paperbistro.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 3256 ms crawled 2026-05-19

US · 161.35.7.11 · AS14061 DigitalOcean, LLC

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: PaperBistro.com
Description: PAPER BISTRO is a a great resource for French products including Brause, Clairefontaine, Decopatch, Exacompta, G.Lalo, J. Herbin, and Quo Vadis.
Language: en

Technology

Server: nginx
CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×2
chimpstatic.com×1
www.googletagmanager.com×1

Contact

Email

Address

Paper Bistro120 Elmview AvenueHamburg, NY 14075 USAhelp@paperbistro.com

Registration

Registrar

GoDaddy.com, LLC

Created

2011-02-28

Expires

2028-02-28 648 days left

Updated

2026-02-03

Name servers

ns09.domaincontrol.com
ns10.domaincontrol.com

DNS records live

NS

ns09.domaincontrol.com
ns10.domaincontrol.com

MX

10 paperbistro-com.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication partial

SPF

v=spf1 a mx include:spf.protection.outlook.com include:_spf.elasticemail.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCuaBGbbsftbQ5Ncq4V5XwN+u+s1wHo3mVcoRyT46hgKHFx7MOirhZmNztniTXbvvG9VqhIXY8nJMQ…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/u6/5Dy6XxWxT6Ntbapd5/VLgtwSEXDoWi391YFTI/GuLLag5fXBp2f2hdCiSty1/gRYlOMGsWEsX…

selectors probed

Certificate (current)

R13

from 2026-04-19 to 2026-07-18

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.paperbistro.com/

present

content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing HSTS
missing Content Security Policy
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy-report-only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.fontawesome.com https://fonts.bunny.net *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com

Linked from (1)

exaclair.com×3