urlscan.io logo urlscan.io
SecurityTrails logo

paraquatrights.com Open in urlscan Pro
68.65.121.239  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://web.surteving.com/ls/click/QN5s-BO-12DiA-JL9h7_ib8X1G4WJnIX45JhRZ8lFCzppYI1azcPU4Z-ELp1uM9EyEcp5EUsv5fU56wx41Oizw
Effective URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Submission Tags: falconsandbox
Submission: On April 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 73 HTTP transactions. The main IP is 68.65.121.239, located in Huntingdon, United States and belongs to NAMECHEAP-NET, US. The main domain is paraquatrights.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 11th 2021. Valid for: a year.
This is the only time paraquatrights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    188.114.96.7 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
web.surteving.com
1    104.21.22.12 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.exclusiveon.com
34    68.65.121.239 (Huntingdon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium95-2.web-hosting.com
paraquatrights.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    34.193.254.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-254-175.compute-1.amazonaws.com
tags.srv.stackadapt.com
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    54.162.249.8 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-249-8.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2156:ec00:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
34 paraquatrights.com
paraquatrights.com
624 KB
10 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 22296
cdn.trustedform.com — Cisco Umbrella Rank: 24058
41 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
853 B
6 gstatic.com
fonts.gstatic.com
114 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3894
6 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
57 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
202 KB
2 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 597
ib.adnxs.com — Cisco Umbrella Rank: 248
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
85 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5383
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 4
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
444 B
1 exclusiveon.com
cdn.exclusiveon.com
752 B
1 surteving.com
web.surteving.com
700 B
73 14
Domain Requested by
34 paraquatrights.com cdn.exclusiveon.com
paraquatrights.com
8 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
6 www.facebook.com paraquatrights.com
6 fonts.gstatic.com paraquatrights.com
4 tags.srv.stackadapt.com paraquatrights.com
tags.srv.stackadapt.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net paraquatrights.com
connect.facebook.net
2 cdn.trustedform.com paraquatrights.com
api.trustedform.com
2 www.googletagmanager.com paraquatrights.com
1 www.google.de paraquatrights.com
1 www.google.com paraquatrights.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ib.adnxs.com paraquatrights.com
1 acdn.adnxs.com cdn.exclusiveon.com
1 cdn.exclusiveon.com
1 web.surteving.com 1 redirects
73 16

This site contains links to these domains. Also see Links.

Domain
www.michaeljfox.org
www.iubenda.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
paraquatrights.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-11 -
2022-12-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.trustedform.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Frame ID: 9FDCB7435D1D5405AA81D9156B2CDE9E
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Sentinel Group | Fighting for your rights

Page URL History Show full URLs

  1. https://web.surteving.com/ls/click/QN5s-BO-12DiA-JL9h7_ib8X1G4WJnIX45JhRZ8lFCzppYI1azcPU4Z-ELp1uM9EyEc... HTTP 307
    https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4Cmh... Page URL
  2. https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

99 %
HTTPS

56 %
IPv6

14
Domains

16
Subdomains

16
IPs

5
Countries

1146 kB
Transfer

2662 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://web.surteving.com/ls/click/QN5s-BO-12DiA-JL9h7_ib8X1G4WJnIX45JhRZ8lFCzppYI1azcPU4Z-ELp1uM9EyEcp5EUsv5fU56wx41Oizw HTTP 307
    https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67 Page URL
  2. https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://web.surteving.com/ls/click/QN5s-BO-12DiA-JL9h7_ib8X1G4WJnIX45JhRZ8lFCzppYI1azcPU4Z-ELp1uM9EyEcp5EUsv5fU56wx41Oizw HTTP 307
  • https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
Request Chain 39
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
041fe19055fec6902b6e491e6069cc67
cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/
Redirect Chain
  • https://web.surteving.com/ls/click/QN5s-BO-12DiA-JL9h7_ib8X1G4WJnIX45JhRZ8lFCzppYI1azcPU4Z-ELp1uM9EyEcp5EUsv5fU56wx41Oizw
  • https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
158 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.22.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff0f49bec8b0b7c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 21:25:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU1ljDAzgWtAL%2FZ7WYJYnXeXDRx8EA7JBAEWxD5mjUIdtug2ECK%2Fv1uPSJJkcrTMrP8axY5jKkmQdc%2BfCAX9keWVFmBLWbCs2Izy7WOtEU%2F3svnGPJ9UuJRYDCyNXZU2ISn7QxqK"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff0f49ab831ee50-CDG
content-length
0
date
Wed, 20 Apr 2022 21:25:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhJfEjvE5IcFvD0gxidxZ5Z2SVV46VpiksVoWS2mV7GS63owTm4ZuSkjfazh675%2BRlWtNGfukPvRG9IevDUrzt7Yi0uGcCsuDjxmGgqmidp6%2BE1pDLsHbUWBi5jS1QS4tZEtkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
Primary Request /
paraquatrights.com/ 		186 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Requested by
Host: cdn.exclusiveon.com
URL: https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed / PHP/7.4.29
Resource Hash
dad76bbfd7ac3574cac12471c49a88f273247adf811466ab7edd286610b1b1d8

Request headers

Referer
https://cdn.exclusiveon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Apr 2022 21:26:00 GMT
link
<https://paraquatrights.com/wp-json/>; rel="https://api.w.org/" <https://paraquatrights.com/wp-json/wp/v2/pages/2224>; rel="alternate"; type="application/json" <https://paraquatrights.com/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.29
x-turbo-charged-by
LiteSpeed
surbma-divi-gravity-forms.css
paraquatrights.com/wp-content/plugins/surbma-divi-gravity-forms/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/surbma-divi-gravity-forms/css/surbma-divi-gravity-forms.css?ver=4.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
9ae98b642fd142e2697877ac65634bd71582c3d0ad4b2d07b2eb8ea72e12bcca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:22 GMT
content-encoding
br
last-modified
Sat, 11 Dec 2021 20:28:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1041
expires
Wed, 27 Apr 2022 21:25:22 GMT
et-divi-dynamic-2224-late.css
paraquatrights.com/wp-content/et-cache/2224/ 		5 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/et-cache/2224/et-divi-dynamic-2224-late.css?ver=1649440127
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
19ed78a2ced74758cdbabb942ef37c489c9954270c51677fc2ae24d59d14d87e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:38 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:48:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
799
expires
Wed, 27 Apr 2022 21:25:38 GMT
et-divi-dynamic-2224.css
paraquatrights.com/wp-content/et-cache/2224/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/et-cache/2224/et-divi-dynamic-2224.css?ver=1649440127
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
ee54d5fc4d46e09c704a6cba0ddf308cada165c30493548035419da8bd98b97e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:22 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:48:47 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1222
expires
Wed, 27 Apr 2022 21:25:22 GMT
formreset.min.css
paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/ 		4 KB
559 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:22 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
339
expires
Wed, 27 Apr 2022 21:25:22 GMT
formsmain.min.css
paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/ 		79 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:22 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
11637
expires
Wed, 27 Apr 2022 21:25:22 GMT
readyclass.min.css
paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/ 		30 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:25:22 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3192
expires
Wed, 27 Apr 2022 21:25:22 GMT
browsers.min.css
paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:24:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1048
expires
Wed, 27 Apr 2022 21:24:25 GMT
style.css
paraquatrights.com/wp-content/themes/divi-child/ 		363 B
387 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/themes/divi-child/style.css?ver=4.17.0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
1c99591886e15b9ab6ed8cec41996925620c8da8a92fa07068372e862fabf250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:24:25 GMT
content-encoding
br
last-modified
Sat, 11 Dec 2021 20:28:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
167
expires
Wed, 27 Apr 2022 21:24:25 GMT
jquery.min.js
paraquatrights.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:24:25 GMT
content-encoding
br
last-modified
Sat, 11 Dec 2021 20:28:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
30273
expires
Wed, 27 Apr 2022 21:24:25 GMT
jquery-migrate.min.js
paraquatrights.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:24:25 GMT
content-encoding
br
last-modified
Sat, 11 Dec 2021 20:28:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3995
expires
Wed, 27 Apr 2022 21:24:25 GMT
jquery.json.min.js
paraquatrights.com/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
882
expires
Wed, 27 Apr 2022 21:26:02 GMT
gravityforms.min.js
paraquatrights.com/wp-content/plugins/gravityforms/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
15cb99955010d296ccb1f5ebd676831f1c2efceabda7a859f85337899c756ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
12794
expires
Wed, 27 Apr 2022 21:26:02 GMT
conditional_logic.min.js
paraquatrights.com/wp-content/plugins/gravityforms/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2688
expires
Wed, 27 Apr 2022 21:26:02 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-79313503-3
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7652adf89430495399b875799248e7b247342e0dfe2fb3116a6117349658caff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38680
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 21:26:02 GMT
et-core-unified-deferred-2224.min.css
paraquatrights.com/wp-content/et-cache/2224/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/et-cache/2224/et-core-unified-deferred-2224.min.css?ver=1649440128
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
eb179e1addf2928bc7b0b82ba8c1bafcc38b5f01b498f50e9385d54e5a976487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:24:25 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:48:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
924
expires
Wed, 27 Apr 2022 21:24:25 GMT
tsg-logo-3.png
paraquatrights.com/wp-content/uploads/2019/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2019/03/tsg-logo-3.png
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
a6ec108b47e18db1c5970e5ebc46948a08818dc1f9546ab72362d387ce00a1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Sat, 11 Dec 2021 20:29:06 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15066
expires
Wed, 27 Apr 2022 21:26:02 GMT
TheSentinelGroup_text-logo_405x50.png
paraquatrights.com/wp-content/uploads/2020/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2020/09/TheSentinelGroup_text-logo_405x50.png
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
01145744b16f33963da05acb9cffedbe38912663f21d86e25515dd170322b1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Sat, 11 Dec 2021 20:29:05 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
8726
expires
Wed, 27 Apr 2022 21:26:02 GMT
herbicidespray.jpg
paraquatrights.com/wp-content/uploads/2021/02/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2021/02/herbicidespray.jpg
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c4909a9f92276ac9dab13924498c02767d9b970cb96b2699548953c382b9b926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Sat, 11 Dec 2021 20:29:07 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
117879
expires
Wed, 27 Apr 2022 21:26:02 GMT
parkinsons.jpg
paraquatrights.com/wp-content/uploads/2021/02/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2021/02/parkinsons.jpg
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
41d6938ef581f90dcab505dedbd873603631482b96e9dc04341a56e35d58e0e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Sat, 11 Dec 2021 20:29:07 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
49005
expires
Wed, 27 Apr 2022 21:26:02 GMT
scripts.min.js
paraquatrights.com/wp-content/themes/Divi/js/ 		267 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
641b4869b33bb1e2a8f76b4324a62a3c5ae76d546772df54731406dbad7edaf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:44:11 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
65482
expires
Wed, 27 Apr 2022 21:26:02 GMT
regenerator-runtime.min.js
paraquatrights.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2330
expires
Wed, 27 Apr 2022 21:26:02 GMT
wp-polyfill.min.js
paraquatrights.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6810
expires
Wed, 27 Apr 2022 21:26:02 GMT
dom-ready.min.js
paraquatrights.com/wp-includes/js/dist/ 		1 KB
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Sat, 11 Dec 2021 20:28:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
551
expires
Wed, 27 Apr 2022 21:26:02 GMT
hooks.min.js
paraquatrights.com/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1780
expires
Wed, 27 Apr 2022 21:26:02 GMT
i18n.min.js
paraquatrights.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3811
expires
Wed, 27 Apr 2022 21:26:02 GMT
a11y.min.js
paraquatrights.com/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1069
expires
Wed, 27 Apr 2022 21:26:02 GMT
jquery.maskedinput.min.js
paraquatrights.com/wp-content/plugins/gravityforms/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c949c385f875170b0333f7eea49d43f355b064481822d4aaab2f80ae4cccca41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1720
expires
Wed, 27 Apr 2022 21:26:02 GMT
placeholders.jquery.min.js
paraquatrights.com/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.6.1
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:31:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1604
expires
Wed, 27 Apr 2022 21:26:02 GMT
common.js
paraquatrights.com/wp-content/themes/Divi/core/admin/js/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:44:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
490
expires
Wed, 27 Apr 2022 21:26:02 GMT
gtm.js
www.googletagmanager.com/ 		143 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KK7TM84
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da0b187e123e5abd23332d46606da651cc6e173e29bb3a9ed35016caa991ec8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47501
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 21:26:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
dL3QP5P/EVhc/mzjDtKG4Mzp26asSgwknf8JgJQWGpISOESUeshLCkaKqF0E2IGn0MqidpkbHeURWA+amxUcog==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 20 Apr 2022 21:26:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
tags.srv.stackadapt.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
67eb2e98c95256f3df86d5b4b0dcfbfcb286ea12cae9c4e02e1b1353a56c8149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Apr 2022 21:26:03 GMT
Content-Encoding
gzip
Cache-Control
max-age=30
Content-Length
4430
Connection
keep-alive
Content-Type
text/javascript
pq_header.jpg
paraquatrights.com/wp-content/uploads/2021/02/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2021/02/pq_header.jpg
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
0505b4661bb51d6db77eef18c0102bde8d99d439135b2d642d97f7e329d1bd8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Sat, 11 Dec 2021 20:29:07 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
132067
expires
Wed, 27 Apr 2022 21:26:02 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:00:50 GMT
x-content-type-options
nosniff
age
69912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22096
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 02:00:50 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUhiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUhiZQ.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdd736cea8c6e9f448baccf465a92f6beeb20b0390ef76fed8be661bf912a5e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:53:32 GMT
x-content-type-options
nosniff
age
502350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14908
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:09:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 01:53:32 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:00:49 GMT
x-content-type-options
nosniff
age
69913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22096
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:04:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 02:00:49 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c82197d183592cfb227c9e4e368e428ce9ba45444603dc7441d8ffe045e01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 02:00:50 GMT
x-content-type-options
nosniff
age
69912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21496
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:05:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 02:00:50 GMT
et-divi-dynamic-2224-late.css
paraquatrights.com/wp-content/et-cache/2224/ 		5 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/et-cache/2224/et-divi-dynamic-2224-late.css
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
19ed78a2ced74758cdbabb942ef37c489c9954270c51677fc2ae24d59d14d87e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:48:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
799
expires
Wed, 27 Apr 2022 21:26:02 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Server
2600:9000:2156:ec00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bd093a54ad07df8441c169318a6ae73a788a09a544c858b4af33168685568e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:04 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 15:54:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"2f4dd728e6d403f1f784fd6055a281f6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-version-id
xmDGAENPjJ8V0Gsf5xvzOah9nyVemSgk
x-amz-cf-id
S0-mQzDnnUD-W81X9pcZIUIR7yQDZLKDsYpwQgK1C2F75a9mG9oSbQ==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
date
Wed, 20 Apr 2022 21:26:03 GMT
server
awselb/2.0
content-length
134
content-type
text/html
style.min.css
paraquatrights.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 17:40:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
10549
expires
Wed, 27 Apr 2022 21:26:02 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw3aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw3aXo.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fdad808195e2e2a222e538e9031fb8e44ee602e500236d0be9d704c9e78880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:38:51 GMT
x-content-type-options
nosniff
age
13631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19476
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:12:00 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 17:38:51 GMT
modules.ttf
paraquatrights.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paraquatrights.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
last-modified
Fri, 08 Apr 2022 17:44:10 GMT
server
LiteSpeed
content-type
font/ttf
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
92400
expires
Wed, 27 Apr 2022 21:26:02 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUhiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUhiZQ.woff2
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3bbdfce5db9398c8ddd7760774d27ba447ff4a0d3634482f0e43077810dbcd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paraquatrights.com/
Origin
https://paraquatrights.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 18:17:34 GMT
x-content-type-options
nosniff
age
443308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14912
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:18:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 18:17:34 GMT
724074054796370
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/724074054796370?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
94c014a50cb2e039a9fb44d5f31085438b9b6a91ea09fc1a31f5bc460883fb20
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
9gw0/qcDkA5CX6v5ondAJWlVFs6nbOpa88yR2QByVoblMUjx2jT9n56Sb2Frp3i9nNPEZFQ87CLQTQDvO9h0PA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Apr 2022 21:26:02 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-79313503-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4131
date
Wed, 20 Apr 2022 20:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Apr 2022 22:17:11 GMT
pixie.js
acdn.adnxs.com/dmp/up/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: cdn.exclusiveon.com
URL: https://cdn.exclusiveon.com/ZeFfZOHOGP1R0qMIoPR3HO7xpuo6mWG7S9OAb07cFsCnH3Lm7PO2zTOdqe8NKyaZ8KJif1mG4CmhGEWI2t7tWw~~/62601af1ceac2b46f0408dd6/041fe19055fec6902b6e491e6069cc67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 21:26:02 GMT
Content-Encoding
gzip
Age
56014
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21928-LGA, cache-cdg20732-CDG
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1650489963.893606,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 43754
js
www.google-analytics.com/gtm/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TX5387Z&t=gtag_UA_79313503_3&cid=273718276.1650489962
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b4fd6fc1b143dc7a9eba253bf0cf772f81ffd19ec2692947ee62a1c390a37c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37827
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Apr 2022 21:26:02 GMT
pixie
ib.adnxs.com/ 		42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=e2e05946-2e70-447e-b328-3e1656fd916e&it=1650489962228&v=0.0.20&u=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D62601af1ceac2b46f0408dd6%26clickid%3D650073875%26s1%3D160766&r=https%3A%2F%2Fcdn.exclusiveon.com%2F&st=1650489962227&et=1650489962228&if=0
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 21:26:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1245194117&t=pageview&_s=1&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D62601af1ceac2b46f0408dd6%26clickid%3D650073875%26s1%3D160766&dr=https%3A%2F%2Fcdn.exclusiveon.com%2F&ul=en-us&de=UTF-8&dt=The%20Sentinel%20Group%20%7C%20Fighting%20for%20your%20rights&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAAC~&jid=926235660&gjid=67478765&cid=273718276.1650489962&tid=UA-79313503-3&_gid=413681873.1650489962&_r=1&gtm=2ou4i1&z=1697434230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:26:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paraquatrights.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1547352785566134
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1547352785566134?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1cc97668a1bbe4b0c0ba7647a76559b0f90d55cec5304bf91e68ccc99ab00dbb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
zZmPC+vTh4MFpHaKO9AZ2eOSwSIiODU2UT0fo22J1rN/6YIXNNrrSsHtYi+SYBkB8oNgiYMMqkR44FdfQV0stQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Apr 2022 21:26:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724074054796370&ev=PageView&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D_removed_%26clickid%3D650073875%26s1%3D160766%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%252234b36454cab2e7842c389f7d88ecb7df279e3918cbac07970d4cde496e70f4c8%2522%255D%257D&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1650489962291&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Apr 2022 21:26:03 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-79313503-3&cid=273718276.1650489962&jid=926235660&gjid=67478765&_gid=413681873.1650489962&_u=aGBAAUACQAAAAC~&z=262184057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Apr 2022 21:26:03 GMT
content-type
text/plain
access-control-allow-origin
https://paraquatrights.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-79313503-3&cid=273718276.1650489962&jid=926235660&_u=aGBAAUACQAAAAC~&z=929362809
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:26:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-79313503-3&cid=273718276.1650489962&jid=926235660&_u=aGBAAUACQAAAAC~&z=929362809
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Apr 2022 21:26:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
37b12dfee314c4e3214659bc357a3142a5ff17a47a5350412d2907de91612eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Apr 2022 21:26:03 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Apr 2022 21:26:03 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1547352785566134&ev=PageView&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D_removed_%26clickid%3D650073875%26s1%3D160766%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%252234b36454cab2e7842c389f7d88ecb7df279e3918cbac07970d4cde496e70f4c8%2522%255D%257D&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1650489962522&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 21:26:03 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724074054796370&ev=Lead&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D_removed_%26clickid%3D650073875%26s1%3D160766%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%252234b36454cab2e7842c389f7d88ecb7df279e3918cbac07970d4cde496e70f4c8%2522%255D%257D&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1650489962531&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 21:26:03 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1547352785566134&ev=Lead&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D_removed_%26clickid%3D650073875%26s1%3D160766%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%252234b36454cab2e7842c389f7d88ecb7df279e3918cbac07970d4cde496e70f4c8%2522%255D%257D&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1650489962537&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 21:26:03 GMT
saq_pxl
tags.srv.stackadapt.com/ 		94 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=yIrgihBh8gI6e7vPyWg0Lg&is_js=true&landing_url=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D62601af1ceac2b46f0408dd6%26clickid%3D650073875%26s1%3D160766&t=The%20Sentinel%20Group%20%7C%20Fighting%20for%20your%20rights&host=https://paraquatrights.com&sa_conv_data_css_value=%20%220-91be34a4-1b2d-41b5-7332-d67b412f7a43%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd95d33de330941434941b9208f8aea4cb0c11b0e0a
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.254.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-254-175.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 20 Apr 2022 21:26:03 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://paraquatrights.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
94
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724074054796370&ev=Microdata&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D62601af1ceac2b46f0408dd6%26clickid%3D650073875%26s1%3D160766&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F&if=false&ts=1650489963795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Sentinel%20Group%20%7C%20Fighting%20for%20your%20rights%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 21:26:04 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1547352785566134&ev=Microdata&dl=https%3A%2F%2Fparaquatrights.com%2F%3Fpaid%3D72260%26sid%3D62601af1ceac2b46f0408dd6%26clickid%3D650073875%26s1%3D160766&rl=https%3A%2F%2Fcdn.exclusiveon.com%2F&if=false&ts=1650489964024&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Sentinel%20Group%20%7C%20Fighting%20for%20your%20rights%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1650489962286.1062125452&it=1650489962102&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Apr 2022 21:26:04 GMT
certs
api.trustedform.com/ 		494 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e684023860e912abf30de3e281affe390f0d7409bf32a7da1872beda9ef80069

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Apr 2022 21:26:10 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
494
trustedform-1.8.25.js
cdn.trustedform.com/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.25.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16504899620510.3844769634086067&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ec00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
539370a53062290c27381455bca190bdc3393e4cf05c1c209d9918c04b3b8113

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
ncq7Grq.1TnIfSjpPv4CQzKQBE7rNrXZ
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 15:54:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"6b8ac018137a9fc6bb5f3e697585586a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
date
Wed, 20 Apr 2022 21:26:10 GMT
x-amz-cf-id
2UGpz0q3cMoWfa2K3riToYgIFjVK_Q7de8gr7eMMgcNOlWRVvv3eBw==
snapshot
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
fingerprints
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
text/javascript
events
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
events
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
tsg-logo-3.png
paraquatrights.com/wp-content/uploads/2019/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paraquatrights.com/wp-content/uploads/2019/03/tsg-logo-3.png
Requested by
Host: paraquatrights.com
URL: https://paraquatrights.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.65.121.239 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium95-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
a6ec108b47e18db1c5970e5ebc46948a08818dc1f9546ab72362d387ce00a1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paraquatrights.com/?paid=72260&sid=62601af1ceac2b46f0408dd6&clickid=650073875&s1=160766
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 21:26:21 GMT
last-modified
Sat, 11 Dec 2021 20:29:06 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15066
expires
Wed, 27 Apr 2022 21:26:21 GMT
events
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
events
api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/8dc6d1f6e828116a03c898fbfe4e2d1d7cd6bad1/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.249.8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-249-8.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paraquatrights.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 20 Apr 2022 21:26:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| gform function| jQuery function| $ object| gf_global object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_legacy function| gtag object| dataLayer function| fbq function| _fbq function| saq function| _saq object| et_animation_data object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pixie object| gaplugins object| gaGlobal object| gaData object| google_optimize object| res string| current_window_url_param object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders string| et_location_hash function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| gf_form_conditional_logic string| gf_number_format function| do_callback function| et_pb_init_woo_custom_button_icon string| waypointContextKey

9 Cookies

Domain/Path Name / Value
.exclusiveon.com/ Name: uid6642
Value: 650073875-20220420172558-44d3def81b7f81f69bf8adb622ccebdf-
.paraquatrights.com/ Name: _gcl_au
Value: 1.1.2011269833.1650489962
.paraquatrights.com/ Name: _ga
Value: GA1.2.273718276.1650489962
.paraquatrights.com/ Name: _gid
Value: GA1.2.413681873.1650489962
.paraquatrights.com/ Name: _gat_gtag_UA_79313503_3
Value: 1
.paraquatrights.com/ Name: _fbp
Value: fb.1.1650489962286.1062125452
.facebook.com/ Name: fr
Value: 0N6XYw9x4vAMHDhMw..BiYHpr...1.0.BiYHpr.
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-91be34a4-1b2d-41b5-7332-d67b412f7a43.PEcA%2F0%2BdJTIk0ZnRBW2EKOvhhwkNbkIOK0TgeBJzAPE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Akb40pBstQbVzMtZ7QS96Q8EbDgo.W766bRXwgmV7iDCcikE1NXG98ZnEWMFfS4DDAQRjDJY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
api.trustedform.com
cdn.exclusiveon.com
cdn.trustedform.com
connect.facebook.net
fonts.gstatic.com
ib.adnxs.com
paraquatrights.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
web.surteving.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.21.22.12
151.101.129.108
185.33.221.52
188.114.96.7
2600:9000:2156:ec00:1c:7f1a:6680:93a1
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.193.254.175
54.162.249.8
68.65.121.239
01145744b16f33963da05acb9cffedbe38912663f21d86e25515dd170322b1f4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03fdad808195e2e2a222e538e9031fb8e44ee602e500236d0be9d704c9e78880
0505b4661bb51d6db77eef18c0102bde8d99d439135b2d642d97f7e329d1bd8d
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0b4fd6fc1b143dc7a9eba253bf0cf772f81ffd19ec2692947ee62a1c390a37c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15cb99955010d296ccb1f5ebd676831f1c2efceabda7a859f85337899c756ac2
19ed78a2ced74758cdbabb942ef37c489c9954270c51677fc2ae24d59d14d87e
1c99591886e15b9ab6ed8cec41996925620c8da8a92fa07068372e862fabf250
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1cc97668a1bbe4b0c0ba7647a76559b0f90d55cec5304bf91e68ccc99ab00dbb
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
37b12dfee314c4e3214659bc357a3142a5ff17a47a5350412d2907de91612eb6
3a1072fc5e60a404c249f32eef7ebbeec0722a2fc6ecce393926a39ba8075293
3bd093a54ad07df8441c169318a6ae73a788a09a544c858b4af33168685568e8
41d6938ef581f90dcab505dedbd873603631482b96e9dc04341a56e35d58e0e1
539370a53062290c27381455bca190bdc3393e4cf05c1c209d9918c04b3b8113
641b4869b33bb1e2a8f76b4324a62a3c5ae76d546772df54731406dbad7edaf2
67eb2e98c95256f3df86d5b4b0dcfbfcb286ea12cae9c4e02e1b1353a56c8149
6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
7652adf89430495399b875799248e7b247342e0dfe2fb3116a6117349658caff
7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91c82197d183592cfb227c9e4e368e428ce9ba45444603dc7441d8ffe045e01c
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
94c014a50cb2e039a9fb44d5f31085438b9b6a91ea09fc1a31f5bc460883fb20
9ae98b642fd142e2697877ac65634bd71582c3d0ad4b2d07b2eb8ea72e12bcca
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a6ec108b47e18db1c5970e5ebc46948a08818dc1f9546ab72362d387ce00a1de
b3bbdfce5db9398c8ddd7760774d27ba447ff4a0d3634482f0e43077810dbcd1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdd736cea8c6e9f448baccf465a92f6beeb20b0390ef76fed8be661bf912a5e4
c4909a9f92276ac9dab13924498c02767d9b970cb96b2699548953c382b9b926
c949c385f875170b0333f7eea49d43f355b064481822d4aaab2f80ae4cccca41
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
da0b187e123e5abd23332d46606da651cc6e173e29bb3a9ed35016caa991ec8a
dad76bbfd7ac3574cac12471c49a88f273247adf811466ab7edd286610b1b1d8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e684023860e912abf30de3e281affe390f0d7409bf32a7da1872beda9ef80069
eb179e1addf2928bc7b0b82ba8c1bafcc38b5f01b498f50e9385d54e5a976487
ee54d5fc4d46e09c704a6cba0ddf308cada165c30493548035419da8bd98b97e
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e