yourparaquatclaim.com Open in urlscan Pro
54.177.109.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.yourparaquatclaim.com/
Effective URL:
https://yourparaquatclaim.com/
Submission: On August 12 via automatic, source certstream-suspicious (August 12th 2021, 4:50:13 pm UTC)

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 54.177.109.105, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is yourparaquatclaim.com.
TLS certificate: Issued by R3 on August 12th 2021. Valid for: 3 months.

This is the only time yourparaquatclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	54.177.109.105 54.177.109.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	3.210.50.67 3.210.50.67	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:205... 2600:9000:2057:1600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
6	107.20.149.137 107.20.149.137	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.72 143.204.101.72	16509 (AMAZON-02) (AMAZON-02)
1	35.175.13.165 35.175.13.165	14618 (AMAZON-AES) (AMAZON-AES)
27	9

12 54.177.109.105 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-109-105.us-west-1.compute.amazonaws.com

www.yourparaquatclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yourparaquatclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.210.50.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-50-67.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.20.149.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-149-137.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-72.fra50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.13.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-13-165.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	yourparaquatclaim.com 1 redirects www.yourparaquatclaim.com yourparaquatclaim.com	605 KB
7	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	25 KB
6	leadid.com create.leadid.com	2 KB
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com	39 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
27	7

	Domain	Requested by
11	yourparaquatclaim.com	yourparaquatclaim.com cdn.trustedform.com
6	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	cdn.trustedform.com	yourparaquatclaim.com api.trustedform.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	yourparaquatclaim.com
1	www.googletagmanager.com	yourparaquatclaim.com
1	www.yourparaquatclaim.com	1 redirects
27	9

This site contains links to these domains. Also see Links.

Domain
www.ncbi.nlm.nih.gov

Subject Issuer	Validity	Valid
yourparaquatclaim.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2021-04-30` - `2022-04-29`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh
create.leadid.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.trustedform.com Amazon	`2020-11-11` - `2021-12-10`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://yourparaquatclaim.com/
Frame ID: 72238C299E2310D2EBAB988D24BA7658
Requests: 25 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Frame ID: ED1F4F276FB49F12495C2B70A013C21B
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Frame ID: 3EA58E1B3E2B1305EA1573E13C795917
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.yourparaquatclaim.com/ HTTP 301
https://yourparaquatclaim.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

709 kB
Transfer

1048 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3114824/
Title: 1. 2011 NIH Study

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.yourparaquatclaim.com/ HTTP 301
https://yourparaquatclaim.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
yourparaquatclaim.com/
Redirect Chain

https://www.yourparaquatclaim.com/
https://yourparaquatclaim.com/

68 KB
17 KB

355ms
342ms

Document
text/html

54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d84aa1ac50d9fd035995d8a31e50a074881e2a0a03be93fbd4c8c9429439a7c7

Request headers

:method: GET
:authority: yourparaquatclaim.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 12 Aug 2021 16:49:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 12 Aug 2021 16:49:53 GMT
content-type: text/html
content-length: 178
location: https://yourparaquatclaim.com/

GET
H2 200 nib-logo-white.png
yourparaquatclaim.com/assets/images/ 12 KB
12 KB 168ms
168ms Image
image/png 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/images/nib-logo-white.png
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c826a5b91eda7c962b0fc8dae6b1f04b5abc7d4bd43cd01defe1eac5ccd16c1b

Request headers

:path: /assets/images/nib-logo-white.png
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
last-modified: Wed, 27 Jan 2021 15:41:43 GMT
server: nginx
accept-ranges: bytes
etag: "601189b7-2e32"
content-length: 11826
content-type: image/png

GET
H2 200 spray-orange-min.jpg
yourparaquatclaim.com/assets/paraquat/images/ 65 KB
65 KB 171ms
171ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/paraquat/images/spray-orange-min.jpg
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4eb350761bb04f9242a3c0f66ba657c8f1c3a09321d57d9d2f4b81f3378ba162

Request headers

:path: /assets/paraquat/images/spray-orange-min.jpg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
last-modified: Thu, 29 Apr 2021 23:49:32 GMT
server: nginx
accept-ranges: bytes
etag: "608b460c-104cb"
content-length: 66763
content-type: image/jpeg

GET
H2 200 2.jpeg
yourparaquatclaim.com/assets/zantac/images/ 62 KB
62 KB 485ms
484ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/zantac/images/2.jpeg
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0e0e7e8944ed3e933e2dace0a54bbeca4b41e7835bc1f6e9d57b279ded3940c8

Request headers

:path: /assets/zantac/images/2.jpeg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
last-modified: Wed, 27 Jan 2021 15:41:43 GMT
server: nginx
accept-ranges: bytes
etag: "601189b7-f91d"
content-length: 63773
content-type: image/jpeg

GET
H2 200 attorney-min.jpg
yourparaquatclaim.com/assets/trafficking/images/ 44 KB
44 KB 486ms
485ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/trafficking/images/attorney-min.jpg
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 351d3eb4dd240b6dbb7393ac96e7fe2757dc06006f33c0990dbbc5a4812c0c0e

Request headers

:path: /assets/trafficking/images/attorney-min.jpg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
last-modified: Thu, 29 Apr 2021 23:49:32 GMT
server: nginx
accept-ranges: bytes
etag: "608b460c-b0e0"
content-length: 45280
content-type: image/jpeg

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 53ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7P8GR7

Requested by

Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d075204ef71bf0ab5dc83b83fc0473a0d8414d5df6892ac10a8d5920914159f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33809
x-xss-protection: 0
expires: Thu, 12 Aug 2021 16:49:54 GMT

GET
H2 200 inputmask.min.js Show response
yourparaquatclaim.com/assets/js/ 144 KB
33 KB 485ms
485ms Script
application/javascript 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yourparaquatclaim.com/assets/js/inputmask.min.js
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: faa8cc6d38f3f92202381c6dfc27711babef42a16b7c3ac6841710de3d2f6d6e

Request headers

:path: /assets/js/inputmask.min.js
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 15:41:43 GMT
server: nginx
etag: W/"601189b7-2406b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 0f1079a9-9aa6-a5eb-2774-38847e374a61.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 429ms
401ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ca3b5a90cc5a979fa4e28fe01aaea03a6d07cf712c925464bdbaa24c678323

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 25 May 2021 13:06:09 GMT
server: cloudflare
x-amz-request-id: R6H6P9GWAEQ35ZNP
etag: W/"06e6ecd3e7342d2e1cf2cb91aa0304ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 67db331aadcc64fd-FRA
x-amz-version-id: 3NaoXhE1vJiigvVXxpNALPuG3o7vDS6L
x-amz-id-2: x0BvkIeljlVUT3N6urzytvcYhNLZUrJQHVRA7l7YQmz0pOTyCGMVGmU3EsbdzNrkWuifoClX0c4=

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false

6 KB
2 KB

167ms
133ms

Script
application/javascript

2600:9000:2057:1600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d64cd2a2d9d7375741b3e03872979b0e2b2314e7e044c8f9d9d85196996db2b

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:06:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"1189a02511a7d28dbfd6a239803beb7d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id: CcfKjXhpfA6so_GZbZ9MsTNvS0aaRNh8
x-amz-cf-id: --1BtrzvPFMx99nunpCJnbl54EXXbGphm0aDxmPqDybcqkMM-uAqEA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false
date: Thu, 12 Aug 2021 16:49:54 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 the-future-is-now-2step-min.jpg
yourparaquatclaim.com/assets/paraquat/images/ 187 KB
187 KB 479ms
478ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/paraquat/images/the-future-is-now-2step-min.jpg
Requested by: Host: yourparaquatclaim.com
URL: https://yourparaquatclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e5ae1efb8613644c56f4b4f7a338bbbeae49e04616708dfa6d3f6dbc1744ee45

Request headers

:path: /assets/paraquat/images/the-future-is-now-2step-min.jpg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:54 GMT
last-modified: Thu, 29 Apr 2021 23:49:32 GMT
server: nginx
accept-ranges: bytes
etag: "608b460c-2ebe9"
content-length: 191465
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0e400da698f2424fbf4635aa7b8bae4397a09be26b37cfe1985476021e2a0f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.7/ 36 B
335 B 370ms
157ms XHR
text/plain 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=e6ad7aa7-10de-495e-bcf2-8fc76a9a02ac&_=943150434
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 6ceefcef2be97928e22819811fd99ea9914f239a1533340d3124147410347413

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 314ms
105ms XHR
application/json 3.210.50.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.50.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-50-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: c7602e2ec84b10bb4ea1e43964cc565d57b5d6ddb214bfd7f4c4935973633b85

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.5.0.js Show response
cdn.trustedform.com/ 62 KB
22 KB 14ms
14ms Script
application/javascript 2600:9000:2057:1600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form_cert_id&l=16287869943150.259160501491541&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82da597ce612ccfd263fa7b6babfb62fb537c9e0f7cf92cacb6687ff83de23d

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CYNRkRa_YZlZQKznEvBRwaMHCxDzEdk5
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:03:30 GMT
server: AmazonS3
age: 24
etag: W/"fc9867a18bbcc14502533bba9ff83d2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date: Thu, 12 Aug 2021 16:49:45 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uwml_NogX1ziIc6LbPHe91mT7-qzK9S5Zn5tHLmxVt-yE-NJTkZnlg==

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame ED1F 3 KB
2 KB 57ms
14ms Document
text/html 143.204.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-72.fra50.r.cloudfront.net
Software: nginx/1.17.6 /
Resource Hash: 4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://yourparaquatclaim.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://yourparaquatclaim.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 12 Aug 2021 14:09:04 GMT
Server: nginx/1.17.6
Last-Modified: Thu, 12 Aug 2021 12:40:25 GMT
ETag: W/"611516b9-da5"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: txgUidHrntIupTBJ0j-J-EJ6fIBWHYciJfORgO-rbiyzdBerGn3I7A==
Age: 9651

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.7/ 0
298 B 113ms
113ms XHR
text/plain 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=e6ad7aa7-10de-495e-bcf2-8fc76a9a02ac&token=D77B6EF8-DF55-8358-8F4A-70133CC06505&_=943150435
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 124ms
124ms XHR
text/plain 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=e6ad7aa7-10de-495e-bcf2-8fc76a9a02ac&token=D77B6EF8-DF55-8358-8F4A-70133CC06505&_=943150436
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 snapshot Show response
api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/ 0
159 B 201ms
201ms XHR
text/plain 3.210.50.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.50.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-50-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Aug 2021 16:49:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 nib-logo-white.png
yourparaquatclaim.com/assets/images/ 12 KB
12 KB 167ms
166ms Image
image/png 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/images/nib-logo-white.png
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c826a5b91eda7c962b0fc8dae6b1f04b5abc7d4bd43cd01defe1eac5ccd16c1b

Request headers

:path: /assets/images/nib-logo-white.png
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1; leadid_token-1AF8D833-824B-F210-9B13-8B20DA7C6C42-0F1079A9-9AA6-A5EB-2774-38847E374A61=D77B6EF8-DF55-8358-8F4A-70133CC06505
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
last-modified: Wed, 27 Jan 2021 15:41:43 GMT
server: nginx
accept-ranges: bytes
etag: "601189b7-2e32"
content-length: 11826
content-type: image/png

GET
H2 200 spray-orange-min.jpg
yourparaquatclaim.com/assets/paraquat/images/ 65 KB
65 KB 167ms
167ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/paraquat/images/spray-orange-min.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4eb350761bb04f9242a3c0f66ba657c8f1c3a09321d57d9d2f4b81f3378ba162

Request headers

:path: /assets/paraquat/images/spray-orange-min.jpg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1; leadid_token-1AF8D833-824B-F210-9B13-8B20DA7C6C42-0F1079A9-9AA6-A5EB-2774-38847E374A61=D77B6EF8-DF55-8358-8F4A-70133CC06505
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
last-modified: Thu, 29 Apr 2021 23:49:32 GMT
server: nginx
accept-ranges: bytes
etag: "608b460c-104cb"
content-length: 66763
content-type: image/jpeg

GET
H2 200 2.jpeg
yourparaquatclaim.com/assets/zantac/images/ 62 KB
62 KB 169ms
168ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/zantac/images/2.jpeg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0e0e7e8944ed3e933e2dace0a54bbeca4b41e7835bc1f6e9d57b279ded3940c8

Request headers

:path: /assets/zantac/images/2.jpeg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1; leadid_token-1AF8D833-824B-F210-9B13-8B20DA7C6C42-0F1079A9-9AA6-A5EB-2774-38847E374A61=D77B6EF8-DF55-8358-8F4A-70133CC06505
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
last-modified: Wed, 27 Jan 2021 15:41:43 GMT
server: nginx
accept-ranges: bytes
etag: "601189b7-f91d"
content-length: 63773
content-type: image/jpeg

GET
H2 200 attorney-min.jpg
yourparaquatclaim.com/assets/trafficking/images/ 44 KB
44 KB 170ms
170ms Image
image/jpeg 54.177.109.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourparaquatclaim.com/assets/trafficking/images/attorney-min.jpg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.177.109.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-109-105.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 351d3eb4dd240b6dbb7393ac96e7fe2757dc06006f33c0990dbbc5a4812c0c0e

Request headers

:path: /assets/trafficking/images/attorney-min.jpg
pragma: no-cache
cookie: PHPSESSID=k6os1oo5nvjkskicj5m7eopgp1; leadid_token-1AF8D833-824B-F210-9B13-8B20DA7C6C42-0F1079A9-9AA6-A5EB-2774-38847E374A61=D77B6EF8-DF55-8358-8F4A-70133CC06505
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: yourparaquatclaim.com
referer: https://yourparaquatclaim.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
last-modified: Thu, 29 Apr 2021 23:49:32 GMT
server: nginx
accept-ranges: bytes
etag: "608b460c-b0e0"
content-length: 45280
content-type: image/jpeg

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/ 0
159 B 198ms
198ms XHR
text/plain 3.210.50.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.50.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-50-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Aug 2021 16:49:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 3EA5 4 KB
2 KB 306ms
100ms Document
text/html 35.175.13.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.13.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-13-165.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method: GET
:authority: deviceid.trueleadid.com
:scheme: https
:path: /iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-type: text/html
server: nginx
last-modified: Wed, 02 Jun 2021 23:45:54 GMT
etag: W/"60b81832-1049"
expires: Fri, 13 Aug 2021 16:49:55 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 105ms
105ms XHR
text/plain 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=4&pid=e6ad7aa7-10de-495e-bcf2-8fc76a9a02ac&token=D77B6EF8-DF55-8358-8F4A-70133CC06505&_=943150437
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.7/ Frame 3EA5 0
302 B 298ms
100ms Script
text/javascript 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&methods=16&token=D77B6EF8-DF55-8358-8F4A-70133CC06505&uuid=399f6baa079545a58ba70c7e8d06e0a0
Requested by: Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D77B6EF8-DF55-8358-8F4A-70133CC06505&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=0F1079A9-9AA6-A5EB-2774-38847E374A61&lac=1AF8D833-824B-F210-9B13-8B20DA7C6C42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:49:55 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 364ms
262ms XHR
text/plain 107.20.149.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=5&pid=e6ad7aa7-10de-495e-bcf2-8fc76a9a02ac&token=D77B6EF8-DF55-8358-8F4A-70133CC06505&_=943150438
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/0f1079a9-9aa6-a5eb-2774-38847e374a61.js?snippet_version=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.149.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-149-137.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 12 Aug 2021 16:49:56 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/ 0
159 B 105ms
105ms XHR
text/plain 3.210.50.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/ce5eaa2707fa5879209112a61de05bc8d1b5af2c/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.50.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-50-67.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yourparaquatclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 12 Aug 2021 16:49:56 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			yourparaquatclaim.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: k6os1oo5nvjkskicj5m7eopgp1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
www.googletagmanager.com
www.yourparaquatclaim.com
yourparaquatclaim.com
107.20.149.137
143.204.101.72
2600:9000:2057:1600:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2a00:1450:4001:827::2008
3.210.50.67
35.175.13.165
54.177.109.105
0e0e7e8944ed3e933e2dace0a54bbeca4b41e7835bc1f6e9d57b279ded3940c8
20ca3b5a90cc5a979fa4e28fe01aaea03a6d07cf712c925464bdbaa24c678323
351d3eb4dd240b6dbb7393ac96e7fe2757dc06006f33c0990dbbc5a4812c0c0e
4d64cd2a2d9d7375741b3e03872979b0e2b2314e7e044c8f9d9d85196996db2b
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
4eb350761bb04f9242a3c0f66ba657c8f1c3a09321d57d9d2f4b81f3378ba162
5d075204ef71bf0ab5dc83b83fc0473a0d8414d5df6892ac10a8d5920914159f
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6b0e400da698f2424fbf4635aa7b8bae4397a09be26b37cfe1985476021e2a0f
6ceefcef2be97928e22819811fd99ea9914f239a1533340d3124147410347413
c7602e2ec84b10bb4ea1e43964cc565d57b5d6ddb214bfd7f4c4935973633b85
c826a5b91eda7c962b0fc8dae6b1f04b5abc7d4bd43cd01defe1eac5ccd16c1b
c82da597ce612ccfd263fa7b6babfb62fb537c9e0f7cf92cacb6687ff83de23d
d84aa1ac50d9fd035995d8a31e50a074881e2a0a03be93fbd4c8c9429439a7c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ae1efb8613644c56f4b4f7a338bbbeae49e04616708dfa6d3f6dbc1744ee45
faa8cc6d38f3f92202381c6dfc27711babef42a16b7c3ac6841710de3d2f6d6e

yourparaquatclaim.com Open in urlscan Pro 54.177.109.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

38 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

709 kBTransfer

1048 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yourparaquatclaim.com Open in urlscan Pro
54.177.109.105 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

709 kB
Transfer

1048 kB
Size

1
Cookies

27 HTTP transactions
1 data transactions