urlscan.io logo urlscan.io
SecurityTrails logo

www.thepaperstore.com Open in urlscan Pro
2606:4700:10::ac43:1893  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paramlountplus.com/
Effective URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=1560...
Submission: On January 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 5 countries across 35 domains to perform 169 HTTP transactions. The main IP is 2606:4700:10::ac43:1893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thepaperstore.com. The Cisco Umbrella rank of the primary domain is 366126.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 31st 2021. Valid for: a year.
This is the only time www.thepaperstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 5.79.68.104 60781 (LEASEWEB-...)
1 2 104.206.252.90 62904 (EONIX-COM...)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.41.86.185 16509 (AMAZON-02)
1 1 54.200.164.214 16509 (AMAZON-02)
40 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.222.236.13 16509 (AMAZON-02)
2 104.111.225.61 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
12 185.32.241.65 30286 (THM)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.130 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 18.66.112.72 16509 (AMAZON-02)
2 13.32.99.40 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
4 2.16.186.162 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.66.97.125 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 52.222.236.90 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 8 184.30.24.193 16625 (AKAMAI-AS)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.146.217.90 14618 (AMAZON-AES)
4 20.62.48.180 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
3 34.255.166.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.122.106 16509 (AMAZON-02)
2 52.44.4.227 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
3 3.221.107.253 14618 (AMAZON-AES)
2 52.23.126.38 14618 (AMAZON-AES)
2 91.235.132.130 30286 (THM)
1 91.235.134.131 30286 (THM)
169 44
2    5.79.68.104 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
paramlountplus.com
2    104.206.252.90 (New York, United States)

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US)
PTR: 90-252-206-104.staticrdns.eonix.net
4773.booknower.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    2606:4700:3036::6815:1a18 (United States)

ASN13335 (CLOUDFLARENET, US)
utkv6nyu.de
1    2606:4700::6811:a45c (United States)

ASN13335 (CLOUDFLARENET, US)
track.flexlinkspro.com
1    52.41.86.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-86-185.us-west-2.compute.amazonaws.com
www.pjatr.com
1    54.200.164.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-164-214.us-west-2.compute.amazonaws.com
c.pepperjamnetwork.com
40    2606:4700:10::ac43:1893 (United States)

ASN13335 (CLOUDFLARENET, US)
www.thepaperstore.com
1    52.222.236.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-13.fra56.r.cloudfront.net
cdn-scripts.signifyd.com
2    104.111.225.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-61.deploy.static.akamaitechnologies.com
creator.zmags.com
c.zmags.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    185.32.241.65 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googlecommerce.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
16    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
apis.google.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
6    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a02:26f0:6c00:280::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net
container.pepperjam.com
2    13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net
api.pushnami.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2.16.186.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-162.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:225e:4800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    18.66.97.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-125.fra56.r.cloudfront.net
a.smtrk.net
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
17    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.222.236.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-90.fra56.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
2    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com
ct.pinterest.com
www.pinterest.com
www.pinterest.de
1    2600:1f18:730:b150:54c0:d5f0:3e0a:5e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.146.217.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-217-90.compute-1.amazonaws.com
rp4.liadm.com
4    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
3    34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    18.66.122.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-106.fra60.r.cloudfront.net
cdn.pushnami.com
2    52.44.4.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-4-227.compute-1.amazonaws.com
trc.pushnami.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    3.221.107.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-107-253.compute-1.amazonaws.com
bt.signifyd.com
2    52.23.126.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-126-38.compute-1.amazonaws.com
psp.pushnami.com
2    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net
Apex Domain
Subdomains		 Transfer
40 thepaperstore.com
www.thepaperstore.com — Cisco Umbrella Rank: 366126
1 MB
31 google.com
www.google.com — Cisco Umbrella Rank: 8
apis.google.com — Cisco Umbrella Rank: 122
play.google.com — Cisco Umbrella Rank: 32
accounts.google.com — Cisco Umbrella Rank: 74
434 KB
16 signifyd.com
cdn-scripts.signifyd.com — Cisco Umbrella Rank: 12486
imgs.signifyd.com — Cisco Umbrella Rank: 11501
bt.signifyd.com — Cisco Umbrella Rank: 14543
84 KB
11 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1742
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3148
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3145
tracking.crazyegg.com — Cisco Umbrella Rank: 3199
72 KB
7 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 4022
cdn.pushnami.com — Cisco Umbrella Rank: 22371
trc.pushnami.com — Cisco Umbrella Rank: 4206
psp.pushnami.com — Cisco Umbrella Rank: 14200
67 KB
6 clarity.ms
e.clarity.ms — Cisco Umbrella Rank: 2191
c.clarity.ms — Cisco Umbrella Rank: 998
24 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
58 KB
4 pinterest.de
www.pinterest.de — Cisco Umbrella Rank: 26992
15 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 743
www.pinterest.com — Cisco Umbrella Rank: 965
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
416 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6151
785 B
4 gstatic.com
www.gstatic.com
ssl.gstatic.com
29 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1144
68 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 332
c.bing.com — Cisco Umbrella Rank: 239
12 KB
3 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2895
w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net
16 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
3 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3137
rp.liadm.com — Cisco Umbrella Rank: 2415
rp4.liadm.com — Cisco Umbrella Rank: 11230
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
200 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 660
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
2 zmags.com
creator.zmags.com — Cisco Umbrella Rank: 42549
c.zmags.com — Cisco Umbrella Rank: 33138
38 KB
2 lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 747142
1 KB
2 booknower.com
4773.booknower.com
2 KB
2 paramlountplus.com
paramlountplus.com
1 KB
1 rlcdn.com
di.rlcdn.com — Cisco Umbrella Rank: 2026
66 B
1 smtrk.net
a.smtrk.net — Cisco Umbrella Rank: 38070
688 B
1 pepperjam.com
container.pepperjam.com — Cisco Umbrella Rank: 7965
9 KB
1 googlecommerce.com
www.googlecommerce.com — Cisco Umbrella Rank: 15913
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
76 KB
1 pepperjamnetwork.com
c.pepperjamnetwork.com — Cisco Umbrella Rank: 77680
561 B
1 pjatr.com
www.pjatr.com — Cisco Umbrella Rank: 212804
331 B
1 flexlinkspro.com
track.flexlinkspro.com — Cisco Umbrella Rank: 101469
387 B
1 utkv6nyu.de
utkv6nyu.de — Cisco Umbrella Rank: 526817
858 B
1 clever-redirect.com
clever-redirect.com
247 B
0 Failed
function sub() { [native code] }. Failed
169 35
Domain Requested by
40 www.thepaperstore.com lookandfind.me
www.thepaperstore.com
17 www.google.com www.thepaperstore.com
www.googlecommerce.com
apis.google.com
paramlountplus.com
www.google.com
12 imgs.signifyd.com cdn-scripts.signifyd.com
imgs.signifyd.com
11 apis.google.com www.google.com
apis.google.com
accounts.google.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.thepaperstore.com
4 www.pinterest.de s.pinimg.com
paramlountplus.com
4 e.clarity.ms bat.bing.com
e.clarity.ms
4 www.facebook.com www.thepaperstore.com
4 www.google.de www.thepaperstore.com
4 analytics.tiktok.com paramlountplus.com
analytics.tiktok.com
3 bt.signifyd.com cdn-scripts.signifyd.com
3 tracking.crazyegg.com script.crazyegg.com
3 ct.pinterest.com s.pinimg.com
www.thepaperstore.com
3 www.gstatic.com paramlountplus.com
www.gstatic.com
www.google.com
3 connect.facebook.net paramlountplus.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.thepaperstore.com
2 h.online-metrix.net imgs.signifyd.com
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 play.google.com www.google.com
2 c.clarity.ms 1 redirects www.thepaperstore.com
2 stats.g.doubleclick.net www.google-analytics.com
2 api.pushnami.com paramlountplus.com
api.pushnami.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 lookandfind.me paramlountplus.com
2 4773.booknower.com 1 redirects paramlountplus.com
2 paramlountplus.com 1 redirects
1 w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net
1 www.pinterest.com 1 redirects
1 ssl.gstatic.com accounts.google.com
1 cdn.pushnami.com api.pushnami.com
1 accounts.google.com apis.google.com
1 di.rlcdn.com www.thepaperstore.com
1 c.bing.com 1 redirects
1 rp4.liadm.com www.thepaperstore.com
1 rp.liadm.com 1 redirects
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 a.smtrk.net paramlountplus.com
1 b-code.liadm.com www.googletagmanager.com
1 container.pepperjam.com paramlountplus.com
1 www.googlecommerce.com www.thepaperstore.com
1 c.zmags.com creator.zmags.com
1 www.googletagmanager.com www.thepaperstore.com
1 creator.zmags.com www.thepaperstore.com
1 cdn-scripts.signifyd.com www.thepaperstore.com
1 c.pepperjamnetwork.com 1 redirects
1 www.pjatr.com 1 redirects
1 track.flexlinkspro.com 1 redirects
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
0 ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed imgs.signifyd.com
169 55
Subject Issuer Validity Valid
lookandfind.me
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
www.thepaperstore.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-31 -
2022-09-26		 a year crt.sh
cdn-scripts.signifyd.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
secure.viewer.zmags.com
GeoTrust RSA CA 2018		 2021-12-27 -
2022-07-23		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2021-04-02 -
2022-05-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
*.pepperjam.com
Go Daddy Secure Certificate Authority - G2		 2021-01-29 -
2022-03-02		 a year crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
a.smtrk.net
Amazon		 2021-07-14 -
2022-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2020-07-26 -
2022-07-23		 2 years crt.sh
*.apis.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
signifyd.com
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2021-12-28 -
2023-01-23		 a year crt.sh
*.e.aa.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2021-07-30 -
2022-08-01		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Frame ID: 420B127449B606592C3024BB04B00386
Requests: 124 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/proxy?ts_id=709143&origin=https%3A%2F%2Fwww.thepaperstore.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: 03036EB91B2B86DFDCA4F372BDA3382E
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EB0904B03EE1CC3703B70E52D8660FC0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 28E2C359D8BF1B74067148023E14F512
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=10661938&hl=en_US&origin=https%3A%2F%2Fwww.thepaperstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: 61DEBB2A8429FEACDD14A3813EEA386A
Requests: 11 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.thepaperstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Frame ID: 95149833671EACBA79726D0AB2637559
Requests: 4 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Frame ID: 0FB4B24C36650C2CCFB138C87874EEEE
Requests: 10 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 1ABC5900670FC9E25EE8D137128CFD23
Requests: 4 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: FE5391380E50867B4B075DB158ECCAF4
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Frame ID: 797FF707AC58D2567AE490B2703B59CF
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Frame ID: DC41FFCF0870AB19D4BE2B2154D11846
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Frame ID: 54149F80D56CC9734A99512C129A94F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shop Unique Gifts, Stationery, Fashion & More | The Paper Store

Page URL History Show full URLs

  1. http://paramlountplus.com/ Page URL
  2. http://paramlountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MjE... HTTP 302
    http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608a... Page URL
  3. http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608a... HTTP 302
    https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramlountplus.com HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615... Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  5. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=570ac6b6fa362df3b70035f45... HTTP 302
    https://track.flexlinkspro.com/g.ashx?foid=156052.8249&trid=1059703.179187&foc=17&fot=9999&fos=1&fobs=at107... HTTP 302
    https://www.pjatr.com/t/8-11125-47736-145104?url=https%3a%2f%2fwww.thepaperstore.com&sid=156052.82... HTTP 302
    https://c.pepperjamnetwork.com/click?action=8-11125-47736-145104&v=&url=https%3A%2F%2Fwww.thepaperstore.com... HTTP 302
    https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Page Statistics

169
Requests

95 %
HTTPS

43 %
IPv6

35
Domains

55
Subdomains

44
IPs

5
Countries

2529 kB
Transfer

6056 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paramlountplus.com/ Page URL
  2. http://paramlountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MjE5MjExMywiaWF0IjoxNjQyMTg0OTEzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjUzY3VpaTJpdXU1dWQzZTgwdTk5a2ciLCJuYmYiOjE2NDIxODQ5MTMsInRzIjoxNjQyMTg0OTEzMTIwODk3fQ.xblvoZ8YTFKTJPIDvKo-RFwx3JR1q4muQowHJaJk1DU&sid=c763cc24-7567-11ec-bb55-deef45c4e955 HTTP 302
    http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed Page URL
  3. http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ== HTTP 302
    https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramlountplus.com HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D570ac6b6fa362df3b70035f459eb0105%26url%3Dhttps%253A%252F%252Fwww.thepaperstore.com%252F&h=12c4ece775167059fbe8908fe4958173 Page URL
  5. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=570ac6b6fa362df3b70035f459eb0105&url=https%3A%2F%2Fwww.thepaperstore.com%2F HTTP 302
    https://track.flexlinkspro.com/g.ashx?foid=156052.8249&trid=1059703.179187&foc=17&fot=9999&fos=1&fobs=at107999_a152111_m12_p134708_cDE_s570ac6b6fa362df3b70035f459eb0105 HTTP 302
    https://www.pjatr.com/t/8-11125-47736-145104?url=https%3a%2f%2fwww.thepaperstore.com&sid=156052.8249.0FOF41477952428532742 HTTP 302
    https://c.pepperjamnetwork.com/click?action=8-11125-47736-145104&v=&url=https%3A%2F%2Fwww.thepaperstore.com&sid=156052.8249.0FOF41477952428532742 HTTP 302
    https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://paramlountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MjE5MjExMywiaWF0IjoxNjQyMTg0OTEzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjUzY3VpaTJpdXU1dWQzZTgwdTk5a2ciLCJuYmYiOjE2NDIxODQ5MTMsInRzIjoxNjQyMTg0OTEzMTIwODk3fQ.xblvoZ8YTFKTJPIDvKo-RFwx3JR1q4muQowHJaJk1DU&sid=c763cc24-7567-11ec-bb55-deef45c4e955 HTTP 302
  • http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed
Request Chain 2
  • http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ== HTTP 302
  • https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramlountplus.com HTTP 302
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc
Request Chain 90
  • https://www.googleadservices.com/pagead/conversion/984011399/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM&ref=https%3A%2F%2Flookandfind.me%2F&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM
Request Chain 102
  • https://rp.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&wpn=lc-bundle&refr=https%3A%2F%2Flookandfind.me%2F&c=PHRpdGxlPlNob3AgVW5pcXVlIEdpZnRzLCBTdGF0aW9uZXJ5LCBGYXNoaW9uICZhbXA7IE1vcmUgfCBUaGUgUGFwZXIgU3RvcmU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIFRoZSBQYXBlciBTdG9yZSB0byBmaW5kIHVuaXF1ZSBnaWZ0cyBmb3IgZXZlcnkgb2NjYXNpb24uICBCcm93c2UgZmFzaGlvbiwgamV3ZWxyeSwgaG9tZSBkZWNvciwgdG95cywgc3BhLCBzdGF0aW9uZXJ5IGFuZCBtdWNoIG1vcmUuIj48aDEgY2xhc3M9InNmbnQtLWxvZ29fcmVtb3ZlX21hcmdpbiI-IDxhIGhyZWY9Imh0dHBzOi8vd3d3LnRoZXBhcGVyc3RvcmUuY29tLyIgdGl0bGU9IlRoZSBQYXBlciBTdG9yZSwgR2lmdHMgZm9yIEV2ZXJ5IE9jY2FzaW9uIiByZWw9Im5vZm9sbG93Ij4gPGltZyBzcmM9ImdyYXBoaWNzLzAwMDAwMDAxL2xvZ29zL2hlYWRlci9UaGVQYXBlclN0b3JlTG9nby5wbmciIGFsdD0iVGhlIFBhcGVyIFN0b3JlIj4gPC9hPiA8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&wpn=lc-bundle&refr=https%3A%2F%2Flookandfind.me%2F&c=PHRpdGxlPlNob3AgVW5pcXVlIEdpZnRzLCBTdGF0aW9uZXJ5LCBGYXNoaW9uICZhbXA7IE1vcmUgfCBUaGUgUGFwZXIgU3RvcmU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIFRoZSBQYXBlciBTdG9yZSB0byBmaW5kIHVuaXF1ZSBnaWZ0cyBmb3IgZXZlcnkgb2NjYXNpb24uICBCcm93c2UgZmFzaGlvbiwgamV3ZWxyeSwgaG9tZSBkZWNvciwgdG95cywgc3BhLCBzdGF0aW9uZXJ5IGFuZCBtdWNoIG1vcmUuIj48aDEgY2xhc3M9InNmbnQtLWxvZ29fcmVtb3ZlX21hcmdpbiI-IDxhIGhyZWY9Imh0dHBzOi8vd3d3LnRoZXBhcGVyc3RvcmUuY29tLyIgdGl0bGU9IlRoZSBQYXBlciBTdG9yZSwgR2lmdHMgZm9yIEV2ZXJ5IE9jY2FzaW9uIiByZWw9Im5vZm9sbG93Ij4gPGltZyBzcmM9ImdyYXBoaWNzLzAwMDAwMDAxL2xvZ29zL2hlYWRlci9UaGVQYXBlclN0b3JlTG9nby5wbmciIGFsdD0iVGhlIFBhcGVyIFN0b3JlIj4gPC9hPiA8L2gxPg&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgzZDE6NGFlMTo5YjA4&n3pc=true
Request Chain 104
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&RedC=c.clarity.ms&MXFR=3AAB6B61694C64E0124A7A4D6D4C6AE2 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&MUID=038E34C37DB56E882A1825EF7C3E6FB1
Request Chain 146
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.de/ct.html

169 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
paramlountplus.com/ 		474 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
http://paramlountplus.com/
Protocol
HTTP/1.1
Server
5.79.68.104 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
474
content-type
text/html; charset=utf-8
date
Fri, 14 Jan 2022 18:28:32 GMT
server
nginx
feed
4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/
Redirect Chain
  • http://paramlountplus.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0MjE5MjExMywiaWF0IjoxNjQyMTg0OTEzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycjUzY3VpaTJpdXU1dWQzZTgwdT...
  • http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
HTTP/1.1
Server
104.206.252.90 New York, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
90-252-206-104.staticrdns.eonix.net
Software
nginx/1.14.2 /
Resource Hash
b1e8cb34d3423488fa605b8315dd4ad0edc07d2370426fdbd3379873cf355cca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://paramlountplus.com/

Response headers

Server
nginx/1.14.2
Date
Fri, 14 Jan 2022 18:28:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
Content-Encoding
gzip

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 14 Jan 2022 18:28:33 GMT
location
http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed
server
nginx
a
lookandfind.me/s/
Redirect Chain
  • http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==
  • https://clever-redirect.com/s/r6?s=822615&s3=apix07-paramlountplus.com
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc
435 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash
fef73f3731934f2bbb5d14e80e911ab95c80707fc53031164ff427504123f05d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://4773.booknower.com/match-4773/67091/188780461/1642184913/mf_01783fcd-e47d-4ad6-9354-3b8556c608aa/YXBpeDA3LXBhcmFtbG91bnRwbHVzLmNvbQ==/feed

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
435
content-type
text/html; charset=UTF-8
date
Fri, 14 Jan 2022 18:28:34 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy
no-referrer
x-powered-by
PHP/7.4.27
location
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 14 Jan 2022 18:28:34 GMT
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
r
lookandfind.me/s/ 		351 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D570ac6b6fa362df3b70035f459eb0105%26url%3Dhttps%253A%252F%252Fwww.thepaperstore.com%252F&h=12c4ece775167059fbe8908fe4958173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=thepaperstore.com&s1=822615&s2=&s3=apix07-paramlountplus.com&s5=woc

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
351
content-type
text/html; charset=UTF-8
date
Fri, 14 Jan 2022 18:28:34 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
Primary Request /
www.thepaperstore.com/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=570ac6b6fa362df3b70035f459eb0105&url=https%3A%2F%2Fwww.thepaperstore.com%2F
  • https://track.flexlinkspro.com/g.ashx?foid=156052.8249&trid=1059703.179187&foc=17&fot=9999&fos=1&fobs=at107999_a152111_m12_p134708_cDE_s570ac6b6fa362df3b70035f459eb0105
  • https://www.pjatr.com/t/8-11125-47736-145104?url=https%3a%2f%2fwww.thepaperstore.com&sid=156052.8249.0FOF41477952428532742
  • https://c.pepperjamnetwork.com/click?action=8-11125-47736-145104&v=&url=https%3A%2F%2Fwww.thepaperstore.com&sid=156052.8249.0FOF41477952428532742
  • https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
203 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D570ac6b6fa362df3b70035f459eb0105%26url%3Dhttps%253A%252F%252Fwww.thepaperstore.com%252F&h=12c4ece775167059fbe8908fe4958173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
3df0664d13eaa6101c54fd8b28d6c5a1a52f4cd85ca426584e8ae7eaabd1c98f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D570ac6b6fa362df3b70035f459eb0105%26url%3Dhttps%253A%252F%252Fwww.thepaperstore.com%252F&h=12c4ece775167059fbe8908fe4958173

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-type
text/html; charset=utf-8
cf-railgun
direct (starting new WAN connection)
vary
Accept-Encoding
x-powered-by
PleskLin
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cd8ecd048586969-FRA
content-encoding
gzip

Redirect headers

date
Fri, 14 Jan 2022 18:28:36 GMT
content-type
text/html; charset=ISO-8859-1
content-length
0
location
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
server
Apache
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 14 Jan 2022 18:28:36 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
script-tag.js
cdn-scripts.signifyd.com/api/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-13.fra56.r.cloudfront.net
Software
/
Resource Hash
e17857cb74ff8bb8c18929844a2d0ff42bd36dee42113f85a8831ad42ef6eb79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:17:53 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
age
644
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-cf-pop
FRA56-P4
content-length
7199
x-amz-cf-id
GblaEjjRPb57jib1jn6ffjrlo9s_yijkf0P99i3FhuUNDygqjvyciA==
LyonText-Semibold.woff2
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/LyonText-Semibold.woff2
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc99b00d980cb9cd51438ff2e7f88511163933aaa59e99b160b0480045e967b6

Request headers

Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Origin
https://www.thepaperstore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:34 GMT
server
cloudflare
age
1026
etag
"619d6d6a-edac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cd8ecd58e536969-FRA
content-length
60844
Gotham-Book.woff2
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/Gotham-Book.woff2
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe43e47229a63ac6b38a4c9996123680fcadf93d1e5561f6b2e963a48c12b1e0

Request headers

Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Origin
https://www.thepaperstore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:34 GMT
server
cloudflare
age
1026
etag
"619d6d6a-391c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cd8ecd58ea86969-FRA
content-length
14620
Gotham-Bold.woff2
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/Gotham-Bold.woff2
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5010e11260f708f3b209b8e18626ea518d55bca12650bd0e45d5bda77b64f0a

Request headers

Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Origin
https://www.thepaperstore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:34 GMT
server
cloudflare
age
1026
etag
"619d6d6a-36cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cd8ecd58eab6969-FRA
content-length
14028
Gotham-Medium.woff2
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/Gotham-Medium.woff2
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6006cc2ff1f11d0b8714c8e38d5c49ffe8d972b12c12906b5a5ceafbdd4cea

Request headers

Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Origin
https://www.thepaperstore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:34 GMT
server
cloudflare
age
1026
etag
"619d6d6a-38e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cd8ecd58ecb6969-FRA
content-length
14568
The-Paper-Store-Icons-80.ttf
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/The-Paper-Store-Icons-80.ttf
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171185f6d598ab14601d246e4529aceec042a5d9865bcc65880b0498a4b9fd41

Request headers

Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Origin
https://www.thepaperstore.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:36 GMT
server
cloudflare
age
1026
etag
"619d6d6c-36f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cd8ecd58ed36969-FRA
content-length
14068
main.css
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		375 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.css?v=1637707115
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68836366b192198b806d4cd086671834456ed140fa33eb89223edd2bc177c154

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Nov 2021 22:38:35 GMT
server
cloudflare
age
1026
etag
W/"619d6d6b-5dcd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-polished
origSize=384211
cf-ray
6cd8ecd58eac6969-FRA
cf-bgj
minify
channels.js
creator.zmags.com/ 		108 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creator.zmags.com/channels.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6731354d99d66f0c4da59bedd8014ff7b161081c5f12ee750e3da8587540228a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
iI3i0I.tLrDTcBRCR2rOUWMCkC4SFX5N
content-encoding
gzip
etag
"8bdbb2d203c88dca4e57d073c8f68d80"
x-amz-request-id
3DGE59C70A3APP0E
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-replication-status
PENDING
content-length
35708
x-amz-id-2
bBZjdqU43CTX/4uneqhZ/9o8yrKdi+hSdIqGkH4OVetVfZktPQPp2UuDR4zAY9Sdxrbov6FiPOs=
last-modified
Thu, 13 Jan 2022 14:40:23 GMT
server
AmazonS3
date
Fri, 14 Jan 2022 18:28:37 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:33:37 GMT
ThePaperStoreLogo.png
www.thepaperstore.com/mm5/graphics/00000001/logos/header/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/logos/header/ThePaperStoreLogo.png
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7f2703d9d170c07a3f70ad7e9b2ff4945e8d6917c06a7b757caa1a3ddcc070c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Feb 2020 20:05:26 GMT
server
cloudflare
age
2322359
x-powered-by
PleskLin
etag
"5e582106-2642"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd5bedd6969-FRA
content-length
9794
expires
Sun, 18 Dec 2022 21:22:38 GMT
gtm.js
www.googletagmanager.com/ 		234 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f45d9f8b7e50b4fa6d84b5d636423166a7e0008e6b904e9e8bb04e83a2f47ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76946
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jan 2022 18:28:37 GMT
01_VDayGiftGuide22_MODU_DT.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/U/ 		420 KB
421 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/U/01_VDayGiftGuide22_MODU_DT.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8370c22d04226887c4a098bfe56d88d7eac515330eac8fa632bc69d07b7ea2ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 19:11:46 GMT
server
cloudflare
age
374570
x-powered-by
PleskLin
etag
"61d89072-69169"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd5bedf6969-FRA
content-length
430441
expires
Tue, 10 Jan 2023 10:25:47 GMT
GiftsforHer22_Z_DT.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/GiftsforHer22_Z_DT.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
732971723fb95eb8f89c55d80388137bf02616f0cedaf1b75c4b2f526a56d26c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 19:13:23 GMT
server
cloudflare
age
46564
x-powered-by
PleskLin
etag
"61d890d3-10dfd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd5bee36969-FRA
content-length
69117
expires
Sat, 14 Jan 2023 05:32:33 GMT
newsletter-image.png
www.thepaperstore.com/mm5/graphics/00000001/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/newsletter-image.png
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
77f3d63da5ea26461145c0919156ae6d26751a0a72cdbe8e9c86604465211971

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Sep 2018 22:47:39 GMT
server
cloudflare
age
817944
x-powered-by
PleskLin
etag
"5b8f0b8b-da7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd5bee76969-FRA
content-length
3495
expires
Thu, 05 Jan 2023 07:16:13 GMT
main.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
894830c9ff87ceb8bfbddcdc9bcb11c34ec94e1fdbc4d1bec9b63002becd507d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1847998
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:35 GMT
server
cloudflare
etag
W/"619d6d6b-30968"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=199016
cf-ray
6cd8ecd5bee96969-FRA
expires
Sun, 26 Dec 2021 09:08:39 GMT
tags.js
imgs.signifyd.com/fp/ 		79 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&pageid=2
Requested by
Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
5d804a95e42a2d99455b296d4c1ad392b2026f26ae36d7b0bf88a04d3e135b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5ce6b867dbec8326f25a79b5.json
c.zmags.com/assets/channelConfigs/ 		23 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.zmags.com/assets/channelConfigs/5ce6b867dbec8326f25a79b5.json
Requested by
Host: creator.zmags.com
URL: https://creator.zmags.com/channels.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.225.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6d7cbf5d649cbbd808f0bcc9b33706fd6a61d9bff9c2006316484c4c8829cb4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jnfe3oBeexooPrrP1M91iI3bkvTw7bz5
content-encoding
gzip
etag
"d0ff421f9d49b5754a52afc10edc3a83"
x-amz-request-id
4EP02WDNBNQRJWEF
x-amz-storage-class
REDUCED_REDUNDANCY
x-amz-replication-status
COMPLETED
content-length
2338
x-amz-id-2
xfE2VcSJ0MKWc2Sq9gDIMX2bu276svQxN6GyXCHv4dYqYtF4SuO1Y2SIxR5sytEf6UGxeTy8UAQ=
last-modified
Thu, 11 Nov 2021 17:35:15 GMT
server
AmazonS3
date
Fri, 14 Jan 2022 18:28:37 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:29:07 GMT
truncated
/ 		763 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a15d9d698a22d8c4779a4bd4048be39daa3c17a2e7696df83d88391fc1a2250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ec68500856cf690bde16c95f712d69f99614030abcc1c5868fead65f121eb74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		536 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbbbb8fc38ab31d34a2fefdddad45b2472f0df2c232c61ed8eeb16786041b24d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ad44b5ec2e976124c9091c6d2ed92482ce095bcd705b317e329a92aab2c3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
js
www.googlecommerce.com/trustedstores/api/ 		570 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googlecommerce.com/trustedstores/api/js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd1bce273fbb5c48b2fce8c7ff869df0611490d7a1412a2a42798d61b4cb9651
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qGFaSEXjTLubpj0pa40AMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrHttp/cspreport;worker-src 'self', script-src 'nonce-qGFaSEXjTLubpj0pa40AMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrHttp/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="VerifiedReviewsGcrHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"VerifiedReviewsGcrHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/VerifiedReviewsGcrHttp/external"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=14400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-qGFaSEXjTLubpj0pa40AMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrHttp/cspreport;worker-src 'self', script-src 'nonce-qGFaSEXjTLubpj0pa40AMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrHttp/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 14 Jan 2022 18:28:37 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3223
date
Fri, 14 Jan 2022 17:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 14 Jan 2022 19:34:54 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:36 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5C084E8F60A64C52A76937DD3D1A6E97 Ref B: FRA31EDGE0613 Ref C: 2022-01-14T18:28:37Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
9649.js
script.crazyegg.com/pages/scripts/0106/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0106/9649.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00e0911d8b4aa96affa1c6720fea5b3bb4143100523fe0e3117cafecfab75a7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
243672
cf-polished
origSize=4899
cf-ray
6cd8ecd6bf1c5c9e-FRA
ce-version
11.1.376
last-modified
Tue, 11 Jan 2022 22:47:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
core.js
s.pinimg.com/ct/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:280::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a85ea540e774d24b3472a92b0e69b48634c76af3a0dfce7d10ed473163285984

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"b994f61922eded883a63a8a3d9ec54c1"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
6a7dd695-2.16.186.197
accept-ranges
bytes
content-length
584
access-control-expose-headers
X-CDN
3767270064.js
container.pepperjam.com/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://container.pepperjam.com/3767270064.js
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
6wSEkEqU3shkCbsr6Xi3kJqTOXu8WBvo
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
last-modified
Mon, 17 Aug 2020 18:11:39 GMT
server
AmazonS3
age
644
etag
"cda0a8b1fb96cd23c5b8431794f284c4"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=900
date
Fri, 14 Jan 2022 18:17:54 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
8688
x-amz-cf-id
PbXzAUyrYT-hx8qIa0p7vYgQFe7nFY2El9T8iDBu5lrEF_aMSnu_lw==
5d23ba68fdcab9164f9638fc
api.pushnami.com/scripts/v1/pushnami-adv/ 		245 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5d23ba68fdcab9164f9638fc
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
7bd3b3a759bfd0f69a23dd3aff81745f393899fab6c0158ad082c9ec7b87b86a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
content-encoding
gzip
x-amz-cf-id
gaMldC28dqT77YOWOnvHqA68uYb0xW4bLEst1uh-eBKY-0HC3-JSbw==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
692XWJHwtx+Ay+AJb+Tzo4/fnFaSi5i7Hq1kuIgK6fN0kDO+3/nnBLMki9mP8YVbyMBypI5+ZFPpUCc7geR4uw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 14 Jan 2022 18:28:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4RSH016H18A0MH16BC0&lib=ttq
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
7ec04f57.11846c5
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a72-247-190-102.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught
1642184917626355
x-cache
TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
90,2.16.186.158
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=3, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202201141828370101130060110A01338D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
3,72.247.190.102
x-tt-trace-host
01ca5754d83224ad6ee886f811f650030860303216c16d9c393659cc1a123eec77852c737201c516a8fa6d674b851865b425d68a58a5e4e7123efc0cf640e567c41b8fdbb8bdb0543ea3a6deecf3096ac3466d7cbdb7c97e2a4b22b15d82bc51e3ad87ef53d3847af17610551e8c2ecb43
expires
Fri, 14 Jan 2022 18:28:37 GMT
a-071e.min.js
b-code.liadm.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-071e.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSJHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
374b4348daa09fea5bfb6f263b1f16d6e418d4052b9e3df5cdbf472ea030c7d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 03:05:11 GMT
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
server
ZIO-Http
age
55406
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
content-encoding
gzip
x-amz-cf-id
e4rlA-kvdBehXVb1tn3oT4EAAftBJ8gCKZU3jNZ02OVye5OOIpudaw==
trk
a.smtrk.net/ 		308 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.smtrk.net/trk?t=s&i=617b1ad945128e1017e29d5b&p=t,i,x&s=6d0297eec354c33788585cd96dccf843&r=https%3A//lookandfind.me/&u=https%3A//www.thepaperstore.com/%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-125.fra56.r.cloudfront.net
Software
/
Resource Hash
30e50c48d471ed843ef6e4bb7d6900bfa2ca97c1c2afb8f3ce90c5ce03012ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amzn-requestid
d4caf777-d03d-4cb3-902b-6a6ec0e26e97
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
private, no-cache, no-store
x-amzn-trace-id
Root=1-61e1c0d6-0543f406461495e66d0c4261;Sampled=0
x-amz-apigw-id
L8sReEDPvHcFY0Q=
content-length
308
x-amz-cf-id
MkeutMzP0-3AMfIBKHO2HNf2yGicxMV6BpEmuq-It4KxoI7N8XVfNw==
3116c2a6476973a72bc3.pnpm.core-js3.9.1.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/3116c2a6476973a72bc3.pnpm.core-js3.9.1.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9f522ff0c3e1cd93991e183caf9c8d7c2639fd042763af6ede4b4223d9119b9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
662012
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:21 GMT
server
cloudflare
etag
W/"619d6d5d-93d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=37843
cf-ray
6cd8ecd6a9996969-FRA
expires
Sun, 09 Jan 2022 02:35:05 GMT
53fc7418f8f5c68ae862.51.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/53fc7418f8f5c68ae862.51.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ebd46e103e587451e742bab1965a403c7b3596d84a5c60ed1a50412603cdb5f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
817942
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:23 GMT
server
cloudflare
etag
W/"619d6d5f-331c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=13084
cf-ray
6cd8ecd6a99c6969-FRA
expires
Fri, 07 Jan 2022 07:16:15 GMT
loader.js
www.gstatic.com/wcm/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:15:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 16:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 14 Jan 2022 19:15:39 GMT
9649.json
script.crazyegg.com/pages/data-scripts/0106/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0106/9649.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/9649.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b4279769c75a3d10ac7a92b1545fb053cbb90cf0acebbe7775b13da3239392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
243672
ce-version
11.1.376
content-length
1469
timing-allow-origin
*
last-modified
Tue, 11 Jan 2022 22:47:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6cd8ecd78ce14e61-FRA
72feff8dc913e1b328ff.15.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/72feff8dc913e1b328ff.15.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7c8fa2cc0ef9c7e948dee90dc0e658070f1163f3a79d8d7d57dac6c2283354d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:25 GMT
server
cloudflare
etag
W/"619d6d61-381d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=14365
cf-ray
6cd8ecd77ba86969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
4f025fe37481d7a407b0.86.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		846 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/4f025fe37481d7a407b0.86.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1625baaa1d5bf7baf5ba87e601dd1d92ef25b271b632e5f6442550eb695f8462
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=904
cf-ray
6cd8ecd77baf6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
7f16938bfe883c884d1d.81.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		2 KB
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/7f16938bfe883c884d1d.81.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ff8aaf070b90debddcd02972406f71433852e8553e07179b5b48b742e650acb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:25 GMT
server
cloudflare
etag
W/"619d6d61-63d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1597
cf-ray
6cd8ecd77bb26969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
84e164d47dfb9c64cb84.82.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		1 KB
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/84e164d47dfb9c64cb84.82.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c7054072f3ad93ca9b624613c2ded39bc710e20ad85c23ffce1d08cade06bb1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
817937
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:26 GMT
server
cloudflare
etag
W/"619d6d62-48b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1163
cf-ray
6cd8ecd77bb46969-FRA
expires
Fri, 07 Jan 2022 07:16:20 GMT
16c93563501723c85d31.75.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		504 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/16c93563501723c85d31.75.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
403caf4ad58cf06be4bb602a60c1df055f12a7ed2b5d83b337d0d008d9644762
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2286479
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=562
cf-ray
6cd8ecd77bbe6969-FRA
expires
Tue, 21 Dec 2021 07:20:38 GMT
31f892f00d0fed83eec4.52.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/31f892f00d0fed83eec4.52.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
95168004f3de67e0cc3c8a3f4a075bf032330486a81267447e2e833f15998fc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:21 GMT
server
cloudflare
etag
W/"619d6d5d-1864"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=6244
cf-ray
6cd8ecd77bc16969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
47f31e2d0b0f4db21e0a.28.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/47f31e2d0b0f4db21e0a.28.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
034ac6c53db77ec1120901f01632f9a275f469eba04e7ba8b8b09c6d8ce875fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:22 GMT
server
cloudflare
etag
W/"619d6d5e-23ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=9131
cf-ray
6cd8ecd77bc36969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
cd06200fdd4015c5f78d.77.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		936 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/cd06200fdd4015c5f78d.77.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
39c941e1daf079f3502ee7aa775f359985ad1f0f3ad419ebacc57de13305509d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=994
cf-ray
6cd8ecd77bc56969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
d1b13619c5f98e2d76c9.80.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		851 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/d1b13619c5f98e2d76c9.80.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d67ed9d7c7b372670195a3ecc9c46318b2cc932d6da6abd7405bd0f875ffb01a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=909
cf-ray
6cd8ecd77bc66969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
9f2daee91d91dfccfa4e.19.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		1018 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/9f2daee91d91dfccfa4e.19.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e674f56cf90f2886719f7601987d71dc58f9d4bc25274b43722803f551bd74b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:28 GMT
server
cloudflare
etag
W/"619d6d64-434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1076
cf-ray
6cd8ecd77bc86969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
ca4a2eab96f63f4ffea4.79.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ca4a2eab96f63f4ffea4.79.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
094973a5c51a92f1c4f3d4f513332b4b0b80e02fe2377f81da6e55fbb06c07e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
817936
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:30 GMT
server
cloudflare
etag
W/"619d6d66-c1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=3103
cf-ray
6cd8ecd77bc96969-FRA
expires
Fri, 07 Jan 2022 07:16:21 GMT
3dd65e3b020f2a60fe17.76.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/3dd65e3b020f2a60fe17.76.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0686179532eb66368df674acf6404eab82e62d7ce718f8d91fe11073615b7adb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
711179
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:21 GMT
server
cloudflare
etag
W/"619d6d5d-4eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1259
cf-ray
6cd8ecd77bca6969-FRA
expires
Sat, 08 Jan 2022 12:55:38 GMT
ed53a67c49d4a15adf8e.83.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ed53a67c49d4a15adf8e.83.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
eace0e1b9cac3eeda75f59409b2ac06b3776984b22e7d7d128da3b4a2e7fc4d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:32 GMT
server
cloudflare
etag
W/"619d6d68-699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1689
cf-ray
6cd8ecd77bcb6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
048f7ee538e688dcd39d.42.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		766 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/048f7ee538e688dcd39d.42.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4d9c02001b90e723ca3d615cac65036ef0f3fddad6e48f040f13bc18d281ba76
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=824
cf-ray
6cd8ecd77bcc6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
7dbab0d4d0fec5d5f447.78.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		2 KB
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/7dbab0d4d0fec5d5f447.78.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fc6caf2c72f19ca60dccc592c1774c98315721306cd0a115deff7e9d4eeed3c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
817936
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:25 GMT
server
cloudflare
etag
W/"619d6d61-699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=1689
cf-ray
6cd8ecd77bce6969-FRA
expires
Fri, 07 Jan 2022 07:16:21 GMT
c2810c221da8b7f08117.63.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/c2810c221da8b7f08117.63.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f68aec9f416247c9d3280ebc20fb04820428f83f518bce1be3a1f240fe8b410e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:29 GMT
server
cloudflare
etag
W/"619d6d65-dcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=3531
cf-ray
6cd8ecd77bd56969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
7f7a829ae03311cb0e29.31.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/7f7a829ae03311cb0e29.31.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
508a66c35e926f9d9f4ff93d93929964d7cc54237cbb83602c3d6316e2d89e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:25 GMT
server
cloudflare
etag
W/"619d6d61-b27a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=45690
cf-ray
6cd8ecd77bda6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
6f8b533540639e388a32.49.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/6f8b533540639e388a32.49.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
627453916857e07c6d088ebf09daed01bec0da6f63c0beb096b154b8a3dfc79b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
817935
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:24 GMT
server
cloudflare
etag
W/"619d6d60-119a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=4506
cf-ray
6cd8ecd77bdb6969-FRA
expires
Fri, 07 Jan 2022 07:16:22 GMT
js
www.google-analytics.com/gtm/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PQPD8NZ&t=gtm4&cid=651486258.1642184918
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
879d7a1d9d649417f86df57e7c319204eeab4bacac76efcf7cdee4d661b791fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37536
x-xss-protection
0
expires
Fri, 14 Jan 2022 18:28:37 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/984011399/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984011399/?random=1642184917689&cv=9&fst=1642184917689&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Shop%20Unique%20Gifts%2C%20Stationery%2C%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
178c968cf4a45f7601172e314455f243a6b46e38aba84fdc6addda4acb245855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5222895.js
bat.bing.com/p/action/ 		684 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5222895.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb77ef9ac861c245f5153a7e63e6ace63d92e1bc5d1b8f208d2be3ca89e72a73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 838BB85F81514379A5034FA78068D474 Ref B: FRA31EDGE0613 Ref C: 2022-01-14T18:28:37Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
586
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5222895&tm=gtm002&Ver=2&mid=e4732773-0e5f-4799-994c-0a64d75db2a3&sid=ca417a40756711ecb29337eb376d5718&vid=ca41a7a0756711ec878739632733f069&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shop%20Unique%20Gifts,%20Stationery,%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&kw=the%20paper%20store,%20unique%20gifts,%20gift%20store&p=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&r=https%3A%2F%2Flookandfind.me%2F&lt=2813&evt=pageLoad&msclkid=N&sv=1&rn=118897
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 394707B6E1704C6C8D76151ED6A04D07 Ref B: FRA31EDGE0613 Ref C: 2022-01-14T18:28:37Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1307561826364433
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1307561826364433?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32265b887c1925e6b796e410328d3d5f7aa0d5bca610d90e420386366835ebdb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
S97f7rMdioZAzeiaN+KcCgRI8f21pTVNl0uK/29vMjWfCFozEwR1Mttv9FDKR03Ue0+0cWZzXbPTR8ZrDphGLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 14 Jan 2022 18:28:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
11.1.376.js
script.crazyegg.com/pages/versioned/common-scripts/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/9649.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:25:17 GMT
server
cloudflare
age
3044492
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6cd8ecd7ca865c9e-FRA
content-length
23366
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4RSH016H18A0MH16BC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
7ec05c42.1184817
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a72-247-190-102.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught
1642184917787748
x-cache
TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
89,2.16.186.158
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=2, inner; dur=0
pragma
no-cache
server
nginx
x-tt-logid
202201141828370101130060110A01339E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,72.247.190.102
x-tt-trace-host
01ca5754d83224ad6ee886f811f650030860303216c16d9c393659cc1a123eec77852c737201c516a8fa6d674b851865b425d68a58a5e4e7123efc0cf640e567c41b8fdbb8bdb0543ea3a6deecf3096ac3ec8c3238470e2e0da14f314352fc740e3e7454b9f3d6832f59351ae7e3538b4f
expires
Fri, 14 Jan 2022 18:28:37 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		722 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C4RSH016H18A0MH16BC0&hostname=www.thepaperstore.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4RSH016H18A0MH16BC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80ea3345574c7dfdc419da535ebc96a1d7b008474ddcd5029ba80fa764e38f30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id
7ec05c23.1184899
date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a72-247-190-102.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught
1642184917852846
x-cache
TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-parent-response-time
89,2.16.186.158
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=2, inner; dur=0
content-length
324
pragma
no-cache
server
nginx
x-tt-logid
20220114182837010113006114204A7BE1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
2,72.247.190.102
x-tt-trace-host
01ca5754d83224ad6ee886f811f650030860303216c16d9c393659cc1a123eec77852c737201c516a8fa6d674b851865b425d68a58a5e4e7123efc0cf640e567c4ac1c581e5d04fcb186495e16d497b6fd2ef7cec31247dd04ea1a2e123d1d98919d6e1c417f61c9d8d248d829f5324d8f
expires
Fri, 14 Jan 2022 18:28:37 GMT
7c8fee1c4ba16998f590.1.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/7c8fee1c4ba16998f590.1.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
62454d7fa548c6166a9077e1a8a611f136a04e69b41b3a95ce937a24f19c2a85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287334
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:25 GMT
server
cloudflare
etag
W/"619d6d61-a849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=43081
cf-ray
6cd8ecd84e486969-FRA
expires
Tue, 21 Dec 2021 07:06:23 GMT
main.4fd9fcbb.js
s.pinimg.com/ct/lib/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.4fd9fcbb.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:280::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5955908348c9dc49badb9b08e2448d49db335f16720edaf1bf6cbe67692129ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"ee862b07a016793ba80ef67b90f043d5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
6a7dd8a4-2.16.186.197
accept-ranges
bytes
content-length
19222
access-control-expose-headers
X-CDN
a44c529d99c733d6679a.117.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/a44c529d99c733d6679a.117.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4b3ae9d1ae8a4a557d509a73b9a5f1da8f46c5b6064b7a79143eb083fe77633b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:28 GMT
server
cloudflare
etag
W/"619d6d64-1d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=7552
cf-ray
6cd8ecd86e7f6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
8638946c1968fbaa5db1.116.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/8638946c1968fbaa5db1.116.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
94e5b9a7ad03e1a3c5288651f2d2396c033f50129ad50bff9eb4f06aceb88b1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287335
x-powered-by
PleskLin
cf-bgj
minify
last-modified
Tue, 23 Nov 2021 22:38:26 GMT
server
cloudflare
etag
W/"619d6d62-10f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2628000
cf-polished
origSize=4340
cf-ray
6cd8ecd87ead6969-FRA
expires
Tue, 21 Dec 2021 07:06:22 GMT
/
www.google.com/pagead/1p-user-list/984011399/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/984011399/?random=1642184917689&cv=9&fst=1642183200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Shop%20Unique%20Gifts%2C%20Stationery%2C%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&async=1&fmt=3&is_vtc=1&random=1819782397&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/984011399/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/984011399/?random=1642184917689&cv=9&fst=1642183200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&ref=https%3A%2F%2Flookandfind.me%2F&tiba=Shop%20Unique%20Gifts%2C%20Stationery%2C%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&async=1&fmt=3&is_vtc=1&random=1819782397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=bootstrap
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.5DJ1saqUdFk.es5.O/d=1/rs=AC8lLkS11tHZBxqDRM1n9dCIChGP1sUu6g/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.5DJ1saqUdFk.es5.O/d=1/rs=AC8lLkS11tHZBxqDRM1n9dCIChGP1sUu6g/m=bootstrap
Requested by
Host: www.googlecommerce.com
URL: https://www.googlecommerce.com/trustedstores/api/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3f402cd156e7c5be023250b0b13633c46819e6691cdb8c44f87e945574c3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6661
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 16:10:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Wed, 11 Jan 2023 16:39:40 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 14 Jan 2022 19:05:56 GMT
9649.json
script.crazyegg.com/pages/sampling-data-scripts/0106/ 		168 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0106/9649.json?t=456162
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b93bea4a18492092dce8907fea7505d3281e401b5b318f74670acca33a0b7df4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
150808
ce-version
11.1.376
content-length
151
timing-allow-origin
*
last-modified
Thu, 13 Jan 2022 00:35:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6cd8ecd8af034e61-FRA
715308255285735
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/715308255285735?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07815e78f59731ec91c0e104ff1774ab2828ca01e39a7baa0682617a5162186f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
w3Vx49uCRPAxvsSFwEI/0r+XiPyx1YR994ECJiMpkM2jPccuRZiZitSv/hj6KCE1UfEFyCfn7BS7NLYDSRkh8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 14 Jan 2022 18:28:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1307561826364433&ev=PageView&dl=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1642184917866&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642184917865.1627047841&it=1642184917713&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 14 Jan 2022 18:28:37 GMT
call-tracking_7.js
www.gstatic.com/call-tracking/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_7.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 04:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21020
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 22:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jan 2023 04:13:49 GMT
424f85145bf90b65e788.88.chunk.js
www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/ 		574 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/424f85145bf90b65e788.88.chunk.js
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/mm5/themes/thepaperstore/public/dist/main.js?v=1637707115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
80dfa6893e2aa5571ce6190258b2210156f9c5c2ae449ec5ca93342c035c3e17
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2287334
x-powered-by
PleskLin
cf-bgj
minify
x-xss-protection
1; mode=block
last-modified
Tue, 23 Nov 2021 22:38:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://locations.thepaperstore.com
x-accel-version
0.01
cache-control
public, max-age=2628000
cf-polished
origSize=632
cf-ray
6cd8ecd8cf7e6969-FRA
expires
Tue, 21 Dec 2021 07:06:23 GMT
GiftsforKids22_Z_DT.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/GiftsforKids22_Z_DT.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
21045b9290d345c71995dea5600e5d3503b7eddfbd04a6be59e4e0b0f44d9ec2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 19:15:20 GMT
server
cloudflare
age
282727
x-powered-by
PleskLin
etag
"61d89148-1327c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd8dfa56969-FRA
content-length
78460
expires
Wed, 11 Jan 2023 11:56:29 GMT
GiftsforHim22_Z_DT.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/Z/GiftsforHim22_Z_DT.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
686928f7f45f9514923dac117f13ccea2a07e3cd4396c4b266c4a5e8db8cb64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 19:16:58 GMT
server
cloudflare
age
210344
x-powered-by
PleskLin
etag
"61d891aa-11074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd8dfb06969-FRA
content-length
69748
expires
Thu, 12 Jan 2023 08:02:53 GMT
WhiteContainer_1400x938.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/G/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/G/WhiteContainer_1400x938.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fc4ece4999b11848f8fa1af5ad867844f7ece830155d1ae2bd39d48c5576d325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Dec 2018 21:37:19 GMT
server
cloudflare
age
444339
x-powered-by
PleskLin
etag
"5c0ae80f-4139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecd8eff46969-FRA
content-length
16697
expires
Mon, 09 Jan 2023 15:02:58 GMT
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-90.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:52:43 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
2090156
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
19
x-amz-cf-id
dK2wHH3l9_2FDvU7x0kymmgp19XeESgzv7YmZMY2_towgVxVnb9gLA==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:24:28 GMT
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
2091850
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
19
x-amz-cf-id
hS-c1zLhcBnY0ZXF8zyiGngYxHNucTT4_WDloraS-XYBR1KTh2nofA==
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1317572638&gjid=556934686&_gid=1418991857.1642184918&_u=aGDAgEAjQAAAAE~&z=1663835416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 14 Jan 2022 18:28:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.thepaperstore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=440255697&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Shop%20Unique%20Gifts%2C%20Stationery%2C%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=On%20Site%20Click%20Engagement&ea=undefined&_u=aGDAAEAjQAAAAG~&jid=1529832474&gjid=1850296832&cid=651486258.1642184918&tid=UA-30794554-1&_gid=1418991857.1642184918&_r=1&gtm=2wg1c0KNSJHH&z=1108446951
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thepaperstore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=440255697&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&dr=https%3A%2F%2Flookandfind.me%2F&ul=en-us&de=UTF-8&dt=Shop%20Unique%20Gifts%2C%20Stationery%2C%20Fashion%20%26%20More%20%7C%20The%20Paper%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjQ~&jid=1317572638&gjid=556934686&cid=651486258.1642184918&tid=UA-30794554-1&_gid=1418991857.1642184918&gtm=2wg1c0KNSJHH&z=2099408193
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 15:58:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9023
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
0bdac6f0-a2e3-4934-9d35-6a7af3b6209a
https://www.thepaperstore.com/ 		53 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thepaperstore.com/0bdac6f0-a2e3-4934-9d35-6a7af3b6209a
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
api.js
apis.google.com/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.5DJ1saqUdFk.es5.O/d=1/rs=AC8lLkS11tHZBxqDRM1n9dCIChGP1sUu6g/m=bootstrap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vMJ726iqs98SsZhmvijpSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"cd9548d21b91a6bc691d64931de272a2"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-vMJ726iqs98SsZhmvijpSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1529832474&gjid=1850296832&_gid=1418991857.1642184918&_u=aGDAAEAjQAAAAG~&z=97352289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 14 Jan 2022 18:28:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.thepaperstore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/984011399/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM&ref=https%3A%2F%2Flookandfind.me%2F&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM
80 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 18:28:37 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8444807100&cl=Xfs3CI2rkXMQh6Wb1QM
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.thepaperstore.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
analytics.tiktok.com/api/v2/ 		0
709 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4RSH016H18A0MH16BC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7ec05df6.11849fb
date
Fri, 14 Jan 2022 18:28:38 GMT
x-cache-remote
TCP_MISS from a72-247-190-102.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-16-186-158.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time
103,2.16.186.158
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=13, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202201141828380101130060110A0133CF
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,72.247.190.102
x-tt-trace-host
01ca5754d83224ad6ee886f811f650030860303216c16d9c393659cc1a123eec77852c737201c516a8fa6d674b851865b425d68a58a5e4e7123efc0cf640e567c41b8fdbb8bdb0543ea3a6deecf3096ac35a7e26447386739a9f20466c0fa72b6c61ef9747bd02f0d5d413ede138aa4694
expires
Fri, 14 Jan 2022 18:28:38 GMT
/
ct.pinterest.com/user/ 		513 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613191307737&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&cb=1642184917990
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4fd9fcbb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
380aa76e18ed26dd45f869c9509e0c05e06718aa733233e27543d0da2b3dbdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.ac247e68.1642184918.16cc38d3
x-envoy-upstream-service-time
1
x-pinterest-rid
1642144682115303
pin-unauth
dWlkPU1HWmxZek5qTkdRdFkySXpPQzAwTlRObExUaGhabVV0TUdZeU5XRmtOV0ppTVRjNA
access-control-allow-origin
https://www.thepaperstore.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
368
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=715308255285735&ev=PageView&dl=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&rl=https%3A%2F%2Flookandfind.me%2F&if=false&ts=1642184917996&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642184917865.1627047841&it=1642184917713&coo=false&exp=p1&rqm=GET
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 14 Jan 2022 18:28:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1317572638&_u=aGDAgEAjQAAAAE~&z=892946414
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1317572638&_u=aGDAgEAjQAAAAE~&z=892946414
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1529832474&_u=aGDAAEAjQAAAAG~&z=1388352114
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30794554-1&cid=651486258.1642184918&jid=1529832474&_u=aGDAAEAjQAAAAG~&z=1388352114
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613191307737&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%22em%22%5D%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832%22%2C%22ref%22%3A%22https%3A%2F%2Flookandfind.me%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%224fd9fcbb%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1642184917999
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ac247e68.1642184918.16cc38db
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
2219628871304374
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd9f90bab8e8d60672dbb6b571a2a12aee9ba9bb33452df87f8c065efd4db12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30849
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:55:25 GMT
proxy
www.google.com/shopping/customerreviews/ Frame 0303 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/shopping/customerreviews/proxy?ts_id=709143&origin=https%3A%2F%2Fwww.thepaperstore.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aed3576b81743a2db02123ad79459bae3b8eb49e5371ddccdc3be57d68b49e85
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport script-src 'report-sample' 'nonce-QmFlhTZ0cczg9BBnfSJ6dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport;worker-src 'self' script-src 'nonce-QmFlhTZ0cczg9BBnfSJ6dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrProxyUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires
Fri, 14 Jan 2022 18:28:38 GMT
date
Fri, 14 Jan 2022 18:28:38 GMT
cache-control
private, max-age=14400
cross-origin-opener-policy
same-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport script-src 'report-sample' 'nonce-QmFlhTZ0cczg9BBnfSJ6dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport;worker-src 'self' script-src 'nonce-QmFlhTZ0cczg9BBnfSJ6dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrProxyUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ct.pinterest.com/md/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4fd9fcbb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ac247e68.1642184918.16cc3997
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1749748669841424
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_sourc...
  • https://rp4.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_sour...
13 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&wpn=lc-bundle&refr=https%3A%2F%2Flookandfind.me%2F&c=PHRpdGxlPlNob3AgVW5pcXVlIEdpZnRzLCBTdGF0aW9uZXJ5LCBGYXNoaW9uICZhbXA7IE1vcmUgfCBUaGUgUGFwZXIgU3RvcmU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIFRoZSBQYXBlciBTdG9yZSB0byBmaW5kIHVuaXF1ZSBnaWZ0cyBmb3IgZXZlcnkgb2NjYXNpb24uICBCcm93c2UgZmFzaGlvbiwgamV3ZWxyeSwgaG9tZSBkZWNvciwgdG95cywgc3BhLCBzdGF0aW9uZXJ5IGFuZCBtdWNoIG1vcmUuIj48aDEgY2xhc3M9InNmbnQtLWxvZ29fcmVtb3ZlX21hcmdpbiI-IDxhIGhyZWY9Imh0dHBzOi8vd3d3LnRoZXBhcGVyc3RvcmUuY29tLyIgdGl0bGU9IlRoZSBQYXBlciBTdG9yZSwgR2lmdHMgZm9yIEV2ZXJ5IE9jY2FzaW9uIiByZWw9Im5vZm9sbG93Ij4gPGltZyBzcmM9ImdyYXBoaWNzLzAwMDAwMDAxL2xvZ29zL2hlYWRlci9UaGVQYXBlclN0b3JlTG9nby5wbmciIGFsdD0iVGhlIFBhcGVyIFN0b3JlIj4gPC9hPiA8L2gxPg&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgzZDE6NGFlMTo5YjA4&n3pc=true
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Server
54.146.217.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-217-90.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
x-pixel-event-id
7d302c3a-c80e-4c14-a288-e6b27a6eeea9
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
1
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
f40bdeea059963c8

Redirect headers

date
Fri, 14 Jan 2022 18:28:38 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1642184918078&aid=a-071e&se=e30&duid=cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy&tna=v2.3.0&pu=https%3A%2F%2Fwww.thepaperstore.com%2F%3Futm_medium%3Daffiliate%26utm_source%3D47736%26utm_campaign%3D8-11125%26utm_content%3D3839939832%26utm_term%3D156052.8249.0FOF41477952428532742%26clickId%3D3839939832&wpn=lc-bundle&refr=https%3A%2F%2Flookandfind.me%2F&c=PHRpdGxlPlNob3AgVW5pcXVlIEdpZnRzLCBTdGF0aW9uZXJ5LCBGYXNoaW9uICZhbXA7IE1vcmUgfCBUaGUgUGFwZXIgU3RvcmU8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJTaG9wIFRoZSBQYXBlciBTdG9yZSB0byBmaW5kIHVuaXF1ZSBnaWZ0cyBmb3IgZXZlcnkgb2NjYXNpb24uICBCcm93c2UgZmFzaGlvbiwgamV3ZWxyeSwgaG9tZSBkZWNvciwgdG95cywgc3BhLCBzdGF0aW9uZXJ5IGFuZCBtdWNoIG1vcmUuIj48aDEgY2xhc3M9InNmbnQtLWxvZ29fcmVtb3ZlX21hcmdpbiI-IDxhIGhyZWY9Imh0dHBzOi8vd3d3LnRoZXBhcGVyc3RvcmUuY29tLyIgdGl0bGU9IlRoZSBQYXBlciBTdG9yZSwgR2lmdHMgZm9yIEV2ZXJ5IE9jY2FzaW9uIiByZWw9Im5vZm9sbG93Ij4gPGltZyBzcmM9ImdyYXBoaWNzLzAwMDAwMDAxL2xvZ29zL2hlYWRlci9UaGVQYXBlclN0b3JlTG9nby5wbmciIGFsdD0iVGhlIFBhcGVyIFN0b3JlIj4gPC9hPiA8L2gxPg&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjgzZDE6NGFlMTo5YjA4&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.thepaperstore.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
cb4e28e3a23b940b
request-time
1
content-length
0
x-content-type-options
nosniff
clarity.js
e.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5222895.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:37 GMT
content-encoding
br
etag
"1d7ffcbff747e00"
last-modified
Sun, 02 Jan 2022 11:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&RedC=c.clarity.ms&MXFR=3AAB6B61694C64E0124A7A4D6D4C6AE2
  • https://c.clarity.ms/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&MUID=038E34C37DB56E882A1825EF7C3E6FB1
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&MUID=038E34C37DB56E882A1825EF7C3E6FB1
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CE410269F864A809ED37871201DE468 Ref B: FRA31EDGE0613 Ref C: 2022-01-14T18:28:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=F1756FF164CB4280909BAE2F194A73E5&MUID=038E34C37DB56E882A1825EF7C3E6FB1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
700272.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/700272.gif?pdata=cat%3DShopping%2Csubcat%3DShopping-Shopping%20Centers%20and%20Malls
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
via
1.1 google
alt-svc
clear
content-length
0
01_VBLoveYouLots_MODU_DT.jpg
www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/U/ 		272 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thepaperstore.com/mm5/graphics/00000001/banners/homepage/U/01_VBLoveYouLots_MODU_DT.jpg
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f4a381a213261677dbafd582744054f3a0aed8056a48dc4b47714e03a3d4ceef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 19:45:45 GMT
server
cloudflare
age
46559
x-powered-by
PleskLin
etag
"61d89869-440b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
6cd8ecdafd816969-FRA
content-length
278712
expires
Sat, 14 Jan 2023 05:32:39 GMT
cspreport
www.google.com/_/VerifiedReviewsGcrProxyUi/ Frame 0303 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/VerifiedReviewsGcrProxyUi/cspreport
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
667fce7aa7cd4f9311b75e0e9c31d515e516f8ab025b6811b3ffdedbd9040881

Request headers

Referer
https://www.google.com/shopping/customerreviews/proxy?ts_id=709143&origin=https%3A%2F%2Fwww.thepaperstore.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1598
content-type
text/html; charset=UTF-8
m=_b,_tp
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 0303 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSRGRt4DvcPA6IRiuRfG0IB9_849g/m=_b,_tp
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/proxy?ts_id=709143&origin=https%3A%2F%2Fwww.thepaperstore.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8236975419115aa9d0533a9c0aac7d84f7fdf728607e813e5106d092406993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49701
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 05:10:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:12 GMT
clock
tracking.crazyegg.com/ 		28 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1642184918245
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c3bfcab8fb818a258cc527e048aef296f9aaa86acaefd8610cc2de9fa6d2513b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 14 Jan 2022 18:28:38 GMT
cache-control
no-store
server
awselb/2.0
content-length
28
content-type
text/plain
m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame 0303 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.ZX6-nzQSJq8.L.B1.O/am=BkA/d=1/exm=_b,_tp/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkTweS1iaFQxoVE86N24TRurmNbGXg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSRGRt4DvcPA6IRiuRfG0IB9_849g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bc76d58428c606299a56b8a9c78e40d8d6634023ff211799d4bb262415c7266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34175
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:12 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame 0303 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.ZX6-nzQSJq8.L.B1.O/am=BkA/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,pBXhlf,vfuNJf,ws9Tlc,xUdipf/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkTweS1iaFQxoVE86N24TRurmNbGXg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSRGRt4DvcPA6IRiuRfG0IB9_849g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dce443a4d0d94e0681c0db5d6ead809cd92cc2a2e1c5fbf02013793b94083ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12092
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:12 GMT
m=lwddkf,EFQ78c
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame 0303 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.ZX6-nzQSJq8.L.B1.O/am=BkA/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,pBXhlf,vfuNJf,ws9Tlc,xUdipf/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkTweS1iaFQxoVE86N24TRurmNbGXg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=lwddkf,EFQ78c
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSRGRt4DvcPA6IRiuRfG0IB9_849g/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66256a3baa9f45ce6bec201c1d9c0abba5b4c9557d4943d2ffe5f959f5a23395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2156
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:12 GMT
api.js
apis.google.com/js/ Frame 0303 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.ZX6-nzQSJq8.L.B1.O/am=BkA/d=1/exm=_b,_tp/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkTweS1iaFQxoVE86N24TRurmNbGXg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YK3+ksc22nwPe2G8nXbYOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"cd9548d21b91a6bc691d64931de272a2"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-YK3+ksc22nwPe2G8nXbYOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:38 GMT
log
play.google.com/ Frame 0303 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.17XTHOHaNew.es5.O/am=BkA/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSRGRt4DvcPA6IRiuRfG0IB9_849g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://www.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 14 Jan 2022 18:28:38 GMT
/
www.facebook.com/tr/ Frame EB09 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thepaperstore.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thepaperstore.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Fri, 14 Jan 2022 18:28:38 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame 0303 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd9f90bab8e8d60672dbb6b571a2a12aee9ba9bb33452df87f8c065efd4db12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30849
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:55:25 GMT
11.1.376.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/11.1.376.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/9649.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b47e87d67d24948f07f698641cec81e6ea6d691d81951205877b2518ba5e23a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:25:20 GMT
server
cloudflare
age
3044492
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6cd8ecdbedf45c9e-FRA
content-length
19639
39860b88-98c6-4288-bda0-42986b97dda1
https://www.thepaperstore.com/ 		218 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thepaperstore.com/39860b88-98c6-4288-bda0-42986b97dda1
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
218
Content-Type
text/javascript
11.1.376.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/11.1.376.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/9649.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba6eaaa5cf6988c9f46c5bc0db4cb4fac910896d2b550d2a9f5c4a5d18b4735

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 14:25:20 GMT
server
cloudflare
age
3044491
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6cd8ecdca8215c9e-FRA
content-length
24903
/
www.facebook.com/tr/ Frame 28E2 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thepaperstore.com
URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.thepaperstore.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.thepaperstore.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Fri, 14 Jan 2022 18:28:38 GMT
platform.js
apis.google.com/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.5DJ1saqUdFk.es5.O/d=1/rs=AC8lLkS11tHZBxqDRM1n9dCIChGP1sUu6g/m=bootstrap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sV8lNKtDm5lr1Pd8Nzcysw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"9e73b2cd9b08c6b34a7273789934d4e5"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-sV8lNKtDm5lr1Pd8Nzcysw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:38 GMT
v11
tracking.crazyegg.com/ 		0
83 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1069649&st=389890&s=4832835
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 14 Jan 2022 18:28:38 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=ratingbadge/exm=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=ratingbadge/exm=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6412606a5a36257ac3a68b08b0d113c61f3640bcf5cc7a0b85e4d4759a58a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25047
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:57:10 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=gapi_iframes,ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=gapi_iframes,ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fba852e6969addb356e0be12a3c18356ad6caa9ce8af6f57eecfb400be466de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30138
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 20:05:45 GMT
badge
www.google.com/shopping/customerreviews/ Frame 61DE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=10661938&hl=en_US&origin=https%3A%2F%2Fwww.thepaperstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f02223ea74577d88e4e8c10f16417d11a228a56c4c7052acb27e19fb08c353
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-At7MiKdahF3n5sJGZ7U6+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-At7MiKdahF3n5sJGZ7U6+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires
Fri, 14 Jan 2022 18:28:38 GMT
date
Fri, 14 Jan 2022 18:28:38 GMT
cache-control
private, max-age=900
cross-origin-opener-policy
same-origin
content-security-policy
script-src 'report-sample' 'nonce-At7MiKdahF3n5sJGZ7U6+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-At7MiKdahF3n5sJGZ7U6+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame 9514 		566 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.thepaperstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth/exm=gapi_iframes,ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2001820d46b4f131fdb2b9d1884df1a457ec9093681476fda4efdeda5b656b42
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yGht4QSghMehbVcIjdR3fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 14 Jan 2022 18:28:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-yGht4QSghMehbVcIjdR3fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
e.clarity.ms/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.thepaperstore.com
date
Fri, 14 Jan 2022 18:28:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
miva.bundle.js
cdn.pushnami.com/js/modules/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/js/modules/miva.bundle.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d23ba68fdcab9164f9638fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
143f11039efc88ebcdbeea628e7b1a93c581b68641eca36000990a8a1de6da85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 18:09:50 GMT
server
AmazonS3
age
3276
etag
W/"92a7cbecc7104039a26669856a1a3961"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
date
Fri, 14 Jan 2022 17:34:03 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
4Qu6cy7aO7WUVAtCTQEDnAEtY2aFp9BOFUtGE0D5BM4mHcbWk2Astw==
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d23ba68fdcab9164f9638fc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.4.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-4-227.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.thepaperstore.com/
key
5d23ba68fdcab9164f9638fc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 14 Jan 2022 18:28:39 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.4.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-4-227.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.thepaperstore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
3087399934-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 9514 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/3087399934-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.thepaperstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 02:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4296
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 03:08:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jan 2023 02:26:37 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 9514 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.thepaperstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aa29d1df34f28ec237bf79348805f48a266b64ffbd8f335f48b69bfd9366614
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bk6u2rRqCWRhAHvT4FCWcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"5f192fb73491a82f56e9fa48938a34cf"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Bk6u2rRqCWRhAHvT4FCWcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:38 GMT
cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame 61DE 		0
22 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TqKMx/OxkIVb/CWAt5LvXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-TqKMx/OxkIVb/CWAt5LvXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=10661938&hl=en_US&origin=https%3A%2F%2Fwww.thepaperstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 18:28:38 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-TqKMx/OxkIVb/CWAt5LvXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-TqKMx/OxkIVb/CWAt5LvXQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=... Frame 61DE 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=10661938&hl=en_US&origin=https%3A%2F%2Fwww.thepaperstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954f0341230e30c512cae540b6a1113d2ced82c47a194f86ad4263e94b54f4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52576
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 05:10:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:38:53 GMT
no_rating.png
www.gstatic.com/verifiedreviews/en/ Frame 61DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/verifiedreviews/en/no_rating.png
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=10661938&hl=en_US&origin=https%3A%2F%2Fwww.thepaperstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:13:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
335692
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1551
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Jan 2023 21:13:46 GMT
m=byfTOb,lsjVmc,LEikZe
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auW... Frame 61DE 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auWTiKbcJew.L.B1.O/am=DAAE/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTLzrUxZ3is_-WVvQTq-N0s9pvAdw/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4b535c1aa7c6d6d980b54186bacd1fb5f1bc7f82a295a132dfc4948aed72231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13467
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:42 GMT
m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auW... Frame 61DE 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auWTiKbcJew.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTLzrUxZ3is_-WVvQTq-N0s9pvAdw/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a328ffe188612830124ce051d21c7ed21652cb54fba61e86d898838881a2e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20775
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:42 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame 9514 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcc03db6521f41a4f4907bcbd066d04ac91ad8d2c057b77bb3fd88641ccd6897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18301
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:55:44 GMT
api.js
apis.google.com/js/ Frame 61DE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auWTiKbcJew.L.B1.O/am=DAAE/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTLzrUxZ3is_-WVvQTq-N0s9pvAdw/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,vhDjqd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lZGyvRA+gSTaoSS5D+lqGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 18:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
etag
"cd9548d21b91a6bc691d64931de272a2"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-lZGyvRA+gSTaoSS5D+lqGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 14 Jan 2022 18:28:38 GMT
collect
e.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.thepaperstore.com
date
Fri, 14 Jan 2022 18:28:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame 61DE 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
527b85627ccc6082e4d8548a1fafef7c8e646ede01353555c3283c6276c8ba93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42045
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 19:41:11 GMT
onload
bt.signifyd.com/ 		0
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bt.signifyd.com:11103/onload
Requested by
Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.107.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-107-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Tracking
eyJicm93c2VySWQiOiI2ZGQzMDdjYmNiOWU0NzM2OWUwMGUwYWE3ZWViZDAyNmRmZmZjMTk0NDFiZGM5ZWNlNWE3YzAwODFmZTcyZmIzZTBiZDNjMjgiLCJzZXNzaW9uSWQiOiI2OTMwMjYzMzhhYWY0NGI5OGVhMTI2NWMzYmY1MWI3ZWY5N2I4MmQ5OTBjYTYzZTZhNDFkYWFkZjJiMGI1NmU0MzU3YzE5MDAiLCJ0aW1lc3RhbXAiOjE2NDIxODQ5MTkzMjh9
ETag
eyJicm93c2VySWQiOiI2ZGQzMDdjYmNiOWU0NzM2OWUwMGUwYWE3ZWViZDAyNmRmZmZjMTk0NDFiZGM5ZWNlNWE3YzAwODFmZTcyZmIzZTBiZDNjMjgiLCJzZXNzaW9uSWQiOiI2OTMwMjYzMzhhYWY0NGI5OGVhMTI2NWMzYmY1MWI3ZWY5N2I4MmQ5OTBjYTYzZTZhNDFkYWFkZjJiMGI1NmU0MzU3YzE5MDAiLCJ0aW1lc3RhbXAiOjE2NDIxODQ5MTkzMjh9
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, ETag-State, Tracking, Tracking-State
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Content-Length
0
check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD
imgs.signifyd.com/fp/ Frame 0FB4 		221 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&pageid=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
8089110740e914058d8a1b43823abf01a1dbb5940e9ee1ecc92285f8f1a5a50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
cd74471436ac6b6c
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ct.html
www.pinterest.de/ Frame 1ABC
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.de/ct.html
413 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.4fd9fcbb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5c90beeba8cdc043ed6d8a02ecad837a4c635d049d024d2e8b3978367b95df1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-2a2d544b2d4ec7ce34a3d93712d945bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1598578879560575; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-2a2d544b2d4ec7ce34a3d93712d945bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1598578879560575; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-2a2d544b2d4ec7ce34a3d93712d945bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
88
pinterest-generated-by
coreapp-webapp-prod-0a011318
content-encoding
gzip
pinterest-version
53c2cab
referrer-policy
origin
x-pinterest-rid
1598578879560575
date
Fri, 14 Jan 2022 18:28:39 GMT
content-length
279
akamai-grn
0.ac247e68.1642184919.16cc428c
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.de/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
96
pinterest-generated-by
coreapp-webapp-prod-0a011c3f
content-encoding
gzip
pinterest-version
53c2cab
referrer-policy
origin
x-pinterest-rid
1168537770615070
date
Fri, 14 Jan 2022 18:28:39 GMT
akamai-grn
0.ac247e68.1642184918.16cc40ac
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
hub
api.pushnami.com/scripts/v1/ Frame FE53 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d23ba68fdcab9164f9638fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

content-type
text/html; charset=utf-8
date
Fri, 14 Jan 2022 18:05:11 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
imqbXM7iIuLY6jQwQ1Do3OFNCcIbSiC191bE4ZiJ3F0Qjt3rW35Hgw==
age
1408
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auW... Frame 61DE 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auWTiKbcJew.L.B1.O/am=DAAE/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTLzrUxZ3is_-WVvQTq-N0s9pvAdw/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a86338875377dd50899ea9cba2a967860c05bca6e30d4a6569e4f4a2b547f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11806
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:42 GMT
m=lwddkf,EFQ78c
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auW... Frame 61DE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.auWTiKbcJew.L.B1.O/am=DAAE/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/esmo=1/ed=1/wt=2/rs=AC8lLkTLzrUxZ3is_-WVvQTq-N0s9pvAdw/ee=iFQyKf:vfuNJf;cEt90b:ws9Tlc;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;uY49fb:COQbmf;Oj465e:KG2eXe;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a94c3da6f04f30290273a7e35bc75e10b4f833dce034e59593669be002ef8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 16:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2154
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:27:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
expires
Sat, 14 Jan 2023 16:39:42 GMT
log
play.google.com/ Frame 61DE 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.8yaTi1ZktZA.es5.O/am=DAAE/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkQOi12bu_u0ewolXteV_yUoJBB4FA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 14 Jan 2022 18:28:39 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://www.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 14 Jan 2022 18:28:39 GMT
psp
psp.pushnami.com/api/ 		2 B
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d23ba68fdcab9164f9638fc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-126-38.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.thepaperstore.com/
key
5d23ba68fdcab9164f9638fc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.thepaperstore.com
date
Fri, 14 Jan 2022 18:28:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-126-38.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://www.thepaperstore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 14 Jan 2022 18:28:39 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thepaperstore.com
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		81 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, w2txo5aa/cd74471436ac6b6c811a119f03f4f5a0c50c84b079ade137
Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 18:28:39 GMT
Last-Modified
Fri, 14 Jan 2022 18:28:39 GMT
Server
Apache
Etag
43aed9e84bd94ef78d8a0c0884ab635f
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
https://www.thepaperstore.com
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Wed, 13 Jan 2027 18:28:39 GMT
ls_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD
imgs.signifyd.com/fp/ Frame 797F 		83 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f43be4c8dd371c0b209f2ff08b9d094b6f9b7f82f62c39d285e2a8c307cd15b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

Date
Fri, 14 Jan 2022 18:28:39 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3b36266c73613561646161333b653134613261366d633438316b6464326230343839633031666b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD
h.online-metrix.net/fp/ Frame DC41 		96 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
7905ba5b33e92afc617f2eab8b0ca20cf2bcbf459c93ce0758681c23b65d6e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

Date
Fri, 14 Jan 2022 18:28:39 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=100
Transfer-Encoding
chunked
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 0FB4 		0
0
top_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD
imgs.signifyd.com/fp/ Frame 5414 		82 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
6b8cb0af74cd3ee5ce55d71abea6cbac92ee1d23c08232c8798d25dc9bff8678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/

Response headers

Date
Fri, 14 Jan 2022 18:28:39 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=98
Transfer-Encoding
chunked
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&ja=3a31353626266b3f3024783d3226663d3336303270313030322e61663d3134323878313230302e71787b3f307a30266472723d33243134303224313230302e333e30302c313238322c333430322c313232302c333e30322c333a30302c302e322e6d743d6138303061606164613737646666646431656338363931343730346031613761266d663f34247163663d3234246c683f60747670712d3341253244273a467777772e7c6a65726370677273746d72652c6b6f6f25304e25334675766f576d6564697565273346636664696c69637465273a3677746f57736f757261672d33443437373b3425303475766d5f63636d706361676c25314c382d313133303d2532367574655d636d6c74676e74253144333a3b393b333b303332253234777c6d5f746572652733463335343035322c383236312e32464d4e34313437353b3d32343238353b30373630253036636c6b636b4b6c2531443130333939333b3a3b322664723d6076747271253141253244253244646f6d6b63666466696e662c656525324626786e3d3124706a3d37386432386369366063646a6531313360353b38376165306c3162666032663426686a3d35376a626163336d3464626163336932323732626b34343a323433356632343726687b6f3f4c6b667578266a7160354368726f6d6d2732323b37246a736f773d4c6b66757a26687b62753d436a70676d65266e686b3f34246c646f3d3826767a643f4d746125304e556e6b6e6d7566266d6174687a3f3432323366316332606563323a653463613d3630303830636c31353534303964643637383a313431663665636932366461313461666266353a33313331393e6326723f706e7567696c5f666e69736a5e64696c736521726e7d67696e5f77616c646d75735d6d65646b615f7264617b65705666616c736723786c7567696e5763646d60655d6163726d6261765666636c716d21706c75656b665f717569636376696f675e64616c736721706e7d676b6e5d7b686f636b75637e655e66616c7b6721726e7565696e5f7065616e786c6379677a5e66616c716729706c756769665d766e615f726c617967725e64696c716523786c7567696c5d6c6576616c767a5c66636e736721706c7767696c577374675d7e69657765705c6e616c736521786e75656b6e5d6a6176635e6663647367266770333d623733323c6231323933303b64363536313363633635363330366733306e65633662643b3c3137652667645d633f756560676c576762474e2d3232312c38253230284d726d6e474c2532384753273030302e30253030436a7a6f6f69776529576562454e2d3230474c53442732324753273230312c30253038284d706766474c253232475b253230474c5b4e2530324551253230332e30273a30416870676d69756d2b556d624b6974576d604b6b76253030576560474c4346474e455d616e7374616c616d645f617272697b73273142273230455a545f6064656c645d65696e6d617a273b422532304550565f616d6c6d725f62776666677a5f6a616e6e5f666c6f63762d33422532304d5a545d646c6d61745f606c656c6c253142273a304558545d647a61675f6465787668273142273230455a545f716061666570577465787477706d5f6c6f64253b40253032455a545f74677874777a655d636d6570726573716b676e5f6270746b2733402732324558545d74657a7c7570655d6b6f6d707267717b696f6e5f726f7663273142273230455a545f766d787675706d5f66696c76677a5f616e69736776726d726961253342273230554d42494956574558545f766770747572655f6e6b6c7667725d616e69716f747067706b63273b42253230475a5c5f735247422d31422730304948525f72617263646c676c5d7b68616465705d6b6f6d70696c6d2733402732324f45535d656c6765656c745d616e6465785d77616e742533422d30304d47535d66626f5d72656c6c65705f6f61706d617027314a2532304f455b5d7376636e666172645d646570617663746b7e6573253340273a304f45535f7c6778767772675f666c6d6174273b422732324745535f74677a7c7572655f66646d61765d6c6b6e6561702533402d32324f475b5f74657876777a655f68616c6e5d666e6d61762533422732304d4d535d746770747572655d6a696c665f666c6763745d6e696c656172273342273a304d45515776657274677a576172726179576d6268676376253342273230554d42454c5d6b6f6c6f725d607d666665725f6e6e6f63762531422532325745404f4c5d636d657072657371676c5f746578747d70655d637376632533402532325f4540474e57636f6d7070677b7365645f746d7a747770655d657463273342273a305545404f4c5f636f6f727a65737365645776657a767570655f65766331273b422732325f4542474c5d61676d707265737b67645d76657a747572675f73317c632733402d32305745404941545f5745424f4e5f616d6d727265737165645d7c657a74777a655f733376612d33422532305f4742454e5f616f6d70706573716d645d746770747572655d713b74635f73726f60253140253030574540474c5d6c656075655772656e6467706d725f696e6667273340273232574542454c5f666d7076685d7c6578747570672d33422532305f4742494b545d574542454c5f666d7076685d7c6578747570672d33422532305f4742454e5f667261775d6275646e657073273b4225323055474a474c5f6c6f7b675f616d6e76657874273342273a305545404349545f5747404f4c5f6c6f736d5d636d6c7467787425314225303857474245445f6d756c766b5764726177313e24676e5d683f306230373163636a36303832393432353561676b32613765353c643835603836366436373530366d2675676e7e3d496e74676e2d3230496e63262477656e723f496e74676c253038497069712d32304f70676c4f4c253230456665696c67266163643d30&jb=393533266c71354f6f786b6c6e61253244352e322d32322855616e646f7771273a304e5425323833302c3225314225323257696c3e342733402d32307836362b2d323041707064675767604b6b74253244353335263334253038284b48544f4e2d3243253230646b6b67273232476563696f29273a30416870676d652532443b3f2e302e343631302e353325303053616461726b2d324435313f2e3336
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 18:28:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net/fp/ Frame 0FB4 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
imgs.signifyd.com/fp/ Frame 797F 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jf=3b36266c7362353a64353b37376630393b656536303637383b3a6133303231323133366635386c
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=BD101A12389EEF4E28C84B839379F5DD
imgs.signifyd.com/fp/ Frame 0FB4 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.signifyd.com/fp/clear1.png;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jf=3c31342673696c5d726c663d7664725f4e4a46707e396a57474a706e4a41764d2e7369645f646976653f3336363231383639313b2e736b645d7c7970653d75676a3a656364736924736b665f6965793d3130353b3b303333323e303732613a343c3863653364383030333236323832613a36343a6b653164323b3031303732313c32303030343f3a36633a6666653233323437333e326137346d6137343567363d6165386262393062366135313732393063653a3e3764333739393339393366396531366534396435346634333035326032343630663561643c3838613535613c33666466616d6765603430666237323b6331603f34303067306230636467326a36326332632e7169665d736b673d33323434323a32323534313233366660643f65346135613b326566323833623031326331643c6360303b6b643566643b306d3733633237303230663230666133383b3533643d396630303a3036373167373c65633830633f6361363537306534343632653b3a626163366a6462373366633e62393532306b636530643164633663613232323d353736666a3726736964703530
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=D7D99B56B71CFC96FE3193BCD435EB52
h.online-metrix.net/fp/ Frame DC41 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=D7D99B56B71CFC96FE3193BCD435EB52?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jf=3c31382673696c5d726c663d7664725f4f4e306a43794036465f756f6271775a2e7369645f646976653f3336363231383639313b2e736b645d7c7970653d75676a3a656364736924736b665f6965793d3130353b3b303333323e303732613a343c3863653364383030333236323832613a36343a6b653164323b3031303732313c3230303034386137353638353735343230386369373737333e313339303a333b613630396431333730306634626337376262663e373566646e6236663032663d61343165666c6737666338643131353562666730373634376c3834363360336b31346234383c6131373b3161356530663765303d3864663430633837393b616930386233622e7169665d736b673d33323436323a323330326d3166336160303f39373432313130663a353232343534346534373f623563306c3239653936673e65313065646d343461666434616539336436333062673531383232313032636e66323265303e6631363a3560336533323231603d643665313f66393865363a3d38636563336c60616730663b3636366765343069626636313b3238383963247b6966723d31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ingest
bt.signifyd.com/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bt.signifyd.com:11103/ingest
Requested by
Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.107.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-107-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Tracking
eyJicm93c2VySWQiOiI2ZGQzMDdjYmNiOWU0NzM2OWUwMGUwYWE3ZWViZDAyNmRmZmZjMTk0NDFiZGM5ZWNlNWE3YzAwODFmZTcyZmIzZTBiZDNjMjgiLCJzZXNzaW9uSWQiOiI2OTMwMjYzMzhhYWY0NGI5OGVhMTI2NWMzYmY1MWI3ZWY5N2I4MmQ5OTBjYTYzZTZhNDFkYWFkZjJiMGI1NmU0MzU3YzE5MDAiLCJ0aW1lc3RhbXAiOjE2NDIxODQ5MTkzMjh9
Referer
https://www.thepaperstore.com/
Tracking-State
RECEIVED
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, ETag-State, Tracking, Tracking-State
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Content-Length
0
ingest
bt.signifyd.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bt.signifyd.com:11103/ingest
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.107.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-107-253.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,tracking,tracking-state
Origin
https://www.thepaperstore.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, ETag-State, Tracking, Tracking-State
Access-Control-Max-Age
3600
Cache-Control
private
Content-Length
0
Connection
keep-alive
/
www.pinterest.de/_/_/csp_report/ Frame 1ABC 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?rid=1598578879560575
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8d3bc4a6a6bf11d30cce85b129fab92a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2671120531119548; frame-ancestors 'self' , script-src 'nonce-8d3bc4a6a6bf11d30cce85b129fab92a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2671120531119548
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8d3bc4a6a6bf11d30cce85b129fab92a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2671120531119548; frame-ancestors 'self' , script-src 'nonce-8d3bc4a6a6bf11d30cce85b129fab92a' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2671120531119548
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac247e68.1642184919.16cc446f
content-security-policy-report-only
script-src 'nonce-8d3bc4a6a6bf11d30cce85b129fab92a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
27
vary
User-Agent, Accept-Encoding
x-pinterest-rid
2671120531119548
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
53c2cab
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 14 Jan 2022 18:28:39 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a0110be
/
www.pinterest.de/_/_/csp_report/ Frame 1ABC 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4488be35cc79030d310ae666311bbb4c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9506082286064120; frame-ancestors 'self' , script-src 'nonce-4488be35cc79030d310ae666311bbb4c' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9506082286064120
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4488be35cc79030d310ae666311bbb4c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9506082286064120; frame-ancestors 'self' , script-src 'nonce-4488be35cc79030d310ae666311bbb4c' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=9506082286064120
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac247e68.1642184919.16cc4476
content-security-policy-report-only
script-src 'nonce-4488be35cc79030d310ae666311bbb4c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
74
vary
User-Agent, Accept-Encoding
x-pinterest-rid
9506082286064120
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
53c2cab
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 14 Jan 2022 18:28:39 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011e14
/
www.pinterest.de/_/_/csp_report/ Frame 1ABC 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.de/_/_/csp_report/?reportonly
Requested by
Host: paramlountplus.com
URL: http://paramlountplus.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-87cd2c2fe604cbcf074792780521f937' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1244375927808913; frame-ancestors 'self' , script-src 'nonce-87cd2c2fe604cbcf074792780521f937' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1244375927808913
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-87cd2c2fe604cbcf074792780521f937' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1244375927808913; frame-ancestors 'self' , script-src 'nonce-87cd2c2fe604cbcf074792780521f937' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1244375927808913
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.ac247e68.1642184919.16cc447b
content-security-policy-report-only
script-src 'nonce-87cd2c2fe604cbcf074792780521f937' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
28
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1244375927808913
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
53c2cab
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Fri, 14 Jan 2022 18:28:39 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011c58
clear.png
imgs.signifyd.com/fp/ Frame 0FB4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jac=1&je=3937362626776d607276615f67787465706e616e5769723d333b382e31393b2c3b382e3133342e75696f3f7767627274615f696c7c65706e63645f6d646e7124786d3d6e6f266a637471763d79226c6574656c2032312c3032242273746176777b223a2263686970676b6c67207d26617764683f6b6135623b6d3665363833616b6163366632693563333b323b333633363662376b3333373b3e6234643866663c3836303033306465366430316663643a34353b
Requested by
Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=BD101A12389EEF4E28C84B839379F5DD?org_id=w2txo5aa&session_id=811a119f03f4f5a0c50c84b079ade137&nonce=cd74471436ac6b6c&jb=3c3926266a7367773d4e6b6e7778266a716f3d4e616e777824627362753d416a7a6f6d65266a7b603d416a726d6d652530303935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.32.241.65 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.thepaperstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Jan 2022 18:28:39 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v11
tracking.crazyegg.com/ 		0
82 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=1069649&st=389890&s=4832835
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.376.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 14 Jan 2022 18:28:40 GMT
server
awselb/2.0
content-length
0
content-type
text/plain
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.thepaperstore.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.thepaperstore.com
date
Fri, 14 Jan 2022 18:28:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL
chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onsecuritypolicyviolation object| onslotchange string| datalayerPageView object| dataLayer object| __SCRIPTTAG__ object| SIGNIFYD_GLOBAL object| google_tag_manager function| postscribe object| google_tag_manager_external function| _ object| __zmags function| __zmagsChannels_5ce6b867dbec8326f25a79b5 object| gts string| theme_path string| default_country string| api_url string| prod_url string| canonicalPath object| mivaJS object| webpackJsonp object| regeneratorRuntime object| picturefillCFG function| picturefill object| google_tag_data string| GoogleAnalyticsObject function| ga function| pintrk function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| d string| s object| n object| e function| _googWcmImpl string| _googWcmAk function| _googWcmGet object| td_3b object| td_1N function| tmx_run_page_fingerprinting function| tmx_post_session_params_fixed boolean| tmx_profiling_started boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| UET function| UET_init function| UET_push object| gaplugins object| gaGlobal object| gaData object| Pepperjam function| PepperjamTracking function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ueto_5326e4e5fe object| uetq string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| MVPS_EventBus object| CE2BH function| CE_URL_FINGERPRINT string| _gcr_server_address object| google_optimize object| lazySizes object| LI object| __li__evt_bus object| liQ object| default_VerifiedReviewsGcrBootstrapJs function| _DumpException function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| gapi object| ___jsl string| google_wcc_status object| osapi function| clarity function| _createSuper function| _isNativeReflectConstruct object| cesrk06637486131249717 string| cesrk06637486131249717_path object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

31 Cookies

Domain/Path Name / Value
.paramlountplus.com/ Name: sid
Value: c763cc24-7567-11ec-bb55-deef45c4e955
lookandfind.me/ Name: 81b5f0138c5174ee26d1929a014291c6
Value: 0c6a4c58a943a297d92143c48ebeb027ee62cdf0204a2cd89e7caacd73c1262da%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2281b5f0138c5174ee26d1929a014291c6%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
utkv6nyu.de/ Name: PHPSESSID
Value: k6q7bar5hbjmlotikn5cjjoch7
.pepperjamnetwork.com/ Name: pjn_cookie_8249
Value: 3839939832%3A47736%3A1119305816
.pepperjamnetwork.com/ Name: pjn_session_8249
Value: 3839939832%3A47736%3A1119305816
www.thepaperstore.com/ Name: mm5-thepaperstore-basket-id
Value: cee43a08075e0c203b5d676cf7373589
imgs.signifyd.com/ Name: thx_guid
Value: 3d1c18682c3f46edb720fbfdf991afee
.bing.com/ Name: MUID
Value: 038E34C37DB56E882A1825EF7C3E6FB1
.thepaperstore.com/ Name: _ga
Value: GA1.2.651486258.1642184918
.thepaperstore.com/ Name: _gid
Value: GA1.2.1418991857.1642184918
www.thepaperstore.com/ Name: pjn-click
Value: [{"id":"3839939832","days":19007,"type":"p"}]
.thepaperstore.com/ Name: _uetsid
Value: ca417a40756711ecb29337eb376d5718
.thepaperstore.com/ Name: _uetvid
Value: ca41a7a0756711ec878739632733f069
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.thepaperstore.com/ Name: mm5-todaysoffers-micro
Value: 1
.thepaperstore.com/ Name: _fbp
Value: fb.1.1642184917865.1627047841
.thepaperstore.com/ Name: _dc_gtm_UA-30794554-1
Value: 1
.thepaperstore.com/ Name: _gat_UA-30794554-1
Value: 1
.thepaperstore.com/ Name: _li_dcdm_c
Value: .thepaperstore.com
.thepaperstore.com/ Name: _lc2_fpi
Value: cf00265e1dfa--01fscxjgxp93ez5c6ergvtxthy
.google.com/ Name: NID
Value: 511=hUQgg0PuWwAn7r8a5dZs1E438TzOF-zE_JKpgTp8frp8rxtSnmPZfjuRy5yN1Fy86yN0AYdW37yWLJ1dV72J_gRZ8mAgjV5IKs2maTL8qo9T9IVX64Ttdm9orC8i_z-jskHeO_9OOdUyrU2pfqd4WGshwzx_QeyNKfKOrX16nlo
.thepaperstore.com/ Name: _pin_unauth
Value: dWlkPU1HWmxZek5qTkdRdFkySXpPQzAwTlRObExUaGhabVV0TUdZeU5XRmtOV0ppTVRjNA
.c.bing.com/ Name: SRM_B
Value: 038E34C37DB56E882A1825EF7C3E6FB1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 038E34C37DB56E882A1825EF7C3E6FB1
.c.clarity.ms/ Name: ANONCHK
Value: 0
.liadm.com/ Name: lidid
Value: 5604fff0-7f2d-4e5e-b5aa-19ed5a382c3e
.thepaperstore.com/ Name: _clck
Value: q0vcxv|1|ey4|0
.thepaperstore.com/ Name: _ce.s
Value: v11.rlc~1642184918385~v~2ed530c556017889662dfd926abe7f04dc9d7c9a~vpv~0~ir~1
.thepaperstore.com/ Name: _clsk
Value: rtl84i|1642184918770|1|1|e.clarity.ms/collect
www.pinterest.de/ Name: _pinterest_sess
Value: TWc9PSZDb3ZQUEtHbWpvdDgxZGxYVjc0Nk5lcmxIbTNMSzFqakYrQi9FTkFsaGh3TTZQVjdnZUlmd2xCQXZDT2QvWE8xYnJ0QWFiTStQL0czSmZ3WWIzWTdHTHhCM0ZaTVFTblEvTzZ5TXlId0FzZi8zcGp5b0FGUmNMMXJPOGpxTmFtcCZhbHpESmtXSCtURTRWb0ZjVEV1UzFKbDlmdWM9

9 Console Messages

Source Level URL
Text
network error URL: https://di.rlcdn.com/700272.gif?pdata=cat%3DShopping%2Csubcat%3DShopping-Shopping%20Centers%20and%20Malls
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://www.google.com/_/VerifiedReviewsGcrProxyUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://www.thepaperstore.com/?utm_medium=affiliate&utm_source=47736&utm_campaign=8-11125&utm_content=3839939832&utm_term=156052.8249.0FOF41477952428532742&clickId=3839939832
Message:
Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://www.thepaperstore.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network error URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-2a2d544b2d4ec7ce34a3d93712d945bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773.booknower.com
a.smtrk.net
accounts.google.com
analytics.tiktok.com
api.pushnami.com
apis.google.com
assets-tracking.crazyegg.com
b-code.liadm.com
bat.bing.com
bt.signifyd.com
c.bing.com
c.clarity.ms
c.pepperjamnetwork.com
c.zmags.com
cdn-scripts.signifyd.com
cdn.pushnami.com
clever-redirect.com
connect.facebook.net
container.pepperjam.com
creator.zmags.com
ct.pinterest.com
di.rlcdn.com
e.clarity.ms
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
imgs.signifyd.com
lookandfind.me
pagestates-tracking.crazyegg.com
paramlountplus.com
play.google.com
psp.pushnami.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
script.crazyegg.com
ssl.gstatic.com
stats.g.doubleclick.net
track.flexlinkspro.com
tracking.crazyegg.com
trc.pushnami.com
utkv6nyu.de
w2txo5aafltmbj34snabauybed6vuymummxev5hrcd74471436ac6b6cam1.e.aa.online-metrix.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googlecommerce.com
www.googletagmanager.com
www.gstatic.com
www.pinterest.com
www.pinterest.de
www.pjatr.com
www.thepaperstore.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.111.225.61
104.206.252.90
13.32.99.40
157.90.169.168
172.217.16.130
18.66.112.72
18.66.122.106
18.66.122.74
18.66.97.125
184.30.24.193
185.32.241.65
2.16.186.162
20.62.48.180
2600:1f18:730:b150:54c0:d5f0:3e0a:5e72
2600:9000:225e:4800:8:8845:1500:93a1
2606:4700:10::ac43:1893
2606:4700:3036::6815:1a18
2606:4700::6811:a45c
2606:4700::6813:9408
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200d
2a00:1450:400c:c06::9d
2a02:26f0:6c00:280::1931
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.221.107.253
34.255.166.68
35.244.174.68
5.79.68.104
52.142.114.2
52.222.236.13
52.222.236.90
52.23.126.38
52.41.86.185
52.44.4.227
54.146.217.90
54.200.164.214
78.46.197.88
91.235.132.130
91.235.134.131
00e0911d8b4aa96affa1c6720fea5b3bb4143100523fe0e3117cafecfab75a7e
034ac6c53db77ec1120901f01632f9a275f469eba04e7ba8b8b09c6d8ce875fa
0686179532eb66368df674acf6404eab82e62d7ce718f8d91fe11073615b7adb
07815e78f59731ec91c0e104ff1774ab2828ca01e39a7baa0682617a5162186f
094973a5c51a92f1c4f3d4f513332b4b0b80e02fe2377f81da6e55fbb06c07e3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
143f11039efc88ebcdbeea628e7b1a93c581b68641eca36000990a8a1de6da85
1625baaa1d5bf7baf5ba87e601dd1d92ef25b271b632e5f6442550eb695f8462
171185f6d598ab14601d246e4529aceec042a5d9865bcc65880b0498a4b9fd41
178c968cf4a45f7601172e314455f243a6b46e38aba84fdc6addda4acb245855
1bc76d58428c606299a56b8a9c78e40d8d6634023ff211799d4bb262415c7266
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
2001820d46b4f131fdb2b9d1884df1a457ec9093681476fda4efdeda5b656b42
21045b9290d345c71995dea5600e5d3503b7eddfbd04a6be59e4e0b0f44d9ec2
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2a86338875377dd50899ea9cba2a967860c05bca6e30d4a6569e4f4a2b547f3e
2ec68500856cf690bde16c95f712d69f99614030abcc1c5868fead65f121eb74
2f45d9f8b7e50b4fa6d84b5d636423166a7e0008e6b904e9e8bb04e83a2f47ed
30e50c48d471ed843ef6e4bb7d6900bfa2ca97c1c2afb8f3ce90c5ce03012ae6
32265b887c1925e6b796e410328d3d5f7aa0d5bca610d90e420386366835ebdb
374b4348daa09fea5bfb6f263b1f16d6e418d4052b9e3df5cdbf472ea030c7d9
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
380aa76e18ed26dd45f869c9509e0c05e06718aa733233e27543d0da2b3dbdd7
39c941e1daf079f3502ee7aa775f359985ad1f0f3ad419ebacc57de13305509d
3a3f402cd156e7c5be023250b0b13633c46819e6691cdb8c44f87e945574c3e9
3aa29d1df34f28ec237bf79348805f48a266b64ffbd8f335f48b69bfd9366614
3ba6eaaa5cf6988c9f46c5bc0db4cb4fac910896d2b550d2a9f5c4a5d18b4735
3df0664d13eaa6101c54fd8b28d6c5a1a52f4cd85ca426584e8ae7eaabd1c98f
3f95544529bf5a220675a5144deef8a36863d63b94d13b5408341bbd3229691f
403caf4ad58cf06be4bb602a60c1df055f12a7ed2b5d83b337d0d008d9644762
4a15d9d698a22d8c4779a4bd4048be39daa3c17a2e7696df83d88391fc1a2250
4a328ffe188612830124ce051d21c7ed21652cb54fba61e86d898838881a2e53
4a94c3da6f04f30290273a7e35bc75e10b4f833dce034e59593669be002ef8ba
4b3ae9d1ae8a4a557d509a73b9a5f1da8f46c5b6064b7a79143eb083fe77633b
4d9c02001b90e723ca3d615cac65036ef0f3fddad6e48f040f13bc18d281ba76
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
508a66c35e926f9d9f4ff93d93929964d7cc54237cbb83602c3d6316e2d89e79
527b85627ccc6082e4d8548a1fafef7c8e646ede01353555c3283c6276c8ba93
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5955908348c9dc49badb9b08e2448d49db335f16720edaf1bf6cbe67692129ae
5d804a95e42a2d99455b296d4c1ad392b2026f26ae36d7b0bf88a04d3e135b34
62454d7fa548c6166a9077e1a8a611f136a04e69b41b3a95ce937a24f19c2a85
627453916857e07c6d088ebf09daed01bec0da6f63c0beb096b154b8a3dfc79b
66256a3baa9f45ce6bec201c1d9c0abba5b4c9557d4943d2ffe5f959f5a23395
667fce7aa7cd4f9311b75e0e9c31d515e516f8ab025b6811b3ffdedbd9040881
6731354d99d66f0c4da59bedd8014ff7b161081c5f12ee750e3da8587540228a
686928f7f45f9514923dac117f13ccea2a07e3cd4396c4b266c4a5e8db8cb64f
68836366b192198b806d4cd086671834456ed140fa33eb89223edd2bc177c154
6b8cb0af74cd3ee5ce55d71abea6cbac92ee1d23c08232c8798d25dc9bff8678
6d7cbf5d649cbbd808f0bcc9b33706fd6a61d9bff9c2006316484c4c8829cb4c
6f8236975419115aa9d0533a9c0aac7d84f7fdf728607e813e5106d092406993
732971723fb95eb8f89c55d80388137bf02616f0cedaf1b75c4b2f526a56d26c
77f3d63da5ea26461145c0919156ae6d26751a0a72cdbe8e9c86604465211971
7905ba5b33e92afc617f2eab8b0ca20cf2bcbf459c93ce0758681c23b65d6e86
7bd3b3a759bfd0f69a23dd3aff81745f393899fab6c0158ad082c9ec7b87b86a
7c8fa2cc0ef9c7e948dee90dc0e658070f1163f3a79d8d7d57dac6c2283354d4
7f2703d9d170c07a3f70ad7e9b2ff4945e8d6917c06a7b757caa1a3ddcc070c4
8089110740e914058d8a1b43823abf01a1dbb5940e9ee1ecc92285f8f1a5a50e
80dfa6893e2aa5571ce6190258b2210156f9c5c2ae449ec5ca93342c035c3e17
80ea3345574c7dfdc419da535ebc96a1d7b008474ddcd5029ba80fa764e38f30
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8370c22d04226887c4a098bfe56d88d7eac515330eac8fa632bc69d07b7ea2ed
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
879d7a1d9d649417f86df57e7c319204eeab4bacac76efcf7cdee4d661b791fb
894830c9ff87ceb8bfbddcdc9bcb11c34ec94e1fdbc4d1bec9b63002becd507d
8b47e87d67d24948f07f698641cec81e6ea6d691d81951205877b2518ba5e23a
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94e5b9a7ad03e1a3c5288651f2d2396c033f50129ad50bff9eb4f06aceb88b1a
95168004f3de67e0cc3c8a3f4a075bf032330486a81267447e2e833f15998fc3
954f0341230e30c512cae540b6a1113d2ced82c47a194f86ad4263e94b54f4f6
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
98f02223ea74577d88e4e8c10f16417d11a228a56c4c7052acb27e19fb08c353
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f522ff0c3e1cd93991e183caf9c8d7c2639fd042763af6ede4b4223d9119b9c
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5c90beeba8cdc043ed6d8a02ecad837a4c635d049d024d2e8b3978367b95df1
a85ea540e774d24b3472a92b0e69b48634c76af3a0dfce7d10ed473163285984
aa6006cc2ff1f11d0b8714c8e38d5c49ffe8d972b12c12906b5a5ceafbdd4cea
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
aed3576b81743a2db02123ad79459bae3b8eb49e5371ddccdc3be57d68b49e85
b1e8cb34d3423488fa605b8315dd4ad0edc07d2370426fdbd3379873cf355cca
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b401d1e804e0a5079603c8f74249ae0e2ec2c797703490f3a0c38079cd989027
b5010e11260f708f3b209b8e18626ea518d55bca12650bd0e45d5bda77b64f0a
b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268
b93bea4a18492092dce8907fea7505d3281e401b5b318f74670acca33a0b7df4
bc99b00d980cb9cd51438ff2e7f88511163933aaa59e99b160b0480045e967b6
bd1bce273fbb5c48b2fce8c7ff869df0611490d7a1412a2a42798d61b4cb9651
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c3b4279769c75a3d10ac7a92b1545fb053cbb90cf0acebbe7775b13da3239392
c3bfcab8fb818a258cc527e048aef296f9aaa86acaefd8610cc2de9fa6d2513b
c6412606a5a36257ac3a68b08b0d113c61f3640bcf5cc7a0b85e4d4759a58a22
c7054072f3ad93ca9b624613c2ded39bc710e20ad85c23ffce1d08cade06bb1f
cb77ef9ac861c245f5153a7e63e6ace63d92e1bc5d1b8f208d2be3ca89e72a73
cbbbb8fc38ab31d34a2fefdddad45b2472f0df2c232c61ed8eeb16786041b24d
cd9f90bab8e8d60672dbb6b571a2a12aee9ba9bb33452df87f8c065efd4db12b
d2ad44b5ec2e976124c9091c6d2ed92482ce095bcd705b317e329a92aab2c3a7
d4b535c1aa7c6d6d980b54186bacd1fb5f1bc7f82a295a132dfc4948aed72231
d5df5360850650e6dbe5d1a12372e9bb12bd075bd314a9bcd53a8974a13c4b97
d67ed9d7c7b372670195a3ecc9c46318b2cc932d6da6abd7405bd0f875ffb01a
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dce443a4d0d94e0681c0db5d6ead809cd92cc2a2e1c5fbf02013793b94083ebc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e17857cb74ff8bb8c18929844a2d0ff42bd36dee42113f85a8831ad42ef6eb79
e308b920200e70975a47529366c166d3fa167655d345779e7fa1b8d3c8e737ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e674f56cf90f2886719f7601987d71dc58f9d4bc25274b43722803f551bd74b2
eace0e1b9cac3eeda75f59409b2ac06b3776984b22e7d7d128da3b4a2e7fc4d0
ebd46e103e587451e742bab1965a403c7b3596d84a5c60ed1a50412603cdb5f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f43be4c8dd371c0b209f2ff08b9d094b6f9b7f82f62c39d285e2a8c307cd15b0
f4a381a213261677dbafd582744054f3a0aed8056a48dc4b47714e03a3d4ceef
f68aec9f416247c9d3280ebc20fb04820428f83f518bce1be3a1f240fe8b410e
fba852e6969addb356e0be12a3c18356ad6caa9ce8af6f57eecfb400be466de8
fc4ece4999b11848f8fa1af5ad867844f7ece830155d1ae2bd39d48c5576d325
fc6caf2c72f19ca60dccc592c1774c98315721306cd0a115deff7e9d4eeed3c4
fcc03db6521f41a4f4907bcbd066d04ac91ad8d2c057b77bb3fd88641ccd6897
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8
fe43e47229a63ac6b38a4c9996123680fcadf93d1e5561f6b2e963a48c12b1e0
fef73f3731934f2bbb5d14e80e911ab95c80707fc53031164ff427504123f05d
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ff8aaf070b90debddcd02972406f71433852e8553e07179b5b48b742e650acb3