Submitted URL: http://paridirect.com/
Effective URL: https://www.paridirect.com/
Submission: On May 21 via manual from RO — Scanned from DE

Summary

This website contacted 25 IPs in 7 countries across 18 domains to perform 78 HTTP transactions. The main IP is 65.9.95.126, located in United States and belongs to AMAZON-02, US. The main domain is www.paridirect.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 2nd 2023. Valid for: a year.
This is the only time www.paridirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.196.75 13335 (CLOUDFLAR...)
30 65.9.95.126 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 40.80.87.48 8075 (MICROSOFT...)
13 151.101.66.137 54113 (FASTLY)
1 65.9.95.45 16509 (AMAZON-02)
2 151.101.65.44 54113 (FASTLY)
1 65.9.99.119 16509 (AMAZON-02)
1 104.18.24.215 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:212... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 65.9.95.21 16509 (AMAZON-02)
1 82.145.213.12 39832 (NO-OPERA)
2 65.9.95.30 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 65.9.95.111 16509 (AMAZON-02)
1 172.66.43.137 13335 (CLOUDFLAR...)
1 15.197.193.217 16509 (AMAZON-02)
2 52.30.168.169 16509 (AMAZON-02)
1 34.100.200.45 396982 (GOOGLE-CL...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 16.182.73.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
78 25
Apex Domain
Subdomains
Transfer
31 paridirect.com
paridirect.com
www.paridirect.com
2 MB
13 aglty.io
cdn.aglty.io — Cisco Umbrella Rank: 582859
302 KB
9 kapturecrm.com
selfserveapp.kapturecrm.com
in.kapturecrm.com
316 KB
3 iconvert.network
cdn.iconvert.network
18 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1034
trc.taboola.com — Cisco Umbrella Rank: 748
trc-events.taboola.com — Cisco Umbrella Rank: 2557
23 KB
3 retainly.app
cdn.retainly.app
track.retainly.app
118 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
2 opera.com
res-odx.op-mobile.opera.com — Cisco Umbrella Rank: 140196
px.adx.opera.com — Cisco Umbrella Rank: 125434
30 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1370
insight.adsrvr.org — Cisco Umbrella Rank: 691
5 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 988
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
171 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 amazonaws.com
kapture-email-attachments.s3.amazonaws.com — Cisco Umbrella Rank: 784973
5 KB
1 velisports.com
launcher.velisports.com
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2775
232 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
256 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
27 KB
78 18
Domain Requested by
30 www.paridirect.com www.paridirect.com
13 cdn.aglty.io www.paridirect.com
8 selfserveapp.kapturecrm.com www.paridirect.com
selfserveapp.kapturecrm.com
3 cdn.iconvert.network www.googletagmanager.com
www.paridirect.com
cdn.iconvert.network
2 track.retainly.app
2 connect.facebook.net www.paridirect.com
connect.facebook.net
2 www.googletagmanager.com www.paridirect.com
www.googletagmanager.com
1 fonts.gstatic.com selfserveapp.kapturecrm.com
1 kapture-email-attachments.s3.amazonaws.com
1 trc-events.taboola.com www.paridirect.com
1 in.kapturecrm.com www.paridirect.com
1 insight.adsrvr.org js.adsrvr.org
1 launcher.velisports.com www.paridirect.com
1 vc.hotjar.io www.paridirect.com
1 www.facebook.com www.paridirect.com
1 trc.taboola.com cdn.taboola.com
1 px.adx.opera.com www.paridirect.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 res-odx.op-mobile.opera.com www.paridirect.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.retainly.app www.paridirect.com
1 cdnjs.cloudflare.com www.paridirect.com
1 paridirect.com 1 redirects
78 26

This site contains no links.

Subject Issuer Validity Valid
www.paridirect.com
Amazon RSA 2048 M02
2023-10-02 -
2024-10-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
retainly.app
GTS CA 1P5
2024-05-12 -
2024-08-10
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.kapturecrm.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-07 -
2025-01-06
a year crt.sh
*.aglty.io
R3
2024-05-04 -
2024-08-02
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03
2024-02-07 -
2025-03-08
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
res-odx.op-mobile.opera.com
E1
2024-04-25 -
2024-07-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-28 -
2024-05-28
3 months crt.sh
cdn.iconvert.network
Amazon RSA 2048 M03
2023-11-29 -
2024-12-27
a year crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-22 -
2024-06-20
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh
velisports.com
E1
2024-04-24 -
2024-07-23
3 months crt.sh
track.retainly.app
R3
2024-04-13 -
2024-07-12
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.paridirect.com/
Frame ID: 98216B91C2AB90DB137DCB20C4191470
Requests: 76 HTTP requests in this frame

Frame: https://launcher.velisports.com/api/v1/integration/iframe?partnerId=2&languageId=fr&isForMobile=true&isCashier=0&currencyCode=XAF
Frame ID: 5533F20E8FD4C218F99F6A598DC1FF16
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=wu1x7g4&ref=https%3A%2F%2Fwww.paridirect.com%2F&upid=n5xz9jl&upv=1.1.0
Frame ID: 9E85C3D601C019E52911AB8C61BBEC27
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Paridirect | Paris sportifs et casino, les meilleurs paris et bonus en ligne

Page URL History Show full URLs

  1. http://paridirect.com/ HTTP 307
    https://paridirect.com/ HTTP 301
    https://www.paridirect.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

100 %
HTTPS

27 %
IPv6

18
Domains

26
Subdomains

25
IPs

7
Countries

3639 kB
Transfer

6127 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paridirect.com/ HTTP 307
    https://paridirect.com/ HTTP 301
    https://www.paridirect.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.paridirect.com/
Redirect Chain
  • http://paridirect.com/
  • https://paridirect.com/
  • https://www.paridirect.com/
474 KB
140 KB
Document
General
Full URL
https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/
Resource Hash
e94f23c436abe72c946eb52f24588bd65fae498e2cb4e5f1a8855ef8fd8cede7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
none
content-encoding
gzip
content-length
142645
content-type
text/html; charset=utf-8
date
Tue, 21 May 2024 13:43:50 GMT
etag
"767c5-6goW+0gTI8rAt7Mn4KgJH3Yi2ak"
vary
Accept-Encoding
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amz-cf-id
Dz-TttQt0cSePLDvp-UCGQv62HA9YWuaXEgi3aN3gQHF0FEdymbcow==
x-amz-cf-pop
PRG50-C1
x-amzn-requestid
a42e4b4c-a58c-4c5a-ace4-80d10bff9c1a
x-amzn-trace-id
root=1-664ca515-572d3ac75b6f65f36b460fc3;parent=3b60a44ea59af2cc;sampled=0;lineage=0cf0b37c:0
x-cache
Miss from cloudfront

Redirect headers

cache-control
max-age=3600
cf-ray
8874ff667c8b4d3a-FRA
content-length
167
content-type
text/html
date
Tue, 21 May 2024 13:43:49 GMT
expires
Tue, 21 May 2024 14:43:49 GMT
location
https://www.paridirect.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbuY8kA9piRcYZ1Wn9RGpFGgrArFUNlQO6TazFB11bYtp%2FQRPCktT0ir%2FE47L8Yl7ZWvnQtEX0do80GMyaRL2oMIiBqilEviaM%2F%2B0TkemvuJoVMxAUcQs1Jw%2BWt1lj2Ndg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
fontello.woff
www.paridirect.com/fonts/Fontello/
8 KB
8 KB
Font
General
Full URL
https://www.paridirect.com/fonts/Fontello/fontello.woff
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c32be09fbae57950594a2abb6a0e5480f0734663ae0b6c2f54b60b8ff07c484

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Origin
https://www.paridirect.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 03:39:46 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 10:40:41 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
36245
x-amz-server-side-encryption
AES256
etag
"6e36b0d275e3340543060b2f8ebaac48"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
7856
x-amz-cf-id
y4pF1UgBolv_rUqlS2YpEa7pWHI89tQ6GKjTsUc5SK7UFgmR0u7rIg==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
636876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27192
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhougKNKagbiLx34PVcfn0ctfpnt9lsWJ13rbKduaWEIQ%2FSxBFF1qr3u8ybkSl8BWfLT%2BcK2LaCowgUZukjpTcOqCtwbVsddXyzpvsGmmM6j68GJiSPymzdIK1Oon3Eqswt07P8l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8874ff6f89d52c6b-FRA
expires
Sun, 11 May 2025 13:43:50 GMT
track.js
cdn.retainly.app/
433 KB
117 KB
Script
General
Full URL
https://cdn.retainly.app/track.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e021122071a8fdaf7766f579efe607c049dc2ef2bc439f4d8c74aa5b3a84107

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
x-amz-version-id
ul2bAWbVPe4ROkhH6zdFVQjVgRyRBtYK
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
90KXPSEF6TBVTZBB
x-amz-server-side-encryption
AES256
content-disposition
inline
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JINFmzRac/bG087rWTYdBySoBsuCnN1nCNOvy1bcTFVVAlqABl/B5mZ2Fe7R6qZ5BSqaub/lzmjLnkIHTune7g==
last-modified
Tue, 30 Apr 2024 08:52:23 GMT
server
cloudflare
etag
W/"75978d7a66facb394b1bc2cb20b0c683"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Omgb9L0yb8z0mYuB2WDfh4hR7mqLwRs1HCiNTL0JkQvFt2WjCyFVw4zenJKALPX7EUHo98fm0eepE3%2F2WqDRaEJfYXLXIjri0E3TnJA4B1VI5RiUoytkF08XTLfQCvYaaOPqBgEtfp0xD4a6nl2d"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8874ff716b363649-FRA
c42f3e0.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
4 KB
4 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf1bc54049f45812a9ec0e03ee9b905f94c0e200aca7451a87601d8bff13ff8d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:39 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2163
x-amz-server-side-encryption
AES256
etag
"1098571bdbd05406045657dab3c8d973"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
3811
x-amz-cf-id
r6eFONvynUs0zYIYBgzUEqLnWa8S-3bI3mwX-8wuU9-J0s5tC7ivyQ==
fbec7bb.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
281 KB
282 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/fbec7bb.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03717ac85ec7f9fba4a5bb9867334dfd2d862072f2a4ad0788a926388d19e7b8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:39 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:08 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2160
x-amz-server-side-encryption
AES256
etag
"29189349a862a6611194e236eecea4d1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
287751
x-amz-cf-id
qcJvvjNCQnK3uslMogiTM4kSXWfxaZjYKhscQxkFKWXFo2yXHaRkqQ==
7ff6de7.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
1 MB
1 MB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e33d149b20ab1f150451847eaf3712099d5f18f3e17a05398ec1f8fcabad67dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:39 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2160
x-amz-server-side-encryption
AES256
etag
"348a20548a10a99b366b26ce08ad7e90"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
1315295
x-amz-cf-id
oWWqa0bxoFhTNgyqj5quFWo5PCkbFYlnqxEmiO3g9k75OYBM2sNxNQ==
e68e718.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
377 KB
377 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/e68e718.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0ef8cb0c5115de12c41344bdeb67c928e468f02983154394304f2335720b1ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:39 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2158
x-amz-server-side-encryption
AES256
etag
"77623c1d2cb635e3266106d829ae37de"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
385742
x-amz-cf-id
mpZSEkXH5Wn-cqSBKk82_HVU46emrJgi_0rEQFaafJa65kQnDaPT9Q==
c9770f7.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
11 KB
12 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c9770f7.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d7dbf161c64fb8672846aa8f1dd67f5b9e9a6757a22abff11b9ffb2b0ede6cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:57 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2150
x-amz-server-side-encryption
AES256
etag
"dc3623193d577a4a19f9fdc96027346a"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
11404
x-amz-cf-id
O4l9f2pypwFBgXrH4tQg6uT61Utpl928DCzdAmZQmvrsnWZTdGKWJw==
gtm.js
www.googletagmanager.com/
230 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bca2b996612d3d8f49d95880d1119cc4185b6c16e23778813818878320983cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80300
x-xss-protection
0
last-modified
Tue, 21 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 May 2024 13:43:51 GMT
paridirect.svg
www.paridirect.com/images/
8 KB
8 KB
Image
General
Full URL
https://www.paridirect.com/images/paridirect.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea9ae2cef2e59a1fa414fee670855236e74b85d3b36404323422a9cb5e83321e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 03:56:57 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 10:40:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
35214
etag
"33f1c60caa8a8c8acb9a02f51360b3cb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
7797
x-amz-cf-id
J7kJvGxiN20la6ONiYPS-XdwG7Ysx9tMUNfvh8yvFwxtTOr5szlsxw==
ball-anim.gif
www.paridirect.com/images/
168 KB
168 KB
Image
General
Full URL
https://www.paridirect.com/images/ball-anim.gif
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61c87fa38feabe93564f69968efaf449d2c09bc4b9f20ab22a1ee2242cb08bc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 05:24:49 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 10:40:42 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
29943
x-amz-server-side-encryption
AES256
etag
"a1c87ef0cc2668bb5e803a694c1d6185"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
171743
x-amz-cf-id
Jrhq6RHJlVZ5t-zdWzmLQ_j7QXY1TfxdWwbiRSq3nKPmo_1kiO8_aw==
5f8d524.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
5 KB
6 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/5f8d524.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adb7fdfd38311ea423cb8605c578cfd11d9e29ebe9e7bae24762dade006ce9ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:57 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:05 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2155
x-amz-server-side-encryption
AES256
etag
"11a93f8edac4069c66ad92b54f2e5909"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
5254
x-amz-cf-id
mPCqH2Yh6WPrh7AQoLuHa8oXLq6MHnjhASQQ53bT-qXKUWAXCxKYzQ==
init_chat.js
selfserveapp.kapturecrm.com/js/
157 KB
31 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/js/init_chat.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/e68e718.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
6c01af6128f0f55b092763ca2e69f941cc44b191d84fe66e2b6915738a4b1aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2024 05:44:47 GMT
Server
server
ETag
"27342-6189fd97a1494-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=10000
Content-Length
31545
get
www.paridirect.com/api/cms/
3 KB
4 KB
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=linkitemgroups.fr.header-tab-menu
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
b9bfa4be8e33963cdf599351e594f7be6fdeb75ca1699b42c3dccb7b81d6a722

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:41:13 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
3540
x-amz-cf-pop
PRG50-C1
age
158
x-amzn-requestid
d5ab1462-c767-47f2-88f8-32fbb2d1cd63
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
3540
x-amzn-trace-id
root=1-664ca479-657951ba18b8eaf723ac3358;parent=0af6c147304d8232;sampled=0;lineage=ce09f0f4:0
etag
W/"dd4-wnfPkXn9JTcd5TZVrhXKsNI+6y4"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
1p_iru_ozINQ8ExyAdKmp-NruDWSFelNOiClGGUqg2ehZF5gg6E7Kg==
get
www.paridirect.com/api/cms/
6 KB
7 KB
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=linkitemgroups.fr.personal-menu
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
4d8a6694a960d1d7d967cb944ce5fdbd07635e3f1da6dccd8238e79a0f51ba2e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:32:54 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
6124
x-amz-cf-pop
PRG50-C1
age
657
x-amzn-requestid
a0fd9868-561a-4774-8936-babfeb384c82
x-powered-by
Express
x-cache
RefreshHit from cloudfront
content-length
6124
x-amzn-trace-id
root=1-664ca286-250863d140824a740818c2fd;parent=129a78fcb40f4df5;sampled=0;lineage=ce09f0f4:0
etag
W/"17ec-XMx3khfnV/5M8kNAhfRbchtJmqA"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
LYOyB7X0qGABlIiFhzDkFPD5yz1GbQR5XxATe7h44HRDyXoYUt_Rqg==
start_game
www.paridirect.com/api/velisports/public/
228 B
771 B
XHR
General
Full URL
https://www.paridirect.com/api/velisports/public/start_game?gameProviderId=velisports&gameId=GAME-763b042b-b7cf-471f-a2e4-7c848a49109c&internalGameId=1000:DESKTOP_AND_MOBILE:velisports:velisports&type=MOBILE&lang=fr&currency=XAF&exitUrl=https:%2F%2Fwww.paridirect.com%2Fgames%2Fcasino
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
3322d31392f3c2201d31474f37de51f0306a26aaef140bb55577d74601c88582

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
228
x-amz-cf-pop
PRG50-C1
x-amzn-requestid
db3090d6-7d54-45a5-b538-2efdfe0d9c86
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
228
etag
W/"e4-Ec0f9RhzeLdSUrmGSgMooTA7iD8"
x-amzn-trace-id
root=1-664ca517-745fee57178fce317e4c3094;parent=421674abe0a5821b;sampled=0;lineage=ce09f0f4:0
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
Ce4mFF_N2_8I0rozKKwN4a32mAHRdLDrzU4a98n5KWpzKb6Nz8-W-Q==
get
www.paridirect.com/api/cms/
31 B
630 B
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=banner.fr.home-banners
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
9c84a3136204352903d6ddc8a329e87e4376b2fce3d1ee8f8dfbb14c666a8ffb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:41:13 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
31
x-amz-cf-pop
PRG50-C1
age
158
x-amzn-requestid
1fe0d087-629f-4815-b7e8-b63b718d7172
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
31
x-amzn-trace-id
root=1-664ca479-4a2781ef69bcc31e21c20283;parent=3cf0490d4f9810a0;sampled=0;lineage=ce09f0f4:0
etag
W/"1f-Hk6zhdtkfS6hjwQ6xtIHpmKbayA"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
IQln4s6N995gqAnh65CPg3LNU-gAIs49NSKmcr4_5ei_isjjSyG4-g==
get
www.paridirect.com/api/cms/
31 B
630 B
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=linkitemgroups.fr.sports-short-cut-menu
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
9c84a3136204352903d6ddc8a329e87e4376b2fce3d1ee8f8dfbb14c666a8ffb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:41:13 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
31
x-amz-cf-pop
PRG50-C1
age
158
x-amzn-requestid
9557789a-0d55-4afe-961f-3d1eefd5cb5b
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
31
x-amzn-trace-id
root=1-664ca479-468553cd2cafd34227fc81d1;parent=015e0e42f5f08f76;sampled=0;lineage=ce09f0f4:0
etag
W/"1f-Hk6zhdtkfS6hjwQ6xtIHpmKbayA"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
q1q_Ji8Xi034a8qHjJToX41mu2joSJnGnW7HMhbldi8Se6mmb_FfoQ==
get
www.paridirect.com/api/cms/
1 KB
2 KB
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=notificationmodalwindows.fr.promotion-activate-another
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
46fffddffc1bc8f367fc67b7bee460c715c640ca8c9dbd9bfcfede93ac052410

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:32:54 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
1512
x-amz-cf-pop
PRG50-C1
age
657
x-amzn-requestid
d45aefaa-10bb-4ec9-aa99-37cb39da38aa
x-powered-by
Express
x-cache
RefreshHit from cloudfront
content-length
1512
x-amzn-trace-id
root=1-664ca286-71af6e655ddf073a0b8309ee;parent=47ad0aa0b721d148;sampled=0;lineage=ce09f0f4:0
etag
W/"5e8-cpHkFMndu5vqaGRxWG1d293KjMc"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
81WeiDe9la0FnRNw2uAk9F8fvnlON9rOGSpJgTYHujUKtOuERTCgTw==
get
www.paridirect.com/api/cms/
7 KB
8 KB
XHR
General
Full URL
https://www.paridirect.com/api/cms/get?keys=footer.fr.Footer
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
0d7456cffb3d252e0026c500d5f7ef8ce583da18758b18c06c99a36a71abc4dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:41:13 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
7158
x-amz-cf-pop
PRG50-C1
age
158
x-amzn-requestid
f4658a90-d458-46e9-b09d-7c73b8d4502c
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
7158
x-amzn-trace-id
root=1-664ca479-47d2111530b3897f677a206e;parent=4ad7bc6fc72ebe60;sampled=0;lineage=ce09f0f4:0
etag
W/"1bf6-qJmXqXO26opqMAwR424grqvTSfw"
content-type
application/json; charset=utf-8
access-control-allow-origin
www.paridirect.com
access-control-expose-headers
*
cache-control
public, max-age=0, s-maxage=600, stale-while-revalidate=600, stale-if-error=600
access-control-allow-credentials
true
x-amz-cf-id
TCpfzf_MwI2vlyd31ZeWJ3w6y344VEDdeq4WLontyQ_kApZWBrkMKQ==
a0013e0.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
27 KB
27 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/a0013e0.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8cf4d274de2831bcd853fe703a8b10f2389f1d290b8d475fe245bb5618b8954

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:39 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:06 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2158
x-amz-server-side-encryption
AES256
etag
"ccf73adbac5b8e07c0afeb180a3f9310"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
27689
x-amz-cf-id
yygDln1BXDYlt_z_M6cM84jaJbMjdg1xD_kK3oyFnrXUfkHKD3Kj5A==
2aad42d.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
1 KB
1 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/2aad42d.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
495ea52622c97759fe578b125319fd8ad8d8246453d45011318b059f508e4fab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:22:57 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:03 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2131
x-amz-server-side-encryption
AES256
etag
"f752175bcd588dcda5390378bb33924d"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
1053
x-amz-cf-id
PJLhGaHQ_idsQpYiNofXLC7cSpKMwXbl6b1fNDvzg78OvGt4KfdH2g==
eec4543.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
16 KB
16 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/eec4543.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94751ffe82174e859329ba958afb2e2f82c3f609895c502e0b9862a622637d8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:23:22 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:08 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1964
x-amz-server-side-encryption
AES256
etag
"e1174a95ab0e70c079ce78ab364f5d7b"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
16311
x-amz-cf-id
PuwuP3MjoZLunKR5W5OSJrM8umklnYeYVPpYeOVPzlZcmSXu9AspuA==
tab-menu-sports_20220629081315_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
5 KB
5 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/tab-menu-sports_20220629081315_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4dc6cf45b45ca349d4a01c1d0c3dbe2957c89fcdcf28950d418abf4791348ae4
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 22 Feb 2024 02:22:19 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
10190
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
5300
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Wed, 29 Jun 2022 08:12:18 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528927,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
tab-menu-casino_20220629083632_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
4 KB
5 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/tab-menu-casino_20220629083632_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8af64e1008447014f152cb263f437b82741c1b901e00c8f92615449899ef0e1f
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 03 Oct 2023 03:27:01 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
525982
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
4586
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Wed, 29 Jun 2022 08:35:35 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528914,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Frame_20230124135511_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
15 KB
15 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Frame_20230124135511_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
05800130bcb7753d6984ed7cb21be610f53a3e352dfd919b7cd31a2ccd2ecf7d
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 04:21:03 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
16624
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
14914
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Tue, 24 Jan 2023 13:55:11 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528927,VS0,VE2
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
tab-menu-virtual_20220629081508_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
6 KB
6 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/tab-menu-virtual_20220629081508_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ea6074651f4309da8ea2f9d5a0d11d71fc48f237d7f901d55745fe0560896e8c
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 20 Jan 2024 12:02:22 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
14834
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
5733
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Wed, 29 Jun 2022 08:14:11 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528634,VS0,VE8
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
tournaments.svg
cdn.aglty.io/ss000003/Attachments/icons/
1 KB
2 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/icons/tournaments.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
33c2ef31606d0527d720b2a5735b8f05ef9e4a8537d1fc528c8c006e99c20c9b
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 10 Oct 2023 05:39:45 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
30730
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
1521
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Thu, 03 Nov 2022 15:16:16 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.529158,VS0,VE2
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
tab-menu-promotions_20220629083830_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
3 KB
3 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/tab-menu-promotions_20220629083830_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f3709587bd5d647525b44e9049996d33d363b4a68a3d4b73871b957151d6b990
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 04:21:03 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
367524
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
3012
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Wed, 29 Jun 2022 08:37:33 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528992,VS0,VE2
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Shop-Locator-icon%201_20230809072252_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
4 KB
4 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Shop-Locator-icon%201_20230809072252_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fd92e469f7b450616c1858df77490385cfe5aa5b7eef3b7e32b87bc4c12bb8d4
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Apr 2024 02:31:23 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
25192
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
3889
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Wed, 09 Aug 2023 07:22:53 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.528637,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
18-plus_20210517110225_0.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
4 KB
5 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/18-plus_20210517110225_0.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f657f710bb79730cd464b9e1993b7f6d6c8793e437989ea4eeeab5b515fc9a2a
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 02 Apr 2024 01:54:55 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
546297
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
4209
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Mon, 17 May 2021 11:01:51 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.574517,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Africell_square.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
4 KB
4 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Africell_square.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2491e95a97d7249de3ab4542135c7ef42e49a8cb964ac015282076bbc890934f
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 22 Feb 2024 13:31:57 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
446553
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
4003
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Thu, 15 Feb 2024 13:23:26 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.574507,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
MTN_sq.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
877 B
1000 B
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/MTN_sq.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0a95bb160954b802b722739e88ab24ff30bb56d4a0bace0997f2ea0d200d926f
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 03 Oct 2023 04:31:46 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
44283
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
877
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Thu, 09 Mar 2023 17:16:36 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.575013,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Asset%2021.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
9 KB
9 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Asset%2021.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bb848e3463c1cd5802becc6d64f946bdd2b763a0f475fee4a0d18b49e48725a6
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Oct 2023 02:48:46 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
473988
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
8925
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Thu, 04 Aug 2022 13:21:50 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.574796,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Coat_of_arms_of_the_Republic_of_the_Congo%20(1).svg
cdn.aglty.io/ss000003/Attachments/NewItems/
153 KB
154 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Coat_of_arms_of_the_Republic_of_the_Congo%20(1).svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1c745d783f841c14ab87210ef7afc77e55ee5c8f8ce807dedfe77b4f5ff22a2
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 03:07:33 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
479718
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
157023
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Thu, 07 Dec 2023 20:39:58 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.574779,VS0,VE1
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
Coat_of_arms_of_the_Democratic_Republic_of_the_Congo.svg
cdn.aglty.io/ss000003/Attachments/NewItems/
90 KB
90 KB
Image
General
Full URL
https://cdn.aglty.io/ss000003/Attachments/NewItems/Coat_of_arms_of_the_Democratic_Republic_of_the_Congo.svg
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6b44f515775b2002691b2f9706b03df03523a9e9449b600837a040adf2ef19af
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
X-Content-Type-Options nosniff
X-Frame-Options SELF
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 27 Sep 2023 07:16:31 GMT
content-security-policy
default-src https: wss: data: blob: 'unsafe-eval' 'unsafe-inline' *; object-src 'none';
date
Tue, 21 May 2024 13:43:51 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
544387
x-ms-blob-cache-control
public, max-age=604800, s-maxage=604800
x-cache
HIT
content-length
91907
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b6356dc1-e87f-411b-9bf6-6a5f0308e7de
x-served-by
cache-fra-etou8220107-FRA
x-aspnetmvc-version
5.2
last-modified
Fri, 30 Sep 2022 12:28:37 GMT
server
Microsoft-IIS/10.0
x-timer
S1716299032.574794,VS0,VE4
x-frame-options
SELF
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
public, max-age=604800, s-maxage=604800
guid
ss000003
region
usa
accept-ranges
bytes
x-cache-hits
0
js
www.googletagmanager.com/gtag/
267 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WVC3L4JKVJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
395a523cf0275c817138d2859ba7f3525c27f88ff3db00871f5616616230defe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94530
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 May 2024 13:43:51 GMT
hotjar-3652806.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3652806.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-45.prg50.r.cloudfront.net
Software
/
Resource Hash
f404fb4118f539ced13477021ee53a098a1b4290b11835eccb84808e703d7480
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/5b020fe6c5e435c139fe3df9a962af3d
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0ufwntO7-O1fIEW2g_e1VrM7ucS8SvYSa6Ka7v1zaa_W8IVK0iuZiQ==
tfa.js
cdn.taboola.com/libtrc/unip/1656602/
69 KB
21 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1656602/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aba03a5a921f234dc667bb26a5e35376b0df9b2144fd6f6b81a7829bfc5fc21a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dIwELjOoC2kU94GLIgpOoNVIiLgBxID5
content-encoding
gzip
via
1.1 varnish
date
Tue, 21 May 2024 13:43:51 GMT
x-amz-request-id
TNXAFT9C9QX11D15
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21511
x-amz-id-2
FaRYLZ8of8vIY0cDSFyrGl4WvxvoZH97i868F80tuOT5kDixetQkskXGeFtPxKpUs01mn1JGP9w=
x-served-by
cache-fra-etou8220051-FRA
last-modified
Sun, 12 May 2024 11:03:11 GMT
server
AmazonS3
x-timer
S1716299032.611129,VS0,VE198
etag
"62140d647a24bf2bcb335044da85326b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
50
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
up_loader.1.1.0.js
js.adsrvr.org/
12 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-119.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 07:07:20 GMT
Content-Encoding
gzip
Via
1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 May 2024 07:02:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
23792
x-amz-server-side-encryption
AES256
ETag
W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
fg1BbAW3YUWnC6l_fUdBseij_yah3dkni9D3I32ynIP5lfx9lc-xyg==
sp.js
res-odx.op-mobile.opera.com/
96 KB
29 KB
Script
General
Full URL
https://res-odx.op-mobile.opera.com/sp.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680a4f0ebcdb1a7e9c58a40ead3a557e37a74744950d9920b5770c386e437c6f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
557082
cf-polished
origSize=98764
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 May 2024 02:58:17 GMT
server
cloudflare
etag
W/"664424c9-181cc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
https://imasdk.googleapis.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=2678400
access-control-allow-credentials
true
cf-ray
8874ff737948fc8b-WAW
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 21 Jun 2024 13:43:51 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 May 2024 13:43:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
w2nsT+9/RAphuxDpXbv2Gc7HohCVy2WkDnCJi1IG5qWsWaZ7SCgJ0ue/ixLK2I9TXJC9HQDz0A9fcE+x2ACicQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
265d1bb6-9829-4c27-a686-957d40baca4e.js
cdn.iconvert.network/code/
581 B
1003 B
Script
General
Full URL
https://cdn.iconvert.network/code/265d1bb6-9829-4c27-a686-957d40baca4e.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3KVLZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ea00:b:a677:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27abb7e69816a2fd12a5dc660dce1a300f0e2ff149bb2c51b489797a27fc190d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 05:37:45 GMT
via
1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
115567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
581
last-modified
Tue, 30 Apr 2024 10:18:47 GMT
server
AmazonS3
etag
"45ce3e88155f1289837fd0a2c060c4ca"
vary
Origin
content-type
application/javascript
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
e1BqnkXgAqcwVSaltj1iAUV9Uqm3E1poeURgWxGntPLqsOqictay3Q==
330f43e.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
13 KB
14 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/330f43e.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcef8605fd0c5fe9080abb585efd87d76bd655a04dfe1a20cdd96b2780921eca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:04 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2115
x-amz-server-side-encryption
AES256
etag
"14e7257c5e2f3756323bd27050027a26"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
13651
x-amz-cf-id
cv_yfVntFS2D1zF3YEECFMrExFQRD0zlhmjUrMKRpKP3fPLu0rzPxw==
249bd1e.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
9 KB
10 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/249bd1e.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66145246c8624e62ae314c85fbde71831d957a86c1b57f301f93dfe1bb200e5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:04 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
2115
x-amz-server-side-encryption
AES256
etag
"b9bbe9982ebb6d6698fbc344c7ab87ca"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
9620
x-amz-cf-id
YbE1VSdc8YxXJZ_jGkIY-3xoKNv66-C2Aj9DZ0pN8H3GelOPIyzMXA==
3c78b31.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
3 KB
4 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/3c78b31.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00788c014f0948b52fa67b799fe5bd03cf999653ec84c1a816f878a9f824f54f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:04 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1992
x-amz-server-side-encryption
AES256
etag
"2d1eee4259f9cbd6c4a162547c0acae1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
3434
x-amz-cf-id
KHDrzfCgHD4x1fuDwx7Hx5MCZBDVqK3F5_SQj2S3uj00EHHKqyOP4A==
19c8e1d.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
5 KB
5 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/19c8e1d.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f2278f648e94a7caa797ff25913fd6a81aea3ac8753daa6aad843647d9bf4ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:03 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1888
x-amz-server-side-encryption
AES256
etag
"fe6f6e50d34301c1de7e84d3a417add5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
4689
x-amz-cf-id
GwHoHcxElddr51peIKs9IwWQ74oxdXEWdnpTnAC3t-IQwvqaYxQYFA==
465ecb4.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
29 KB
29 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/465ecb4.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aff1b7a08f0e08905420be6671e65ce89222d4b76fa3b0860d629b4dc6cca79c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:04 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1869
x-amz-server-side-encryption
AES256
etag
"a23114d12e1d54df18ecc61ce2dd7c6e"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
29768
x-amz-cf-id
XejQ-V6GwtpguEvcTcgcmAiapp_ExQhe7ti2OEDh-1ywSR5phNke7g==
54a541c.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
29 KB
29 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/54a541c.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a56bbdcea32de5d1692268ee8693f9ee4cfa917d55527541d2014e8220b21206

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:04 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1500
x-amz-server-side-encryption
AES256
etag
"29d24e7701eb45d0262b63a26410a26d"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
29537
x-amz-cf-id
vrSp_-cfvOc6ZHOsCL28jmAS-zJRGX0WVQv5OZq6Q1lYKdsh3Vx2Aw==
e7dbe64.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
16 KB
17 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/e7dbe64.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9a81ebd7f023fc2201605651fb982ac595537b9a693e9671b11eb159b53cadf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:07 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1500
x-amz-server-side-encryption
AES256
etag
"44480947d16911d67650fd1723ee8625"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
16794
x-amz-cf-id
6bbbYklX-R6IRBaswNGAwCOpirD5Q7JHQpUn_YG7tVhkcfDSUvQMPA==
fa0e790.js
www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/
7 KB
7 KB
Script
General
Full URL
https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/fa0e790.js
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/c42f3e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
747003c4b26a0d73a33156244ea7e8b3f600dc94054e0d212a4ca8672aa114c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:51 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Mon, 20 May 2024 13:06:08 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
635
x-amz-server-side-encryption
AES256
etag
"de3d7cebbd36889efc1b058270db461f"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
6801
x-amz-cf-id
uCPbwj4AZgaXzNNlL0pYr49ErZj6U_xPI-nZXVAPUy-GqJQFqhh6RA==
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WVC3L4JKVJ&gtm=45je45f0v883397002z8849417008za200&_p=1716299030886&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1371051658.1716299032&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716299031&sct=1&seg=0&dl=https%3A%2F%2Fwww.paridirect.com%2F&dt=Paridirect%20%7C%20Paris%20sportifs%20et%20casino%2C%20les%20meilleurs%20paris%20et%20bonus%20en%20ligne&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WVC3L4JKVJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 13:43:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paridirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.404c8789d11e259a4872.js
script.hotjar.com/
222 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.404c8789d11e259a4872.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3652806.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-21.prg50.r.cloudfront.net
Software
/
Resource Hash
57f0b66c0f1db01170ae013ea57f30a8224a68e0119ec2e5b9166901dc1ef42a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 10:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
358724
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55963
last-modified
Fri, 17 May 2024 10:05:06 GMT
etag
"d2268f530894b7f5925ce33d530fc31a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
u2FL-QxgpEyStnCEMOEJTWzHTF31COdj_JI5riNzVf3SHy3vJW5NWA==
k
px.adx.opera.com/
35 B
381 B
Image
General
Full URL
https://px.adx.opera.com/k?stm=1716299031758&e=pv&url=https%3A%2F%2Fwww.paridirect.com%2F&page=Paridirect%20%7C%20Paris%20sportifs%20et%20casino%2C%20les%20meilleurs%20paris%20et%20bonus%20en%20ligne&tv=js-2.10.2&tna=cf&aid=adv10554266141376&p=web&tz=Europe%2FBerlin&lang=de-DE&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=0fb4af8f-8309-4f63-971b-248b6b91863d&dtm=1716299031756&vp=1600x1200&ds=1600x1240&vid=1&sid=da7e677d-141c-4d2f-8428-336c47d9c148&duid=64fbf854-01cb-45b2-be2b-6851ca376987&fp=1187562409
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.12 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
news-af.op-mobile.opera.com
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 13:43:51 GMT
server
Tengine
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
975214597112757
connect.facebook.net/signals/config/
56 KB
12 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/975214597112757?v=2.9.156&r=stable&domain=www.paridirect.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5edf5424e9effa04a7db3ad67199e0d69d8bf9a5a3d3df2a6efb319daef2c6ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 May 2024 13:43:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=63, mss=1294, tbw=63382, tp=-1, tpl=-1, uplat=48, ullat=0
pragma
public
x-fb-debug
rKu5cPFqojuWZf1waIb+7IBV14oAt+BuV55m10IE2xgFNH2GHbrP1/FTQ0hhADy2I7QY0wNL5A1O630reen2Yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
265d1bb6-9829-4c27-a686-957d40baca4e.json
cdn.iconvert.network/conf/
427 B
810 B
Fetch
General
Full URL
https://cdn.iconvert.network/conf/265d1bb6-9829-4c27-a686-957d40baca4e.json
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-30.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb25a773f3ece60ed15981197b8ea9d244bcd346cc98aced8b7528ac4810bd46

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 12:46:09 GMT
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
age
3519
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
427
last-modified
Tue, 30 Apr 2024 10:18:47 GMT
server
AmazonS3
etag
"4d01e2964a5f3376625d6e08aad342a4"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=7200
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
aGt-LYCkMyILm6DEciWulDmzFQXcRK6NGEh9B_wONdokJcP45J0Qqw==
json
trc.taboola.com/1656602/trc/3/
2 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1656602/trc/3/json?tim=1716299031840&data=%7B%22id%22%3A927%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1716299031837%2C%22cv%22%3A%2220240512-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.paridirect.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-marketingpariopscom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1716299031840%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.paridirect.com%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1656602/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62f1c405ccc0a391b269b355c6f863d0412bb0c383025644e4c975e916e90cc1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
14
date
Tue, 21 May 2024 13:43:51 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.2105
x-fastly-to-nlb-rtt
7477
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220051-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1716299032.869674,VS0,VE14
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
main.js
cdn.iconvert.network/client/3.4.2/
44 KB
16 KB
Script
General
Full URL
https://cdn.iconvert.network/client/3.4.2/main.js
Requested by
Host: cdn.iconvert.network
URL: https://cdn.iconvert.network/code/265d1bb6-9829-4c27-a686-957d40baca4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-30.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dc4959a9f41d1f7624fe41a89d525f279ea2b364314362245929433cb8b134f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Origin
https://www.paridirect.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 06:23:35 GMT
content-encoding
gzip
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
age
544817
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Apr 2024 15:54:17 GMT
server
AmazonS3
etag
W/"f94a37aac19ace3887b01aae7914b329"
access-control-max-age
3000
access-control-allow-methods
POST, GET, HEAD, PUT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31536000,immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
mp4iI5_HBZfavXFfUzk7DuRvQLvXbndTjXaoIe1i5khdf2c-VrmUmQ==
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=975214597112757&ev=PageView&dl=https%3A%2F%2Fwww.paridirect.com%2F&rl=&if=false&ts=1716299031873&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716299031873.686832213&ler=empty&cdl=API_unavailable&it=1716299031770&coo=false&rqm=GET
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 21 May 2024 13:43:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
3652806
vc.hotjar.io/sessions/
0
232 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/3652806?s=0.25&r=0.013275315954427436
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 21 May 2024 13:43:52 GMT
cache-control
no-store
via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
3O8w8qNC9BAswVIS0hKoUGc97ISMQsDv42vN5Qei4RZibnjxsH63fw==
x-cache
Miss from cloudfront
iframe
launcher.velisports.com/api/v1/integration/ Frame 5533
0
0
Document
General
Full URL
https://launcher.velisports.com/api/v1/integration/iframe?partnerId=2&languageId=fr&isForMobile=true&isCashier=0&currencyCode=XAF
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/fbec7bb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.43.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.paridirect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8874ff76cdc23524-WAW
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 21 May 2024 13:43:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAbBKEQBCtikmr48POU235SrKWLLkYCkUqyv5swt4QZfbgugybDk7aLA%2B2dqtHuNjAaDacmqW7Bvl0IpMCGw9561SPoG7k46KSXfY18OnEXfndCI%2BbjNpdB6%2BUCo8ad4so0q11msTKPo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
vsb-launcher-version
c005352937009bb50bda008afacf51cd2b130f59
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
0
jsapi.js
selfserveapp.kapturecrm.com/js/
203 KB
73 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/js/jsapi.js
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
dd56905c4d6789115819b48ab78e667eb61a9596492b0356bd19f86f83acb324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 29 Jan 2021 12:50:32 GMT
Server
server
ETag
"32b9f-5ba097324dab5-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=9999
kapchat_init_chat.js
selfserveapp.kapturecrm.com/kapchat/dist/
534 KB
135 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/kapchat/dist/kapchat_init_chat.js?ver=8.0.0
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
48677c0212da22380bf1dfef27f5795ea65ac0dd5fb97c5b97b7950da26a511b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2024 13:38:28 GMT
Server
server
ETag
"856dd-618a677770d1d-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=9998
init_chat.css
selfserveapp.kapturecrm.com/css/
97 KB
15 KB
Stylesheet
General
Full URL
https://selfserveapp.kapturecrm.com/css/init_chat.css
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
fa30c17a0703cd8c3bb7815d450e3ddb98c571656fba2d8f9e941189ac147a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Thu, 28 Mar 2024 08:02:01 GMT
Server
server
ETag
"18449-614b3f02a4206-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=10000
Content-Length
14899
handle_message.min.js
selfserveapp.kapturecrm.com/js/
190 KB
36 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/js/handle_message.min.js
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
066698140ee36c3b2c2b32f41ad5cf9054ac31a3b31842d476daf752c23ee1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 17 May 2024 05:44:47 GMT
Server
server
ETag
"2f82d-6189fd97a1494-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=10000
Content-Length
36784
configurable_init_chat.min.js
selfserveapp.kapturecrm.com/js/
37 KB
9 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/js/configurable_init_chat.min.js
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
8bfd582d2e23bc065e47fecbe70bbd11cbfccacc2aeb1ce28a3de67d0d12756e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Tue, 23 Apr 2024 07:05:46 GMT
Server
server
ETag
"94cb-616be2ee5eb9b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=9997
Content-Length
8771
intlTelInput_17_0_6.min.css
selfserveapp.kapturecrm.com/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://selfserveapp.kapturecrm.com/css/intlTelInput_17_0_6.min.css
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
c8eed513f4475e9fcca3cfb32cea8f2f2fc02cba5932cfb918017a5c2f6eb862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Mon, 21 Dec 2020 11:07:21 GMT
Server
server
ETag
"4b49-5b6f7764c2e43-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=10000
Content-Length
2962
ntlTelInput-jquery_17_0_6.min.js
selfserveapp.kapturecrm.com/js/
29 KB
11 KB
Script
General
Full URL
https://selfserveapp.kapturecrm.com/js/ntlTelInput-jquery_17_0_6.min.js
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/js/init_chat.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.80.87.48 Pune, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
server /
Resource Hash
e28f43484ee224e2c29379e4860e14b63064fc0aa48a1598fab7df4c61f091ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Fri, 16 Apr 2021 09:13:00 GMT
Server
server
ETag
"7506-5c01362ed218f-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=10000
Content-Length
10997
up
insight.adsrvr.org/track/ Frame 9E85
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=wu1x7g4&ref=https%3A%2F%2Fwww.paridirect.com%2F&upid=n5xz9jl&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.paridirect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Tue, 21 May 2024 13:43:52 GMT
server
Kestrel
favicon-32x32.png
www.paridirect.com/
2 KB
3 KB
Other
General
Full URL
https://www.paridirect.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa4b50cf54b6875c8a1d5b767ab3f6edf3dd2c202b1505aadec19f21179bd97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 05:51:05 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 10:40:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
28368
x-amz-server-side-encryption
AES256
etag
"7203f5957d3a26cf9d2012c64d138826"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
2298
x-amz-cf-id
cP3hpJYp7WiDMnSYTSJB0aGTxtSmzyMXITtclZ6A3zmDlFnqJ7NSSA==
page.gif
track.retainly.app//
42 B
356 B
Image
General
Full URL
https://track.retainly.app//page.gif?site_id=ME2KEiOlZacZG179elpiyM5yzs8URLvYOIHnaAOGBaXSorsUyTnpsAuDvtCa&id=&cookie=04dc-17cd-9ea9-d852-6740-4679-c024-d7c5&timestamp=2024-05-21T13%3A43%3A52.833Z&&language=de-DE&&languages[0]=en-US&languages[1]=en&name=https%3A%2F%2Fwww.paridirect.com%2F&&data[width]=1600&data[height]=1200&data[referer]=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.30.168.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-168-169.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:53 GMT
via
kong/3.3.0.0-enterprise-edition
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"2a-1fzrZTJkPQ2E/+CcQMSB7N9Z4Vo"
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
accept
*/*
x-kong-upstream-latency
5
x-kong-proxy-latency
6
access-control-allow-headers
*
content-length
42
ping.gif
track.retainly.app//
42 B
355 B
Image
General
Full URL
https://track.retainly.app//ping.gif?site_id=ME2KEiOlZacZG179elpiyM5yzs8URLvYOIHnaAOGBaXSorsUyTnpsAuDvtCa&id=&cookie=04dc-17cd-9ea9-d852-6740-4679-c024-d7c5&timestamp=2024-05-21T13%3A43%3A52.845Z&&language=de-DE&&languages[0]=en-US&languages[1]=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.30.168.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-168-169.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 13:43:53 GMT
via
kong/3.3.0.0-enterprise-edition
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"2a-1fzrZTJkPQ2E/+CcQMSB7N9Z4Vo"
access-control-allow-methods
*
content-type
image/gif
access-control-allow-origin
*
accept
*/*
x-kong-upstream-latency
6
x-kong-proxy-latency
5
access-control-allow-headers
*
content-length
42
favicon-new.ico
www.paridirect.com/
1 KB
1 KB
Other
General
Full URL
https://www.paridirect.com/favicon-new.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-126.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a3d47374aaba54a4c06b9c65f877a6203f1fbda5e33239e2b803924645406e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 08:19:05 GMT
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 10:40:40 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
19488
x-amz-server-side-encryption
AES256
etag
"c40c8960d274a417c51b9fdac77c6919"
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
1150
x-amz-cf-id
ZD6p6bSV7G30lP-4K50_FWpNTXAIDirH9RLXSzLAaAh9boeBZ9yxYA==
get-chat-ui-configuration
in.kapturecrm.com/home/
2 KB
2 KB
XHR
General
Full URL
https://in.kapturecrm.com/home/get-chat-ui-configuration
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.100.200.45 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
45.200.100.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
525eda6467e651154bdcf3a62cddb135768f13ba81d9bf9c80402a6cb816d1ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 May 2024 13:43:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
application/json; =;charset=UTF-8
unip
trc-events.taboola.com/1656602/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1656602/log/3/unip?en=pre_d_eng_tb&tos=2028&scd=0&ssd=1&est=1716299031839&ver=36&isls=true&src=i&invt=1500&msa=40&rv=1&tim=1716299033867&vi=1716299031837&ri=98089c4ea6a1ec6aaebc620610850573&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.paridirect.com%2F
Requested by
Host: www.paridirect.com
URL: https://www.paridirect.com/_nuxt/446dda23ccee8292370fa14015655433694c17d6/7ff6de7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.paridirect.com
pragma
no-cache
date
Tue, 21 May 2024 13:43:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
1000048068.png
kapture-email-attachments.s3.amazonaws.com/88204674269717676600/
5 KB
5 KB
Image
General
Full URL
https://kapture-email-attachments.s3.amazonaws.com/88204674269717676600/1000048068.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.73.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
aad4a2348303a068c7d4d60ab451267d9b6ff464ed158333da41a99a2a187cc7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.paridirect.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 13:43:55 GMT
Last-Modified
Wed, 31 Jan 2024 11:21:14 GMT
Server
AmazonS3
x-amz-request-id
51FNK8E01MTP184Q
ETag
"7c4fd80846b52bc6650a268896686d5b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4651
x-amz-id-2
lhaFDyZ0VTd0G99OFIdOE83gYD9Jf7WBBumarGiCizdUor8JWrvbYMa43HdViWYfDuDNaeyGn6c=
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: selfserveapp.kapturecrm.com
URL: https://selfserveapp.kapturecrm.com/css/init_chat.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://selfserveapp.kapturecrm.com/
Origin
https://www.paridirect.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 02:28:07 GMT
x-content-type-options
nosniff
age
40547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 02:28:07 GMT

Verdicts & Comments Add Verdict or Comment

309 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer function| $ function| jQuery object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $workbox function| Cleave function| _ object| __SENTRY__ object| $nuxt object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| hj object| _hjSettings object| __tfa_pixel_init object| _tfa object| GlobalSnowplowNamespace function| otag function| fbq function| _fbq object| _rio function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| _typeof object| Snowplow function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| __sf object| iconvert object| jsonpFunction string| baseURL string| server_host string| chat_host_url string| fileVersion boolean| is_close_ticket_for_external_bot boolean| isEmail string| str object| iframeArr object| msNoAuthMainServerArr object| intlTelInput_css object| faq_css object| montserrat_css undefined| jquery_js object| handle_message_js object| intlTelInput_js object| datePicker_js object| datePicker_css object| owl_js object| owl_css object| owl_theme_css object| config_js object| url_trck_js object| translate_js object| kap_chat_js boolean| isIncognito undefined| jqueryIntvl function| initializeNeedHelpIcon function| smileyAction function| mudrex function| blusmart function| goZayaan function| removeFloatElm function| ShowCountryFlag function| setInitialCountry function| ShowFaqContainer function| maximizeIframe function| maximizeIframeForMobile function| minimizeIframe function| HideFaqContainer function| ShowKapWidget function| HideKapWidget function| showChatOptions function| showFaqScreen function| createMyFrm function| validateEmail function| validateTextarea function| toggleAttachedFiles function| validateChatForm function| add_customer number| recallApi function| init_kapchat function| CloseChatConversation function| languageChangeHandler undefined| myCounter function| getKeyCode function| convertWord function| triggerTranslateAPI function| shareCusStatus function| convertToHi function| closeChat function| showFeedbackModal function| closeFeedbackModal function| closeModal function| closeConnectionModal function| closeErrorModal function| getRatings function| feedbackReaction function| additionalFeedback function| resetFeedbackModal function| submitFeedbacks function| addFeedbackLogs function| bb_daily_support_page function| bb_loader function| addaLoader function| init_bb_daily_Kapchat function| init_blusmart function| showHideChatTextArea function| showHideCrossButton function| showHideFileUploadOption function| absorbEvent_ function| preventLongPressMenu function| init_bb_Kapchat function| bb_toggle_greeting_msg function| initKapchatObject function| show_preview_img function| show_welcome_msg function| show_file_error function| show_eta_message function| showNewChatUI function| openFeedbackModalForZepto function| reopenChatTicket function| reInitiateChat function| bbNewReinitiateChat function| sendInitCmd function| newFeedbackMsg function| show_static_initiate_message function| submit_initiate_response function| show_static_continue_session_message function| submit_continue_session function| loadDateField function| togglePreview function| removeAttachmentShelf function| start_flipkart_counter function| show_static_blusmart_message function| submit_initiate_blusmart_response function| show_reopen_tkt_btn function| submit_reopen_response function| start_counter function| stop_counter function| isValidHttpUrl string| decryptedCusCode function| decrypt_customer_code function| get_chat_tickets function| fetchNotificationCounter function| getAllChatCounter function| unicommerce_static_page string| passed_ticket_id function| setTicketId function| goUniPage boolean| is_start_new_chat function| start_new_chat function| uniTicketFeedbackFormSubmit function| uniSmileyAction function| uni_new_chat function| reopenTicket function| sendWarningMessage function| submit_warning_response function| showDeeplinkforFlipkart function| openUrl number| googleLT_ object| google function| google_exportSymbol function| google_exportProperty object| jstiming object| kpBase64 object| Base64 object| Kapchat object| chatArr object| SHA1 object| MD5 object| stropheUtils object| Strophe function| $build function| $iq function| $msg function| $pres function| b64_hmac_sha1 function| b64_sha1 function| str_hmac_sha1 function| str_sha1 function| DiscoInfoNode function| DiscoItemsNode function| DiscoNodeNotFound function| moment object| timesync object| templates_new object| intlTelInputUtils object| KapchatSession object| KapchatCommon object| KapchatNRUWidget object| KapchatRUWidget object| faqConfigFile object| xhr undefined| chatFor object| replacedNo object| chatDetail object| faqScript string| chatType string| chat_For undefined| deviceInfo undefined| autoFn undefined| query number| kapchatIntvl function| getUserInfo function| submitMultiSelectResponse function| feedbackRating object| attempted_data boolean| all_checked object| lotusData string| flowDesposition string| tags function| setValCusDDl function| showCusDDl function| getReasonValue function| submitBbDailyImgs function| bbdailyProdQuantity function| getUploadFlName function| resetBbdailyField function| attemptStatus function| submitBbDailyProd function| bbdailySelectAll function| bbdailyClickFunction function| showHideProds function| zeptoSubmit function| flipkartSubmit function| letsshave_addTocart function| createTable function| enableSelectOpt function| showSelectedItem function| showConfirmTable function| CreateInputObject function| createBbDailyTable function| convertListToJson function| bb_daily_anchor_action function| bb_daily_submit_data function| bb_exchange_order_msg function| bb_slot_availability_msg function| bb_delivery_status_msg function| bb_first_msg function| convertListToJsonForDeliveryStatus function| selectOrderForDeliveryStatus function| bb_feedback_msg function| sendBBFeedbackMsg function| bbReturnAndExhange function| bbMessageWithConnectToLiveAgentOption function| scrollToBottom function| showComposingEvent function| clearComposingEvent function| js_dateTimePicker function| submitJs_dateTimePicker number| is_end_of_flow object| conversational_json function| js_chat_bot function| js_chat_bot_agent_msg function| redirectToPage function| KFC_validate_otp function| KFC_order_calculations function| botStaticMessage function| KFC_fn function| mitra10 function| js_chat_bot_option_msg function| js_chat_bot_list_with_options function| removeTags function| js_chat_bot_customer_msg function| showFrmInChatBot function| showNextKey function| selectOrder function| showProducts function| selectedProduct function| validateInfoFrm function| generate_tkt_or_enquiry function| skullAddTkt function| lotusAddTkt function| lotusGetProdDetail function| lotusGetProdcategories function| showHideProdList function| subCategProds function| lotus_addToCart function| brinkApi function| MLAPIs function| MLChatBotAPIs function| submitMlOrderData function| bbLog function| repeatProcess object| HandleMessage object| uploadMultiFileObj object| intlTelInputGlobalsRaul

7 Cookies

Domain/Path Name / Value
www.paridirect.com/ Name: ___rio___
Value: 04dc-17cd-9ea9-d852-6740-4679-c024-d7c5
.paridirect.com/ Name: _ga
Value: GA1.1.1371051658.1716299032
.paridirect.com/ Name: _ga_WVC3L4JKVJ
Value: GS1.1.1716299031.1.0.1716299031.0.0.0
.paridirect.com/ Name: _fbp
Value: fb.1.1716299031873.686832213
.adx.opera.com/ Name: UID
Value: OPU8b6106e7970a43b7b67a10ac9a538834
.paridirect.com/ Name: _hjSessionUser_3652806
Value: eyJpZCI6IjVhMjRkOTE0LTlkNjAtNWVlZS1iMzhiLWE4ZmQ3ODRhNTJiNCIsImNyZWF0ZWQiOjE3MTYyOTkwMzE5NDksImV4aXN0aW5nIjpmYWxzZX0=
.paridirect.com/ Name: _hjSession_3652806
Value: eyJpZCI6IjQ2MjIwMTU0LTI0ZjMtNGYzNS05YjY1LTQ3Zjc0ZTBkNDk1NCIsImMiOjE3MTYyOTkwMzE5NTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

3 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/975214597112757?v=2.9.156&r=stable&domain=www.paridirect.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.paridirect.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.aglty.io
cdn.iconvert.network
cdn.retainly.app
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.gstatic.com
in.kapturecrm.com
insight.adsrvr.org
js.adsrvr.org
kapture-email-attachments.s3.amazonaws.com
launcher.velisports.com
paridirect.com
px.adx.opera.com
region1.google-analytics.com
res-odx.op-mobile.opera.com
script.hotjar.com
selfserveapp.kapturecrm.com
static.hotjar.com
track.retainly.app
trc-events.taboola.com
trc.taboola.com
vc.hotjar.io
www.facebook.com
www.googletagmanager.com
www.paridirect.com
104.17.24.14
104.18.24.215
141.226.228.48
15.197.193.217
151.101.65.44
151.101.66.137
16.182.73.113
172.66.43.137
172.67.196.75
2001:4860:4802:32::36
2600:9000:2127:ea00:b:a677:1000:93a1
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
34.100.200.45
40.80.87.48
52.30.168.169
65.9.95.111
65.9.95.126
65.9.95.21
65.9.95.30
65.9.95.45
65.9.99.119
82.145.213.12
00788c014f0948b52fa67b799fe5bd03cf999653ec84c1a816f878a9f824f54f
03717ac85ec7f9fba4a5bb9867334dfd2d862072f2a4ad0788a926388d19e7b8
05800130bcb7753d6984ed7cb21be610f53a3e352dfd919b7cd31a2ccd2ecf7d
066698140ee36c3b2c2b32f41ad5cf9054ac31a3b31842d476daf752c23ee1e6
0a95bb160954b802b722739e88ab24ff30bb56d4a0bace0997f2ea0d200d926f
0c32be09fbae57950594a2abb6a0e5480f0734663ae0b6c2f54b60b8ff07c484
0d7456cffb3d252e0026c500d5f7ef8ce583da18758b18c06c99a36a71abc4dc
2491e95a97d7249de3ab4542135c7ef42e49a8cb964ac015282076bbc890934f
27abb7e69816a2fd12a5dc660dce1a300f0e2ff149bb2c51b489797a27fc190d
3322d31392f3c2201d31474f37de51f0306a26aaef140bb55577d74601c88582
33c2ef31606d0527d720b2a5735b8f05ef9e4a8537d1fc528c8c006e99c20c9b
395a523cf0275c817138d2859ba7f3525c27f88ff3db00871f5616616230defe
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
46fffddffc1bc8f367fc67b7bee460c715c640ca8c9dbd9bfcfede93ac052410
48677c0212da22380bf1dfef27f5795ea65ac0dd5fb97c5b97b7950da26a511b
495ea52622c97759fe578b125319fd8ad8d8246453d45011318b059f508e4fab
4d8a6694a960d1d7d967cb944ce5fdbd07635e3f1da6dccd8238e79a0f51ba2e
4dc6cf45b45ca349d4a01c1d0c3dbe2957c89fcdcf28950d418abf4791348ae4
4e021122071a8fdaf7766f579efe607c049dc2ef2bc439f4d8c74aa5b3a84107
525eda6467e651154bdcf3a62cddb135768f13ba81d9bf9c80402a6cb816d1ee
57f0b66c0f1db01170ae013ea57f30a8224a68e0119ec2e5b9166901dc1ef42a
5edf5424e9effa04a7db3ad67199e0d69d8bf9a5a3d3df2a6efb319daef2c6ca
61c87fa38feabe93564f69968efaf449d2c09bc4b9f20ab22a1ee2242cb08bc3
62f1c405ccc0a391b269b355c6f863d0412bb0c383025644e4c975e916e90cc1
66145246c8624e62ae314c85fbde71831d957a86c1b57f301f93dfe1bb200e5d
680a4f0ebcdb1a7e9c58a40ead3a557e37a74744950d9920b5770c386e437c6f
6b44f515775b2002691b2f9706b03df03523a9e9449b600837a040adf2ef19af
6c01af6128f0f55b092763ca2e69f941cc44b191d84fe66e2b6915738a4b1aea
6d7dbf161c64fb8672846aa8f1dd67f5b9e9a6757a22abff11b9ffb2b0ede6cd
73a3d47374aaba54a4c06b9c65f877a6203f1fbda5e33239e2b803924645406e
747003c4b26a0d73a33156244ea7e8b3f600dc94054e0d212a4ca8672aa114c5
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
7dc4959a9f41d1f7624fe41a89d525f279ea2b364314362245929433cb8b134f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8af64e1008447014f152cb263f437b82741c1b901e00c8f92615449899ef0e1f
8bfd582d2e23bc065e47fecbe70bbd11cbfccacc2aeb1ce28a3de67d0d12756e
8f2278f648e94a7caa797ff25913fd6a81aea3ac8753daa6aad843647d9bf4ad
94751ffe82174e859329ba958afb2e2f82c3f609895c502e0b9862a622637d8e
9c84a3136204352903d6ddc8a329e87e4376b2fce3d1ee8f8dfbb14c666a8ffb
a56bbdcea32de5d1692268ee8693f9ee4cfa917d55527541d2014e8220b21206
a8cf4d274de2831bcd853fe703a8b10f2389f1d290b8d475fe245bb5618b8954
aad4a2348303a068c7d4d60ab451267d9b6ff464ed158333da41a99a2a187cc7
aba03a5a921f234dc667bb26a5e35376b0df9b2144fd6f6b81a7829bfc5fc21a
adb7fdfd38311ea423cb8605c578cfd11d9e29ebe9e7bae24762dade006ce9ab
aff1b7a08f0e08905420be6671e65ce89222d4b76fa3b0860d629b4dc6cca79c
b9a81ebd7f023fc2201605651fb982ac595537b9a693e9671b11eb159b53cadf
b9bfa4be8e33963cdf599351e594f7be6fdeb75ca1699b42c3dccb7b81d6a722
bb848e3463c1cd5802becc6d64f946bdd2b763a0f475fee4a0d18b49e48725a6
bca2b996612d3d8f49d95880d1119cc4185b6c16e23778813818878320983cf7
bf1bc54049f45812a9ec0e03ee9b905f94c0e200aca7451a87601d8bff13ff8d
c0ef8cb0c5115de12c41344bdeb67c928e468f02983154394304f2335720b1ad
c8eed513f4475e9fcca3cfb32cea8f2f2fc02cba5932cfb918017a5c2f6eb862
dd56905c4d6789115819b48ab78e667eb61a9596492b0356bd19f86f83acb324
e28f43484ee224e2c29379e4860e14b63064fc0aa48a1598fab7df4c61f091ad
e33d149b20ab1f150451847eaf3712099d5f18f3e17a05398ec1f8fcabad67dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94f23c436abe72c946eb52f24588bd65fae498e2cb4e5f1a8855ef8fd8cede7
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea6074651f4309da8ea2f9d5a0d11d71fc48f237d7f901d55745fe0560896e8c
ea9ae2cef2e59a1fa414fee670855236e74b85d3b36404323422a9cb5e83321e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa4b50cf54b6875c8a1d5b767ab3f6edf3dd2c202b1505aadec19f21179bd97
f1c745d783f841c14ab87210ef7afc77e55ee5c8f8ce807dedfe77b4f5ff22a2
f3709587bd5d647525b44e9049996d33d363b4a68a3d4b73871b957151d6b990
f404fb4118f539ced13477021ee53a098a1b4290b11835eccb84808e703d7480
f657f710bb79730cd464b9e1993b7f6d6c8793e437989ea4eeeab5b515fc9a2a
fa30c17a0703cd8c3bb7815d450e3ddb98c571656fba2d8f9e941189ac147a80
fb25a773f3ece60ed15981197b8ea9d244bcd346cc98aced8b7528ac4810bd46
fcef8605fd0c5fe9080abb585efd87d76bd655a04dfe1a20cdd96b2780921eca
fd92e469f7b450616c1858df77490385cfe5aa5b7eef3b7e32b87bc4c12bb8d4