urlscan.io logo urlscan.io
SecurityTrails logo

survey-be-21-skilled.paperform.co Open in urlscan Pro
13.32.145.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://survey-be-21-skilled.paperform.co/
Submission: On December 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 13.32.145.79, located in United States and belongs to AMAZON-02, US. The main domain is survey-be-21-skilled.paperform.co.
TLS certificate: Issued by Amazon on February 28th 2022. Valid for: a year.
This is the only time survey-be-21-skilled.paperform.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.32.145.79 16509 (AMAZON-02)
4 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.73 16509 (AMAZON-02)
18 5
3    13.32.145.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-79.cdg50.r.cloudfront.net
survey-be-21-skilled.paperform.co
4    2600:9000:21f3:ba00:e:f359:cf80:21 (United States)

ASN16509 (AMAZON-02, US)
duube1y6ojsji.cloudfront.net
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.225.78.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-73.fra2.r.cloudfront.net
img.paperform.co
Apex Domain
Subdomains		 Transfer
8 gstatic.com
fonts.gstatic.com
178 KB
4 cloudfront.net
duube1y6ojsji.cloudfront.net
355 KB
4 paperform.co
survey-be-21-skilled.paperform.co
img.paperform.co — Cisco Umbrella Rank: 385830
113 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
18 4
Domain Requested by
8 fonts.gstatic.com fonts.googleapis.com
4 duube1y6ojsji.cloudfront.net survey-be-21-skilled.paperform.co
duube1y6ojsji.cloudfront.net
3 survey-be-21-skilled.paperform.co survey-be-21-skilled.paperform.co
duube1y6ojsji.cloudfront.net
2 fonts.googleapis.com survey-be-21-skilled.paperform.co
duube1y6ojsji.cloudfront.net
1 img.paperform.co survey-be-21-skilled.paperform.co
18 5

This site contains links to these domains. Also see Links.

Domain
www.rtu.lv
www.bg.ac.rs
www.aceeu.org
momentumconsulting.ie
www.euei.dk
paperform.co
Subject Issuer Validity Valid
paperform.co
Amazon		 2022-02-28 -
2023-03-29		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
img.paperform.co
Amazon		 2022-04-21 -
2023-05-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://survey-be-21-skilled.paperform.co/
Frame ID: 6631845C6247C025C0FAF884482B74E9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Be-21-skilled survey on skills

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

648 kB
Transfer

1642 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
survey-be-21-skilled.paperform.co/ 		58 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-79.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
5234b893d7024cc53d152cb6a4444c95668826e14a173f556a0b48fa6accf73d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 13:27:29 GMT
server
nginx
vary
Accept-Encoding
via
1.1 d3bc2ab37b3781131b386d08b5c497b0.cloudfront.net (CloudFront)
x-amz-cf-id
3vkMVXqUZIn6Un_Q-woT8jIjGG86CR9gnmpI0p2xN3qMCF7dgzY38Q==
x-amz-cf-pop
CDG50-C2
x-cache
Miss from cloudfront
form3ae0a9f91cef43d8466b.styles.css
duube1y6ojsji.cloudfront.net/ 		159 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/form3ae0a9f91cef43d8466b.styles.css
Requested by
Host: survey-be-21-skilled.paperform.co
URL: https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea5cdafd74b7d328c23fddeea6de778fc48694a5d9fb856c7d655b59616849c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:14:33 GMT
content-encoding
gzip
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 03:38:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
43977
etag
W/"89390ef859dec7976b108760166f229c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-id
V3ylxeZwBbHOH1BSIUNg0HTNVt2xC55m_u_C4f17e6zG1Y4GO0fSQw==
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: survey-be-21-skilled.paperform.co
URL: https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 13:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 11:40:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 13:27:29 GMT
2022-12-06-102519
survey-be-21-skilled.paperform.co/css/form/jwunq7p0/ 		0
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey-be-21-skilled.paperform.co/css/form/jwunq7p0/2022-12-06-102519
Requested by
Host: survey-be-21-skilled.paperform.co
URL: https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-79.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 13:27:30 GMT
content-encoding
gzip
via
1.1 d3bc2ab37b3781131b386d08b5c497b0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CDG50-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=UTF-8
cache-control
no-cache, private
x-amz-cf-id
y9yublBWFme0NcmNQF8-0E-kMDHZ-3lFMtpjadXWcMAhu07egzQNxQ==
3ae0a9f91cef43d8466b.form.min.js
duube1y6ojsji.cloudfront.net/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.form.min.js
Requested by
Host: survey-be-21-skilled.paperform.co
URL: https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e54aa77b3f7395a254acfaf574a4b6c6bbd974c7a292ba846a482802fcff03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:14:33 GMT
content-encoding
gzip
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 03:38:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
43977
etag
W/"673ffc8a277c9165026aa205737c9ba6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-id
BqcPu9_yfHD6kTa0K3VPO8zJFTaHh_gSusDbgq_d7TGFT0UFfeMK7g==
css
fonts.googleapis.com/ 		9 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.form.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a917ea8eb26344679e871378e9fc11ce6c6c89490f3ee1f571375457681ee1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 13:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 13:27:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 13:27:30 GMT
3ae0a9f91cef43d8466b.1.min.js
duube1y6ojsji.cloudfront.net/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.1.min.js
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.form.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f0a77ae5448cdfcd49f7f31c32890f20b80678338196b78e2ece71fc788e882

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:15:27 GMT
content-encoding
gzip
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 03:38:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
43924
etag
W/"229f7b6cd32b488cf6e6b792dea51c91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-id
rqm5TYCf4oMNmRlp9lU-VmqVHuaXHoB--m7H1mSlhMpLk2637Y4M0A==
3ae0a9f91cef43d8466b.14.min.js
duube1y6ojsji.cloudfront.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.14.min.js
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.form.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:e:f359:cf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18aed794c5ccd4c90a5d2e0eded84a6f4d3b901f9e67f784952c3cb68157e051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:15:27 GMT
content-encoding
gzip
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 03:38:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
43924
etag
W/"6e7f1d9b7b73f1304998ec3169096b48"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
x-amz-cf-id
4SHRKG0TThv-Lpyw6so6o7QNcIMlRUnSqt_YHc1zqMD9a9MAJ7GKcQ==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:08:09 GMT
x-content-type-options
nosniff
age
591561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:08:09 GMT
be%2021%20skilled%20-%20final%20logo2.png
img.paperform.co/fetch/w_1200,f_auto/https://s3.amazonaws.com/pf-form-assets-01/u-161549/assets/2022-09-12/zh33l7i/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.paperform.co/fetch/w_1200,f_auto/https://s3.amazonaws.com/pf-form-assets-01/u-161549/assets/2022-09-12/zh33l7i/be%2021%20skilled%20-%20final%20logo2.png
Requested by
Host: survey-be-21-skilled.paperform.co
URL: https://survey-be-21-skilled.paperform.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-73.fra2.r.cloudfront.net
Software
/
Resource Hash
88868b109afb4dff42a1363b8017fabb9cbe42c98e7d293d71cb8b438c5dd440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://survey-be-21-skilled.paperform.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:37:25 GMT
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1, FRA2-C2
age
697804
x-amzn-trace-id
Root=1-63849d75-497d300463834b920af266d2;Sampled=0
x-amzn-requestid
b2000baf-5b61-4547-985a-8159096c0f7f
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=864000
x-amz-apigw-id
cT2KUG1LIAMFnlA=
content-length
97339
x-amz-cf-id
FvEIaUHlR_P--Iy1o1uGA7Uu7xCMMg2Vrj_xDR2tlym5pNIHqR03lg==
event
survey-be-21-skilled.paperform.co/api/v1/form/631eff5a3923ed5db8025270/ 		1 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://survey-be-21-skilled.paperform.co/api/v1/form/631eff5a3923ed5db8025270/event
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/3ae0a9f91cef43d8466b.form.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-79.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept
application/json
Referer
https://survey-be-21-skilled.paperform.co/
x-xsrf-token
eyJpdiI6Ik40VXRiNnlYTk1KSjZ2T05IVVZDMUE9PSIsInZhbHVlIjoiQ0xLM1pXaFZ2VTBEbVNobGdGR2UzK1FXc3BMNmdyTmFNdlVNRXdFWEF5R1NJS2ZzNUVFOTNKMWRXdEhTZmo2WGx6QWh1clJvZENUNHVFbHRpR3ovd0QyZTY0VXZVZnFrT2R2ZjNqWUZ2dnU2bW1BN2ZLMDIzWDg1SzRHZTA1TXEiLCJtYWMiOiI0ZTI2MjdiNTI3YTNmZjE5MWE2M2MzNTVjMjVhODBiZjVkNWM4ZGUzNmI4NGU5OGY3MjEwNDYzZTQ1YTNjYTdjIiwidGFnIjoiIn0=
x-csrf-token
qaMBYK8tfQX0rvsz6vy71Ir77VJf8JQIVWGRNUBQ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
content-type
application/json

Response headers

date
Tue, 06 Dec 2022 13:27:30 GMT
content-encoding
gzip
via
1.1 d3bc2ab37b3781131b386d08b5c497b0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CDG50-C2
vary
Accept-Encoding
x-ratelimit-remaining
59
content-type
text/html; charset=UTF-8
x-cache
Miss from cloudfront
cache-control
no-cache, private
x-ratelimit-limit
60
x-amz-cf-id
ga4H8IK4HDA6TXA57-kHoLqlEBW2CxVrmpK-68SpQHIhKDy_bNaMFQ==
co3WmWZulTRoU4a8dqrWiajBS5ByUkvdrluH-z-KzhM.woff2
fonts.gstatic.com/s/aneklatin/v4/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/aneklatin/v4/co3WmWZulTRoU4a8dqrWiajBS5ByUkvdrluH-z-KzhM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dd23cefa933c63a09cb77b248a01468b0cf390e30e4a2f823a2040bfa758725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 06:03:34 GMT
x-content-type-options
nosniff
age
285836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41080
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 06:03:34 GMT
ptRHTiWdbvZIDNjBzrI.woff2
fonts.gstatic.com/s/carme/v16/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/carme/v16/ptRHTiWdbvZIDNjBzrI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79ad05c0f1d51f9fb67ab4ca27c9ce07d4194f3dfc6c49a1442247be2e60a513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 01:20:56 GMT
x-content-type-options
nosniff
age
389194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18492
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:51:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 01:20:56 GMT
pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 13:27:22 GMT
x-content-type-options
nosniff
age
86408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16920
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 13:27:22 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:04:57 GMT
x-content-type-options
nosniff
age
80553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:04:57 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,bold%7CCarme:regular,bold%7CNunito+Sans:300,bold,regular,400%7CAnek+Latin:regular,bold
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 04:00:41 GMT
x-content-type-options
nosniff
age
379609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 04:00:41 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 07:06:16 GMT
x-content-type-options
nosniff
age
282074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 07:06:16 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://survey-be-21-skilled.paperform.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 09:59:57 GMT
x-content-type-options
nosniff
age
358053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:59:57 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _tzs object| _state boolean| _edit number| _inj number| _is_ppradmin string| _ppradmin_user string| _user object| _ff object| _usage_limits object| _permissions object| _user_files_bucket_config object| _translation object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| text object| _initialForm function| _cancelScrollOut object| React object| ReactDOM object| liveStore string| _activeColorCheckout object| analytics

2 Cookies

Domain/Path Name / Value
survey-be-21-skilled.paperform.co/ Name: XSRF-TOKEN
Value: eyJpdiI6IjYzSEYrYTZaLzFxdzA5TlAzSms1RHc9PSIsInZhbHVlIjoiSnlsZVVvbURCeHdQV1pseWFtdm9mWnV3Tyt6STAyVi8vZzVDWEw5ZVJ6blgrZTk5K3NoTWNrQnVFRTRjL1VRTWhSeU9NMm4xRUFMUE5BQVRQbGNFYXBFR3RWWkZEK2JvRGVOd0M1U0lpQ2U3NDcyS2FoMW1Nei9NRHpiQzk0dkoiLCJtYWMiOiJhZTE2NDA5MTM1NjRiM2YzNjliMTQ5MzhmOTg4YjdiNTkzYjEwNjczZmNiYjQ0YWI1ZTIyOWY0YTc4ODI5OTViIiwidGFnIjoiIn0%3D
survey-be-21-skilled.paperform.co/ Name: laravel_session
Value: eyJpdiI6InlYR05XRElyUURnNndxQyt0c3JqVXc9PSIsInZhbHVlIjoicHNsSTNHR0VNaFFHR2Q4Wmt2Z283cmdUMDU4b1BxUk1iek4rQzl1eUtOcW1GNWZTTWFNNkZkYm9pUXZMM01OT3R0akgxTkhUNTIySmtYclM5L1Z4MURKdjg0UDNlQmtvZlE4MnJ4aTRFZkZyc1dPamt0WWZuQjMvRnJLRlVpNHciLCJtYWMiOiIzMjZlYjc4M2UwYjY2ZGQ4YjM3NjdkNjkwNDZhZGVjNWZmOGE0YTNjYzUzMDQ1YWE4NDk1NGNiNjI0NDM2ZDI1IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duube1y6ojsji.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
img.paperform.co
survey-be-21-skilled.paperform.co
13.225.78.73
13.32.145.79
2600:9000:21f3:ba00:e:f359:cf80:21
2a00:1450:4001:809::2003
2a00:1450:4001:82a::200a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
18aed794c5ccd4c90a5d2e0eded84a6f4d3b901f9e67f784952c3cb68157e051
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2f0a77ae5448cdfcd49f7f31c32890f20b80678338196b78e2ece71fc788e882
5234b893d7024cc53d152cb6a4444c95668826e14a173f556a0b48fa6accf73d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e54aa77b3f7395a254acfaf574a4b6c6bbd974c7a292ba846a482802fcff03f
79ad05c0f1d51f9fb67ab4ca27c9ce07d4194f3dfc6c49a1442247be2e60a513
7dd23cefa933c63a09cb77b248a01468b0cf390e30e4a2f823a2040bfa758725
88868b109afb4dff42a1363b8017fabb9cbe42c98e7d293d71cb8b438c5dd440
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
a917ea8eb26344679e871378e9fc11ce6c6c89490f3ee1f571375457681ee1c7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5cdafd74b7d328c23fddeea6de778fc48694a5d9fb856c7d655b59616849c6
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d