ls.searchfindresult.online Open in urlscan Pro
178.128.160.236  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Key_activation.html Show response ls.searchfindresult.online/	226 B 468 B	452ms 32ms	Document text/html	178.128.160.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ls.searchfindresult.online/Key_activation.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.160.236 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash fe5a40a3328d480fa5136f42921864df6b5339097cd888609c7ee34412c83457 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding gzip content-type text/html date Wed, 19 Jul 2023 09:01:02 GMT etag "e2-64b27745-1f8bde;gz" last-modified Sat, 15 Jul 2023 10:39:01 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	__embed.min.js Show response paperform.co/	36 KB 11 KB	288ms 178ms	Script application/javascript	108.138.17.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://paperform.co/__embed.min.js Requested by Host: ls.searchfindresult.online URL: https://ls.searchfindresult.online/Key_activation.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-26.fra56.r.cloudfront.net Software nginx / Resource Hash 16ccd6efd0a6653834b663a2d5927cb20e69c8acc18bfe74dced50cb86dd881d Request headers accept-language en-GB,en;q=0.9 Referer https://ls.searchfindresult.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 09:01:02 GMT content-encoding gzip via 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront) last-modified Wed, 19 Jul 2023 05:54:31 GMT server nginx x-amz-cf-pop FRA56-P7 etag W/"64b77a97-8e63" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id HhSiWIkyhnW_Bg9Eup4HG4i07PRFufm8CU4zxIrY5dQtonAYHXFW5g==
GET H2	200	/ Show response qxiscnua.paperform.co/ Frame 5A0D	36 KB 11 KB	512ms 425ms	Document text/html	18.65.39.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Requested by Host: paperform.co URL: https://paperform.co/__embed.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-39.ams1.r.cloudfront.net Software nginx / Resource Hash 6c0f979ecc8015feb46c075f2c6c0ce7bad4d0fd78760c117ce060b444f477dd Request headers Referer https://ls.searchfindresult.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 19 Jul 2023 09:01:03 GMT server nginx vary Accept-Encoding via 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront) x-amz-cf-id moxzdN-HkHi7-sIYiWnbxZQa4EGTMY-qS6-dE4CeR18pJTvvXpLcww== x-amz-cf-pop AMS1-P1 x-cache Miss from cloudfront
GET H2	200	form94ff08620c3ac1be5446.styles.css duube1y6ojsji.cloudfront.net/ Frame 5A0D	158 KB 25 KB	170ms 49ms	Stylesheet text/css	2600:9000:2250:2600:e:f359:cf80:21
General Check archive.org Show headers Download Go to Full URL https://duube1y6ojsji.cloudfront.net/form94ff08620c3ac1be5446.styles.css Requested by Host: qxiscnua.paperform.co URL: https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2600:e:f359:cf80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash c436881eaab5504e9f93e2105071a8c44a44f9afe50edec7653c37866a1195c5 Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 13 Jun 2023 06:12:25 GMT content-encoding gzip via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 06:53:18 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3120518 etag W/"85a49057428a57d1ca6924d12f644ca3" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=UTF-8 cache-control max-age=31536000 x-amz-cf-id eotqxvfDAlnRd-TF4Y-iOUDySY3QJgwrvUzkwtAY0OhoI8drEZaGng==
GET H2	200	css fonts.googleapis.com/ Frame 5A0D	2 KB 837 B	174ms 52ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: qxiscnua.paperform.co URL: https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 09:01:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 07:45:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 09:01:03 GMT
GET H2	200	94ff08620c3ac1be5446.form.min.js Show response duube1y6ojsji.cloudfront.net/ Frame 5A0D	1 MB 329 KB	217ms 96ms	Script application/javascript	2600:9000:2250:2600:e:f359:cf80:21
General Check archive.org Show headers Download Go to Full URL https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Requested by Host: qxiscnua.paperform.co URL: https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2600:e:f359:cf80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 663ddc2f3c96c2a77bb10ba8e06c566b326e32010d51108711a1331c8e909c96 Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 13 Jun 2023 06:12:25 GMT content-encoding gzip via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 06:53:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3120518 etag W/"8b8298a3092c99d12d4078bad7931e5b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control max-age=31536000 x-amz-cf-id MhxyVQkpRdEP1J8tGj92f9d2t_vrFy0Xb8EkAoYNMLPgiQLN8NO_Jg==
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/ Frame 5A0D	887 B 909 B	166ms 51ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?render=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g Requested by Host: qxiscnua.paperform.co URL: https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5dd5f7f8e926d868e08b7ccc178a414bf5e0b4a92f68ce0da3476e74c713eb3d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 09:01:03 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 589 x-xss-protection 1; mode=block expires Wed, 19 Jul 2023 09:01:03 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5A0D	4 KB 619 B	58ms 53ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Work+Sans:600,bold,500,regular,400 Requested by Host: duube1y6ojsji.cloudfront.net URL: https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 41f9ce381c2f2c91c4efbe5a5a6bfe4c7fcb3b1bdc0276b964fc40b78ee20aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 19 Jul 2023 09:01:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 19 Jul 2023 09:01:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 19 Jul 2023 09:01:04 GMT
GET H2	200	94ff08620c3ac1be5446.1.min.js Show response duube1y6ojsji.cloudfront.net/ Frame 5A0D	51 KB 14 KB	61ms 60ms	Script application/javascript	2600:9000:2250:2600:e:f359:cf80:21
General Check archive.org Show headers Download Go to Full URL https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.1.min.js Requested by Host: duube1y6ojsji.cloudfront.net URL: https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2600:e:f359:cf80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash eb367f3e882e8e15db117be57975cf236003f7d0c578db23817387ce2a60e7ea Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 13 Jun 2023 06:12:41 GMT content-encoding gzip via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 06:53:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3120503 etag W/"6d682e665e950d8fc3d97d1f0bc7d03b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control max-age=31536000 x-amz-cf-id RUJ83CP_YQaLQ9GagmNIsk8GYdivck43LKz_BK4l6lCwCgz8IDtsNA==
GET H2	200	94ff08620c3ac1be5446.14.min.js Show response duube1y6ojsji.cloudfront.net/ Frame 5A0D	7 KB 3 KB	61ms 61ms	Script application/javascript	2600:9000:2250:2600:e:f359:cf80:21
General Check archive.org Show headers Download Go to Full URL https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.14.min.js Requested by Host: duube1y6ojsji.cloudfront.net URL: https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2600:e:f359:cf80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 5ee7b6d7011dd55e78e844ea53b895b5e2bc7b1ca20b5e44f7ae6cffaa86d3c1 Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 13 Jun 2023 06:12:41 GMT content-encoding gzip via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 06:53:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3120503 etag W/"5baa034f53d9439b7b970d2fee9bfba8" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control max-age=31536000 x-amz-cf-id 74Wg3JT1R3NwGHW4xkywipEEOjFZJl1EAIzZHql87ERwXER6y6NpJw==
GET H2	200	94ff08620c3ac1be5446.17.min.js Show response duube1y6ojsji.cloudfront.net/ Frame 5A0D	2 KB 1 KB	56ms 52ms	Script application/javascript	2600:9000:2250:2600:e:f359:cf80:21
General Check archive.org Show headers Download Go to Full URL https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.17.min.js Requested by Host: duube1y6ojsji.cloudfront.net URL: https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:2600:e:f359:cf80:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash a000e1584cbcf88ebfec5cd04818c9106479148503c66845ba50c4914fc9a43e Request headers accept-language en-GB,en;q=0.9 Referer https://qxiscnua.paperform.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 13 Jun 2023 06:13:44 GMT content-encoding gzip via 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 06:53:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 age 3120441 etag W/"e7ef02e3c19cd9173072173b71de9114" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 cache-control max-age=31536000 x-amz-cf-id 88oloZ9ZzdMo_LOViWe-oSx0hDH--3uDR7JtgoBJS-dWcX8TclXrPA==
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/ Frame 5A0D	23 KB 24 KB	151ms 48ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qxiscnua.paperform.co accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sat, 15 Jul 2023 15:41:45 GMT x-content-type-options nosniff age 321559 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Jul 2024 15:41:45 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame 5A0D	428 KB 173 KB	168ms 43ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?render=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://qxiscnua.paperform.co/ Origin https://qxiscnua.paperform.co accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 22:39:05 GMT content-encoding gzip x-content-type-options nosniff age 37319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176042 x-xss-protection 0 last-modified Sun, 09 Jul 2023 08:00:56 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Jul 2024 22:39:05 GMT
GET H2	200	QGYsz_wNahGAdqQ43Rh_fKDp.woff2 fonts.gstatic.com/s/worksans/v18/ Frame 5A0D	47 KB 47 KB	145ms 88ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Work+Sans:600,bold,500,regular,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qxiscnua.paperform.co accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 11:44:39 GMT x-content-type-options nosniff age 76585 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47728 x-xss-protection 0 last-modified Tue, 23 Aug 2022 17:55:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Jul 2024 11:44:39 GMT
PUT H2	200	event Show response qxiscnua.paperform.co/api/v1/form/64ad24e59021c385850b9dc3/ Frame 5A0D	1 B 356 B	394ms 390ms	Fetch text/html	18.65.39.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qxiscnua.paperform.co/api/v1/form/64ad24e59021c385850b9dc3/event Requested by Host: duube1y6ojsji.cloudfront.net URL: https://duube1y6ojsji.cloudfront.net/94ff08620c3ac1be5446.form.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-39.ams1.r.cloudfront.net Software nginx / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Request headers x-paperform-visitorid b28f212f9e392fc6059704fd1b96c690 x-xsrf-token x-csrf-token accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 content-type application/json accept application/json Referer https://qxiscnua.paperform.co/?embed=1&takeover=1&inline=0&popup=0&_d=ls.searchfindresult.online&_in=0 Response headers date Wed, 19 Jul 2023 09:01:05 GMT content-encoding gzip via 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront) server nginx x-amz-cf-pop AMS1-P1 vary Accept-Encoding x-ratelimit-remaining 59 content-type text/html; charset=UTF-8 x-cache Miss from cloudfront cache-control no-cache, private x-ratelimit-limit 60 x-amz-cf-id yUtLsnsiTY7HDKzUvxO__KgzEmG5f9eBVVvPmyRQcnHaXTo0wZXVkQ==
GET H2	200	anchor Show response www.recaptcha.net/recaptcha/api2/ Frame FFBD	51 KB 28 KB	64ms 62ms	Document text/html	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7d6df0f461209e7dfefb59e1d334446818aa2d35c8505d383855e00dc058821b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cV9txJoFuqVycgk1H27EXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://qxiscnua.paperform.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 28243 content-security-policy script-src 'report-sample' 'nonce-cV9txJoFuqVycgk1H27EXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 19 Jul 2023 09:01:05 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame FFBD	55 KB 24 KB	147ms 42ms	Stylesheet text/css	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 22:39:05 GMT content-encoding gzip x-content-type-options nosniff age 37320 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Sun, 09 Jul 2023 08:00:56 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Jul 2024 22:39:05 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame FFBD	428 KB 172 KB	146ms 41ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Tue, 18 Jul 2023 22:39:05 GMT content-encoding gzip x-content-type-options nosniff age 37320 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176042 x-xss-protection 0 last-modified Sun, 09 Jul 2023 08:00:56 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Jul 2024 22:39:05 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame FFBD	2 KB 2 KB	51ms 50ms	Image image/png	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 00:33:37 GMT x-content-type-options nosniff age 30448 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 26 Jul 2023 00:33:37 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FFBD	15 KB 15 KB	48ms 47ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 00:06:15 GMT x-content-type-options nosniff age 32090 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jul 2024 00:06:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FFBD	15 KB 15 KB	49ms 48ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Sat, 15 Jul 2023 17:47:45 GMT x-content-type-options nosniff age 314000 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Jul 2024 17:47:45 GMT
GET H3	200	webworker.js www.recaptcha.net/recaptcha/api2/ Frame FFBD	102 B 134 B	52ms 52ms	Other text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5821f4e403aaeb62da748cb2a7063009beee58bc4015e83da29a72de886d1382 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-GB,en;q=0.9 Referer https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeCtfEUAAAAAO3mUGL3IUNTHKSYxr0Nf95tJK1g&co=aHR0cHM6Ly9xeGlzY251YS5wYXBlcmZvcm0uY286NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=34nr9sukr1ee User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36 Response headers date Wed, 19 Jul 2023 09:01:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Wed, 19 Jul 2023 09:01:05 GMT

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| Paperform

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duube1y6ojsji.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ls.searchfindresult.online
paperform.co
qxiscnua.paperform.co
www.gstatic.com
www.recaptcha.net
108.138.17.26
178.128.160.236
18.65.39.39
2600:9000:2250:2600:e:f359:cf80:21
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
16ccd6efd0a6653834b663a2d5927cb20e69c8acc18bfe74dced50cb86dd881d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f9ce381c2f2c91c4efbe5a5a6bfe4c7fcb3b1bdc0276b964fc40b78ee20aa4
4ea2880bbb5055eb6493499d243a86911663924955d78ac35d672a5a0e9995ae
5821f4e403aaeb62da748cb2a7063009beee58bc4015e83da29a72de886d1382
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dd5f7f8e926d868e08b7ccc178a414bf5e0b4a92f68ce0da3476e74c713eb3d
5ee7b6d7011dd55e78e844ea53b895b5e2bc7b1ca20b5e44f7ae6cffaa86d3c1
663ddc2f3c96c2a77bb10ba8e06c566b326e32010d51108711a1331c8e909c96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0f979ecc8015feb46c075f2c6c0ce7bad4d0fd78760c117ce060b444f477dd
7d6df0f461209e7dfefb59e1d334446818aa2d35c8505d383855e00dc058821b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a000e1584cbcf88ebfec5cd04818c9106479148503c66845ba50c4914fc9a43e
c436881eaab5504e9f93e2105071a8c44a44f9afe50edec7653c37866a1195c5
eb367f3e882e8e15db117be57975cf236003f7d0c578db23817387ce2a60e7ea
fe5a40a3328d480fa5136f42921864df6b5339097cd888609c7ee34412c83457