
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-origin
https://www.paperlesspost.com
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
6615cba0d4c3cd6cb9986e2ad64b717c
x-served-by
cache-fra19177-FRA
x-runtime
0.013578
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006285.508305,VS0,VE112
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:24 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
0
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"018803ca6d0b40337bab7e295a1722cf"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
optipng.png
c2.ppassets.com/envelopes/back_covers/77/a927ac044d394c12fb5cf116465d8cf7-228-77/
243 KB
244 KB
Image
General
Full URL
https://c2.ppassets.com/envelopes/back_covers/77/a927ac044d394c12fb5cf116465d8cf7-228-77/optipng.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cbd086915507aa22d6981b2b0e3226b948ebedb8a42ffe36714a4bf84453991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
2415631
x-cache
HIT, HIT
x-amz-storage-class
INTELLIGENT_TIERING
content-length
249098
x-amz-id-2
JftFUUyXXEhaRKS0XjYEfYJMeSsQ+u+fssEyKDM8831EAo6vID5iR1I8UzPHiz7DO7T77hF0A0c=
x-served-by
cache-iad-kiad7000179-IAD, cache-fra19183-FRA
last-modified
Mon, 03 Aug 2015 22:41:30 GMT
server
AmazonS3
x-timer
S1654006285.781478,VS0,VE0
etag
"68d76a3bf8974b058a6997d99dcf553f"
access-control-allow-methods
HEAD, GET, POST, OPTIONS
x-amz-request-id
9N0TKARNJ8BP7VQN
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 2
712f35f68bb34aa95b6cadd9b87f4010-20-188502574
pi.ppassets.com/images/ppa/cards/images/600526730/original/
192 KB
192 KB
Image
General
Full URL
https://pi.ppassets.com/images/ppa/cards/images/600526730/original/712f35f68bb34aa95b6cadd9b87f4010-20-188502574?w=0.5&fm=png&sig=3e8afb6846a7afe3dfe4418e59c489fe
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
fa6fcdf4957c464961632960b3d2f5c79b8623465528a94faf7b743b3f3f6f9b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
age
497092
x-cache
HIT, HIT
x-cache-hits
1, 1
content-length
196814
x-served-by
cache-iad-kiad7000076-IAD, cache-fra19183-FRA
server
nginx/1.19.2
cache-control
max-age=31104000, public
x-timer
S1654006285.794989,VS0,VE0
date
Tue, 31 May 2022 14:11:24 GMT
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-pp-image-width
603
accept-ranges
bytes
x-pp-image-height
794
cd5714d5d96f57735438e28dc2ed2908-20-188502570
pi.ppassets.com/images/ppa/cards/images/600526727/original/
216 KB
216 KB
Image
General
Full URL
https://pi.ppassets.com/images/ppa/cards/images/600526727/original/cd5714d5d96f57735438e28dc2ed2908-20-188502570?w=0.5&fm=jpg&q=99&sig=5af4b9b064e30fc2713fe34f3d51450e
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
d32ecc2cd63eae28f1d67b8bc684883a63fb99b0199d285d029728742081e712
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish, 1.1 varnish
age
495399
x-cache
HIT, HIT
x-cache-hits
1, 1
content-length
221358
x-served-by
cache-iad-kiad7000124-IAD, cache-fra19183-FRA
server
nginx/1.19.2
cache-control
max-age=31104000, public
x-timer
S1654006285.795271,VS0,VE0
date
Tue, 31 May 2022 14:11:24 GMT
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
x-pp-image-width
454
accept-ranges
bytes
x-pp-image-height
636
optipng.png
c2.ppassets.com/envelopes/back_covers/77/a927ac044d394c12fb5cf116465d8cf7-228-77/
243 KB
243 KB
Image
General
Full URL
https://c2.ppassets.com/envelopes/back_covers/77/a927ac044d394c12fb5cf116465d8cf7-228-77/optipng.png
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cbd086915507aa22d6981b2b0e3226b948ebedb8a42ffe36714a4bf84453991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
2415631
x-cache
HIT, HIT
x-amz-storage-class
INTELLIGENT_TIERING
content-length
249098
x-amz-id-2
JftFUUyXXEhaRKS0XjYEfYJMeSsQ+u+fssEyKDM8831EAo6vID5iR1I8UzPHiz7DO7T77hF0A0c=
x-served-by
cache-iad-kiad7000179-IAD, cache-fra19183-FRA
last-modified
Mon, 03 Aug 2015 22:41:30 GMT
server
AmazonS3
x-timer
S1654006285.796381,VS0,VE0
etag
"68d76a3bf8974b058a6997d99dcf553f"
access-control-allow-methods
HEAD, GET, POST, OPTIONS
x-amz-request-id
9N0TKARNJ8BP7VQN
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
content-type
image/png
x-cache-hits
1, 3
card_shadow.png
p.ppassets.com/images/receiver_experience/
9 KB
10 KB
Image
General
Full URL
https://p.ppassets.com/images/receiver_experience/card_shadow.png
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/assets/responsive/receiver_experience/receiver_experience-716243213af347bee7a4c66d528dffad40dbdc7d85e6635443531ea6a7d5b793.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7ea9cbf4b0542f99fab7f30672517d426981b6d6c52ca2602d164aab6b201b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.ppassets.com/assets/responsive/receiver_experience/receiver_experience-716243213af347bee7a4c66d528dffad40dbdc7d85e6635443531ea6a7d5b793.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
1873
x-cache
HIT, HIT
content-length
9495
x-amz-id-2
NDYmUUmdBE0bSpTjOB6TOSigxW3Ln/zwP7LmH/+8gNzgjY3b3S+VD454aOrxvp9gXkOrI+kIb4c=
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra19183-FRA
last-modified
Fri, 06 May 2022 14:58:48 GMT
server
AmazonS3
x-timer
S1654006285.803103,VS0,VE1
etag
"232bad6e8d1509b32cae6129f7beb0f8"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
HS89P8ZHBE9FB100
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 1
/
trk.ppassets.com/track/
1 B
288 B
XHR
General
Full URL
https://trk.ppassets.com/track/?data=eyJldmVudCI6ICJSZWNlaXZlciBBY3Rpdml0eSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vd3d3LnBhcGVybGVzc3Bvc3QuY29tL2V2ZW50cy80NzA3MjEwNC03ZjBjYjJkNy9yZXBsaWVzLzY4MjEwMDU3Ni0yYzgwNjY2Zj9ta2V5PVpXMXBiSGt1YldWa1pYSmxRR1J6Y3k1ell5NW5iM1klM0QmdXRtX2NhbXBhaWduPXJlZGVsaXZlcl9saW5rX2VudiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZXZlbnQiLCIkYnJvd3Nlcl92ZXJzaW9uIjogMTAyLCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE4MTFhNzRmZGM0NDFlLTAxMGI3Mjc0YzBhMzA5LTE3MzczMDc5LTFkNGMwMC0xODExYTc0ZmRjNTgxZSIsInV0bV9zb3VyY2UiOiAiZXZlbnQiLCJ1dG1fbWVkaXVtIjogImVtYWlsIiwidXRtX2NhbXBhaWduIjogInJlZGVsaXZlcl9saW5rX2VudiIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJiYW5kaXRzIjoge30sIm9yaWdpbl91cmwiOiAiaHR0cHM6Ly93d3cucGFwZXJsZXNzcG9zdC5jb20vZXZlbnRzLzQ3MDcyMTA0LTdmMGNiMmQ3L3JlcGxpZXMvNjgyMTAwNTc2LTJjODA2NjZmP21rZXk9WlcxcGJIa3ViV1ZrWlhKbFFHUnpjeTV6WXk1bmIzWSUzRCZ1dG1fY2FtcGFpZ249cmVkZWxpdmVyX2xpbmtfZW52JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ldmVudCIsInBwX2FjY291bnRfaWQiOiAiIiwicm9sbG91dHMiOiBbCiAgICAiZG93bmxvYWRfcGhvdG9fYWxidW1zIiwKICAgICJwaG90b19hbGJ1bXMiLAogICAgInJhaWxzNCIsCiAgICAic2F2ZV9pbWFnZV90b19yZWRpcyIsCiAgICAibmV3X2Rlc2lnbl90b29sIgpdLCJ1c2VyX2FnZW50IjogIk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDIuMC41MDA1LjYxIFNhZmFyaS81MzcuMzYiLCJkZXZpY2VfcGl4ZWxfcmF0aW8iOiAxLCJwcF9jYW1wYWlnbiI6ICJyZWRlbGl2ZXJfbGlua19lbnYiLCJwcF9tZWRpdW0iOiAiZW1haWwiLCJwcF9zb3VyY2UiOiAiZXZlbnQiLCJmaXJzdF92aXNpdF9kYXRlIjogIjIwMjItMDUtMzFUMTQ6MTE6MjQuNDM1WiIsInZpc2l0b3JfaWQiOiAiOGQ5NDBmZjAtZTBlYi0xMWVjLWIwODgtODkyMTc5NzU2OWNhIiwic3VwZXJfaWQiOiAiMTgxMWE3NGZkYzQ0MWUtMDEwYjcyNzRjMGEzMDktMTczNzMwNzktMWQ0YzAwLTE4MTFhNzRmZGM1ODFlIiwiaGFzX2ZhY2Vib29rX3NpZ251cF9leHBlcmltZW50IjogdHJ1ZSwicHBfZ3Vlc3RfaWQiOiAiNjgyMTAwNTc2IiwicmVjZWl2ZXJfYWN0aXZpdHlfc3RlcCI6ICJvcGVuIHJlY2VpdmVyIGV4cGVyaWVuY2UiLCJyb2xsb3V0X2V2ZW50X3N0YXR1cyI6IHRydWUsInBwX2V2ZW50X2lkIjogIjQ3MDcyMTA0IiwicGxhdGZvcm0iOiAiRGVza3RvcCIsInRva2VuIjogIjY4MWY5Njk2MjlmYjFlMjQwNjIyZjA0YTA0NWQ4YTQxIn19&ip=1&_=1654006284823
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/mixpanel.e0522e3b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish
x-cache
HIT
content-length
1
x-served-by
cache-fra19183-FRA
server
Varnish
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
retry-after
0
x-cache-hits
0
basis_grotesque_bold-web.woff2
p.ppassets.com/webfonts/BasisGrotesque/
26 KB
26 KB
Font
General
Full URL
https://p.ppassets.com/webfonts/BasisGrotesque/basis_grotesque_bold-web.woff2
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d72f91b225499d27986ab9a602a9d48211a048739dc110dc5ba8704eae34ba23

Request headers

Referer
https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Origin
https://www.paperlesspost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
3309
x-cache
HIT, HIT
content-length
26652
x-amz-id-2
KgHun1TuV8wMnDehN6EdS9Rc2+vK0kbT07qh2f8Ljh3ss3D3vk8DDTcrXIL6p2qptS8ThRRLo1A=
x-served-by
cache-iad-kcgs7200179-IAD, cache-fra19147-FRA
last-modified
Fri, 06 May 2022 14:59:15 GMT
server
AmazonS3
x-timer
S1654006285.850210,VS0,VE1
etag
"1dfc22d8d453627ab4ab672a56abc993"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
EE54B0D4FA8G7N7X
access-control-allow-origin
*
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
2, 1
basis_grotesque_medium-web.woff2
p.ppassets.com/webfonts/BasisGrotesque/
26 KB
26 KB
Font
General
Full URL
https://p.ppassets.com/webfonts/BasisGrotesque/basis_grotesque_medium-web.woff2
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03de3ddafb7d6fd51e1cc7d37b69bec6484453ff89bb0d18cac9829aede1da1b

Request headers

Referer
https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Origin
https://www.paperlesspost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
2180
x-cache
HIT, HIT
content-length
26788
x-amz-id-2
TYolOX0UM9HLBGakOLE+4L6sNmoHKZUtq3bNlfyYsevhMkrcI9Z7zZqyDmdYkyzcq5clk97ZLgA=
x-served-by
cache-iad-kcgs7200148-IAD, cache-fra19147-FRA
last-modified
Fri, 06 May 2022 14:59:15 GMT
server
AmazonS3
x-timer
S1654006285.850395,VS0,VE1
etag
"2ca547ac2e2fab3085b5583fa6346dde"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
91E30BQADMJ17TRC
access-control-allow-origin
*
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
1, 1
basis_grotesque_regular-web.woff2
p.ppassets.com/webfonts/BasisGrotesque/
26 KB
26 KB
Font
General
Full URL
https://p.ppassets.com/webfonts/BasisGrotesque/basis_grotesque_regular-web.woff2
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f023121f0cb18cc2a1d92ba0c8e3a74054c16d63309901ec61be773fefc69091

Request headers

Referer
https://p.ppassets.com/assets/screen-eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969.css
Origin
https://www.paperlesspost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:24 GMT
via
1.1 varnish, 1.1 varnish
age
4029
x-cache
HIT, HIT
content-length
26700
x-amz-id-2
EOWuBLAT8DN0Pt8pPa7LEglcqoEBzBk1P/NhlLkqX63IbEwBumvBSxdc2TrADHOaO3mlcZUihLQ=
x-served-by
cache-iad-kcgs7200070-IAD, cache-fra19147-FRA
last-modified
Mon, 23 May 2022 16:38:27 GMT
server
AmazonS3
x-timer
S1654006285.850394,VS0,VE0
etag
"7a9ef7225f0b0f58f75de5a35b131c82"
access-control-allow-methods
HEAD, GET, OPTIONS
x-amz-request-id
C40DKMW8D1Y9CE46
access-control-allow-origin
*
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
2, 3
682100576-2c80666f
www.paperlesspost.com/api/v1/guests/
542 B
492 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/guests/682100576-2c80666f?expand=true&time=1654006284929
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
e13facfc9525da47c7f8f4f6da4815bb5bf4338246e9752a46dc8c89c50f41bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
7970a8bee07fbbb2d64e83f83bfba1f8
x-served-by
cache-fra19177-FRA
x-runtime
0.048000
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006285.932821,VS0,VE143
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:25 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
1
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"e13facfc9525da47c7f8f4f6da4815bb"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
me
www.paperlesspost.com/api/v1/international/
193 B
988 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/international/me
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
22bc5b44e319556fb1febb4c937d4d309c420df5209f82a13986130e1bcc3b1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
c7c26dbd8ed5d8fc50c55a802493e09a
x-served-by
cache-fra19177-FRA
x-runtime
0.026330
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006285.932796,VS0,VE129
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:25 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
0
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"22bc5b44e319556fb1febb4c937d4d30"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
/
trk.ppassets.com/track/
1 B
63 B
XHR
General
Full URL
https://trk.ppassets.com/track/?data=eyJldmVudCI6ICJSZWNlaXZlciBBY3Rpdml0eSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vd3d3LnBhcGVybGVzc3Bvc3QuY29tL2V2ZW50cy80NzA3MjEwNC03ZjBjYjJkNy9yZXBsaWVzLzY4MjEwMDU3Ni0yYzgwNjY2Zj9ta2V5PVpXMXBiSGt1YldWa1pYSmxRR1J6Y3k1ell5NW5iM1klM0QmdXRtX2NhbXBhaWduPXJlZGVsaXZlcl9saW5rX2VudiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZXZlbnQiLCIkYnJvd3Nlcl92ZXJzaW9uIjogMTAyLCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE4MTFhNzRmZGM0NDFlLTAxMGI3Mjc0YzBhMzA5LTE3MzczMDc5LTFkNGMwMC0xODExYTc0ZmRjNTgxZSIsInV0bV9zb3VyY2UiOiAiZXZlbnQiLCJ1dG1fbWVkaXVtIjogImVtYWlsIiwidXRtX2NhbXBhaWduIjogInJlZGVsaXZlcl9saW5rX2VudiIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJiYW5kaXRzIjoge30sIm9yaWdpbl91cmwiOiAiaHR0cHM6Ly93d3cucGFwZXJsZXNzcG9zdC5jb20vZXZlbnRzLzQ3MDcyMTA0LTdmMGNiMmQ3L3JlcGxpZXMvNjgyMTAwNTc2LTJjODA2NjZmP21rZXk9WlcxcGJIa3ViV1ZrWlhKbFFHUnpjeTV6WXk1bmIzWSUzRCZ1dG1fY2FtcGFpZ249cmVkZWxpdmVyX2xpbmtfZW52JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ldmVudCIsInBwX2FjY291bnRfaWQiOiAiIiwicm9sbG91dHMiOiBbCiAgICAiZG93bmxvYWRfcGhvdG9fYWxidW1zIiwKICAgICJwaG90b19hbGJ1bXMiLAogICAgInJhaWxzNCIsCiAgICAic2F2ZV9pbWFnZV90b19yZWRpcyIsCiAgICAibmV3X2Rlc2lnbl90b29sIiwKICAgIDEsCiAgICAyLAogICAgMywKICAgIDQKXSwidXNlcl9hZ2VudCI6ICJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAyLjAuNTAwNS42MSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3BpeGVsX3JhdGlvIjogMSwicHBfY2FtcGFpZ24iOiAicmVkZWxpdmVyX2xpbmtfZW52IiwicHBfbWVkaXVtIjogImVtYWlsIiwicHBfc291cmNlIjogImV2ZW50IiwiZmlyc3RfdmlzaXRfZGF0ZSI6ICIyMDIyLTA1LTMxVDE0OjExOjI0LjQzNVoiLCJ2aXNpdG9yX2lkIjogIjhkOTQwZmYwLWUwZWItMTFlYy1iMDg4LTg5MjE3OTc1NjljYSIsInN1cGVyX2lkIjogIjE4MTFhNzRmZGM0NDFlLTAxMGI3Mjc0YzBhMzA5LTE3MzczMDc5LTFkNGMwMC0xODExYTc0ZmRjNTgxZSIsInBwX2V2ZW50X3R5cGUiOiAibGlua19hd2F5IiwiY3VycmVudF9zdGVwIjogInByaXZhdGVNZXNzYWdlIiwicHBfZ3Vlc3RfaWQiOiAiNjgyMTAwNTc2IiwicmVjZWl2ZXJfYWN0aXZpdHlfc3RlcCI6ICJ2aWV3IGFkdmFuY2VkIHJlcGx5IHN0ZXAiLCJyb2xsb3V0X2V2ZW50X3N0YXR1cyI6IHRydWUsInBwX2V2ZW50X2lkIjogIjQ3MDcyMTA0IiwicGxhdGZvcm0iOiAiRGVza3RvcCIsInRva2VuIjogIjY4MWY5Njk2MjlmYjFlMjQwNjIyZjA0YTA0NWQ4YTQxIn19&ip=1&_=1654006285137
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/mixpanel.e0522e3b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:25 GMT
via
1.1 varnish
x-cache
HIT
content-length
1
x-served-by
cache-fra19183-FRA
server
Varnish
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
retry-after
0
x-cache-hits
0
/
trk.ppassets.com/track/
1 B
40 B
XHR
General
Full URL
https://trk.ppassets.com/track/?data=eyJldmVudCI6ICJSZWNlaXZlciBBY3Rpdml0eSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vd3d3LnBhcGVybGVzc3Bvc3QuY29tL2V2ZW50cy80NzA3MjEwNC03ZjBjYjJkNy9yZXBsaWVzLzY4MjEwMDU3Ni0yYzgwNjY2Zj9ta2V5PVpXMXBiSGt1YldWa1pYSmxRR1J6Y3k1ell5NW5iM1klM0QmdXRtX2NhbXBhaWduPXJlZGVsaXZlcl9saW5rX2VudiZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9ZXZlbnQiLCIkYnJvd3Nlcl92ZXJzaW9uIjogMTAyLCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE4MTFhNzRmZGM0NDFlLTAxMGI3Mjc0YzBhMzA5LTE3MzczMDc5LTFkNGMwMC0xODExYTc0ZmRjNTgxZSIsInV0bV9zb3VyY2UiOiAiZXZlbnQiLCJ1dG1fbWVkaXVtIjogImVtYWlsIiwidXRtX2NhbXBhaWduIjogInJlZGVsaXZlcl9saW5rX2VudiIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJiYW5kaXRzIjoge30sIm9yaWdpbl91cmwiOiAiaHR0cHM6Ly93d3cucGFwZXJsZXNzcG9zdC5jb20vZXZlbnRzLzQ3MDcyMTA0LTdmMGNiMmQ3L3JlcGxpZXMvNjgyMTAwNTc2LTJjODA2NjZmP21rZXk9WlcxcGJIa3ViV1ZrWlhKbFFHUnpjeTV6WXk1bmIzWSUzRCZ1dG1fY2FtcGFpZ249cmVkZWxpdmVyX2xpbmtfZW52JnV0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT1ldmVudCIsInBwX2FjY291bnRfaWQiOiAiIiwicm9sbG91dHMiOiBbCiAgICAiZG93bmxvYWRfcGhvdG9fYWxidW1zIiwKICAgICJwaG90b19hbGJ1bXMiLAogICAgInJhaWxzNCIsCiAgICAic2F2ZV9pbWFnZV90b19yZWRpcyIsCiAgICAibmV3X2Rlc2lnbl90b29sIiwKICAgIDEsCiAgICAyLAogICAgMywKICAgIDQKXSwidXNlcl9hZ2VudCI6ICJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAyLjAuNTAwNS42MSBTYWZhcmkvNTM3LjM2IiwiZGV2aWNlX3BpeGVsX3JhdGlvIjogMSwicHBfY2FtcGFpZ24iOiAicmVkZWxpdmVyX2xpbmtfZW52IiwicHBfbWVkaXVtIjogImVtYWlsIiwicHBfc291cmNlIjogImV2ZW50IiwiZmlyc3RfdmlzaXRfZGF0ZSI6ICIyMDIyLTA1LTMxVDE0OjExOjI0LjQzNVoiLCJ2aXNpdG9yX2lkIjogIjhkOTQwZmYwLWUwZWItMTFlYy1iMDg4LTg5MjE3OTc1NjljYSIsInN1cGVyX2lkIjogIjE4MTFhNzRmZGM0NDFlLTAxMGI3Mjc0YzBhMzA5LTE3MzczMDc5LTFkNGMwMC0xODExYTc0ZmRjNTgxZSIsInBwX2V2ZW50X3R5cGUiOiAibGlua19hd2F5IiwiaGFzX3NlY29uZGFyeV9mZWF0dXJlcyI6IHRydWUsImhhc19yZXBseV9idXR0b25zIjogZmFsc2UsInBwX2d1ZXN0X2lkIjogIjY4MjEwMDU3NiIsInJlY2VpdmVyX2FjdGl2aXR5X3N0ZXAiOiAidmlldyBjYXJkIiwicm9sbG91dF9ldmVudF9zdGF0dXMiOiB0cnVlLCJwcF9ldmVudF9pZCI6ICI0NzA3MjEwNCIsInBsYXRmb3JtIjogIkRlc2t0b3AiLCJ0b2tlbiI6ICI2ODFmOTY5NjI5ZmIxZTI0MDYyMmYwNGEwNDVkOGE0MSJ9fQ%3D%3D&ip=1&_=1654006285274
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/mixpanel.e0522e3b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 14:11:25 GMT
via
1.1 varnish
x-cache
HIT
content-length
1
x-served-by
cache-fra19183-FRA
server
Varnish
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.paperlesspost.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
retry-after
0
x-cache-hits
0
store
www.paperlesspost.com/api/v1/sign_up_params/
74 B
948 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/sign_up_params/store
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
018803ca6d0b40337bab7e295a1722cf398246de2f7a265fdcc53713fd4e6a99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
yEXmugU5OYbbmHn6ntCvQO4UJ2zMi1wjIZG0uTUigq4=
accept-language
de-DE,de;q=0.9
X-APP-REVISION
2022.05.24-13.55.30.production
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-origin
https://www.paperlesspost.com
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
5e2435eb5b6a31326b56d594a0fc211f
x-served-by
cache-fra19177-FRA
x-runtime
0.015339
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006286.569893,VS0,VE110
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:25 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
0
vary
Accept-Encoding, Accept,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"018803ca6d0b40337bab7e295a1722cf"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
metrics.json
www.paperlesspost.com/api/v1/
74 B
300 B
XHR
General
Full URL
https://www.paperlesspost.com/api/v1/metrics.json
Requested by
Host: p.ppassets.com
URL: https://p.ppassets.com/js/base.c08ccc34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.80 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.2 /
Resource Hash
018803ca6d0b40337bab7e295a1722cf398246de2f7a265fdcc53713fd4e6a99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
yEXmugU5OYbbmHn6ntCvQO4UJ2zMi1wjIZG0uTUigq4=
accept-language
de-DE,de;q=0.9
X-APP-REVISION
2022.05.24-13.55.30.production
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.paperlesspost.com/events/47072104-7f0cb2d7/replies/682100576-2c80666f?mkey=ZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%3D&utm_campaign=redeliver_link_env&utm_medium=email&utm_source=event
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-origin
https://www.paperlesspost.com
x-cache
MISS
x-pp-static
false
x-revision
2022.05.24-13.55.30.production
x-xss-protection
1; mode=block
x-request-id
2388c9afdd9c6335e92bc0e033fb7a07
x-served-by
cache-fra19177-FRA
x-runtime
0.016736
x-cdn
fastly
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.19.2
x-timer
S1654006287.600954,VS0,VE395
x-pp-dc
k8s
date
Tue, 31 May 2022 14:11:26 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
x-fastly-is-edge
0
vary
Accept-Encoding,
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"018803ca6d0b40337bab7e295a1722cf"
content-security-policy
frame-ancestors 'self';
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-cache-hits
0
common.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/
82 KB
30 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDR5GcqQhyV8d8pf5dyE5f_qeUVY5dK_C4&v=3.exp&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab771eb985f45a8bfe440a81a5824bf52ba5e4a68f84afa901cff7e70fa183dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30638
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 18:40:00 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/
309 KB
92 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/2/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDR5GcqQhyV8d8pf5dyE5f_qeUVY5dK_C4&v=3.exp&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0fc84c13dd5b504ff509442105cbb954c60a4638ca6a6390eb0bb82347b4de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paperlesspost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93913
x-xss-protection
0
last-modified
Tue, 24 May 2022 22:15:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 18:40:00 GMT

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| PP object| mixpanel function| fbAsyncInit object| Bugsnag object| dataLayer object| loc boolean| isPreview function| writeStyleTag object| cardContainerRules string| bgImgCSSPair string| singleImageCoveringBg number| maxCardContainerHeight string| maxHeightCSSPair number| minCardContainerHeight string| minHeightCSSPair object| headerElement object| swfobject object| Mustache object| Kicksend function| require function| run object| modules function| inputChanged function| deferUntilLoggedIn string| NOT_MIXIN_ERROR object| _gaq function| activityInfo function| searchMixpanelEvents function| $ function| jQuery function| Sammy function| _ function| moment undefined| returnExports function| mobilecheck function| SelectParser function| AbstractChosen function| get_side_border_padding function| dataURLtoBlob object| Core function| get function| set function| remove function| getItem function| setItem function| removeItem function| parseCurrentFilters function| Cortex object| __core-js_shared__ object| React object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| BinaryFile function| BinaryAjax object| EXIF object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Masonry function| canvasResize object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView function| attachMixpanelTracking object| FB object| google_tag_manager function| postscribe object| google_tag_manager_external function| pintrk string| GA_KEY function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| jQuery17208624379392802257

14 Cookies

Domain/Path Name / Value
.paperlesspost.com/ Name: cuatro_redux
Value: true
www.paperlesspost.com/ Name: _csrf_token
Value: yEXmugU5OYbbmHn6ntCvQO4UJ2zMi1wjIZG0uTUigq4%3D
www.paperlesspost.com/ Name: _session_id
Value: 856eb0a44e49442e3bb08c77af6b95a1
.paperlesspost.com/ Name: country_code
Value: DE
www.paperlesspost.com/ Name: k8s
Value: enabled
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.paperlesspost.com/ Name: experiments_client
Value: {"session_id":"8d940ff0-e0eb-11ec-b088-8921797569ca","updated_at":1654006283}
.paperlesspost.com/ Name: _gcl_au
Value: 1.1.520810676.1654006284
.paperlesspost.com/ Name: _ga
Value: GA1.2.1052819366.1654006284
.paperlesspost.com/ Name: _gid
Value: GA1.2.1281938516.1654006284
.paperlesspost.com/ Name: _gat_gtag_UA_5885525_1
Value: 1
.paperlesspost.com/ Name: _pin_unauth
Value: dWlkPVkyVmlPV1V3Tm1RdE5HTmhNQzAwT1RCaUxUZzBZakF0TWpOalpXTmtNVFl4WlRBeQ
www.paperlesspost.com/ Name: visited_site
Value: true
www.paperlesspost.com/ Name: mp_681f969629fb1e240622f04a045d8a41_mixpanel
Value: %7B%22distinct_id%22%3A%20%221811a74fdc441e-010b7274c0a309-17373079-1d4c00-1811a74fdc581e%22%2C%22utm_source%22%3A%20%22event%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22redeliver_link_env%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22bandits%22%3A%20%7B%7D%2C%22origin_url%22%3A%20%22https%3A%2F%2Fwww.paperlesspost.com%2Fevents%2F47072104-7f0cb2d7%2Freplies%2F682100576-2c80666f%3Fmkey%3DZW1pbHkubWVkZXJlQGRzcy5zYy5nb3Y%253D%26utm_campaign%3Dredeliver_link_env%26utm_medium%3Demail%26utm_source%3Devent%22%2C%22pp_account_id%22%3A%20%22%22%2C%22rollouts%22%3A%20%5B%0A%20%20%20%20%22download_photo_albums%22%2C%0A%20%20%20%20%22photo_albums%22%2C%0A%20%20%20%20%22rails4%22%2C%0A%20%20%20%20%22save_image_to_redis%22%2C%0A%20%20%20%20%22new_design_tool%22%2C%0A%20%20%20%201%2C%0A%20%20%20%202%2C%0A%20%20%20%203%2C%0A%20%20%20%204%0A%5D%2C%22user_agent%22%3A%20%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36%22%2C%22device_pixel_ratio%22%3A%201%2C%22pp_campaign%22%3A%20%22redeliver_link_env%22%2C%22pp_medium%22%3A%20%22email%22%2C%22pp_source%22%3A%20%22event%22%2C%22first_visit_date%22%3A%20%222022-05-31T14%3A11%3A24.435Z%22%2C%22visitor_id%22%3A%20%228d940ff0-e0eb-11ec-b088-8921797569ca%22%2C%22super_id%22%3A%20%221811a74fdc441e-010b7274c0a309-17373079-1d4c00-1811a74fdc581e%22%7D

1 Console Messages

Source Level URL
Text
network error URL: https://www.paperlesspost.com/api/v1/accounts/me
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.ppassets.com
c2.ppassets.com
connect.facebook.net
ct.pinterest.com
googleads.g.doubleclick.net
links.ptp1.paperlesspost.com
maps.googleapis.com
p.ppassets.com
pi.ppassets.com
s.pinimg.com
stats.g.doubleclick.net
trk.ppassets.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paperlesspost.com
151.101.192.84
151.101.2.80
151.101.66.80
167.89.115.120
172.217.18.98
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9a
2a00:1450:4014:80e::2002
2a02:26f0:7100:1a7::1931
2a03:2880:f01c:216:face:b00c:0:3
018803ca6d0b40337bab7e295a1722cf398246de2f7a265fdcc53713fd4e6a99
03de3ddafb7d6fd51e1cc7d37b69bec6484453ff89bb0d18cac9829aede1da1b
10e4472b09196d7482af87fe176cb9221038d6d4c3f28ff8695c2dc3f2ff4c82
15869f001d2a1569dd3672a81f5caaafc58af797fd53c2aa8d4008678fd5c5bf
22bc5b44e319556fb1febb4c937d4d309c420df5209f82a13986130e1bcc3b1e
2a36f5874c9e8e67ea0fea7cd9353afb90772dc1e6a03250c850548a7bda32b8
2d9ccaaa8df85eafddd934a6fa6177d9968f01fcffca65cdd33a88402d885ae2
3364d3b23a9f1601de8a5c618b19f475dc58a6d0dbc67673b8ecc664f9bffa02
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
419392fc7a728b020cca30765e6435a02282c4d038ce2e793700b28ed83d793f
43a5b7e27d1ad3cc88487d81ec9e00f5c14131376c6e9042a56bf2f2d1365ad5
4551caef874a5c008c6bebea99b2636519a0732f9433d8eb229ad7bce7495364
4e4908e7dee8e411cda5bdfc7c53bd7cf0b873e1c8c8b29cd89e11140979b4e4
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
6098ba7e7e5ee1d947892fe772ee156bdca3544f3b72857b82f02ab8952ce78e
6b6dc0c6cb6db4cc3693a4bedc8e0ee24bbfb2d861da6039ae6a20c436410882
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71c656485a263cbe04600a805fe93790ab54e342254d7e3cf902f44d5250af0e
8287ab7937bdbdb9805f5db4753b1a0ed67a794a9f9e11c0020bbc7806b11284
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89aeee58f9317eca57294c08995ed8246d077c4b661ebe152f8be384d8857b65
8c57c3e57f45330be53d6c2d560d1292429ba27c5dfabd650dcfbc2214a0e36e
8cbd086915507aa22d6981b2b0e3226b948ebedb8a42ffe36714a4bf84453991
9b3e7df1d609c3e537828c96dc53e06680682cdc28f6e4b290d3058ec04460e2
9c0b92e046eb0d83de17bca266ffeb73e78130dfdf0fdf853a53df502c94c2b0
a0c4f3a7ddb330cf675fd0e8ad24551aaa364af58f1ab01f60fec4a75715fd74
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab771eb985f45a8bfe440a81a5824bf52ba5e4a68f84afa901cff7e70fa183dc
acc9357536d7eab75ec547f19c0d3f3050a61414357e19a598cf3d192da19958
b137431445bd917b141d4b1d3bbcc8a0571ede2b4839314415dd1f095f4f8c69
b19983e0003b21b69daa99230ff941abb9f3ca475a3cd58705f6e74452b2553c
c7ea9cbf4b0542f99fab7f30672517d426981b6d6c52ca2602d164aab6b201b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d32ecc2cd63eae28f1d67b8bc684883a63fb99b0199d285d029728742081e712
d72f91b225499d27986ab9a602a9d48211a048739dc110dc5ba8704eae34ba23
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0fc84c13dd5b504ff509442105cbb954c60a4638ca6a6390eb0bb82347b4de1
e13facfc9525da47c7f8f4f6da4815bb5bf4338246e9752a46dc8c89c50f41bc
e85a26efea17b67008a7a0ed11ef434e0f9f072ec4c68a7817a6ded0f5c9be22
ea8a50790e45260749e6ded88572c57410febe8be0dffefa7704392e3964eeaf
eb1e0f66c70859195b19544f044cfedc284b27cfe67a177af29125b3ed0c3969
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f023121f0cb18cc2a1d92ba0c8e3a74054c16d63309901ec61be773fefc69091
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
fa6fcdf4957c464961632960b3d2f5c79b8623465528a94faf7b743b3f3f6f9b