Report - go.goodlifestylenews.com/BidenChaos0324/1b57dbff03b5148711f102c3bc5b9092/55/leadsource/2578/1610/4a9834ecac99f8a72a7e3bb0819f9019/mpmta

Report Overview

Submitted URL
go.goodlifestylenews.com/BidenChaos0324/1b57dbff03b5148711f102c3bc5b9092/55/leadsource/2578/1610/4a9834ecac99f8a72a7e3bb0819f9019/mpmta
IP
104.21.30.61
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 22:55:56
Access
public
Website Title
BIDEN OUT JUNE 13
Final URL
pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-24	443 B	35 kB	216.58.211.10
www.google.no	25607	2001-02-26	2016-04-05	2024-04-24	603 B	578 B	172.217.21.163
paradigmpressgroup.com	unknown	2022-05-20	2022-07-18	2024-04-18	915 B	4.2 kB	44.210.42.183
distillery.wistia.com	6708	2007-03-18	2012-09-30	2024-04-23	499 B	411 B	54.230.111.55
api.getblueshift.com	9346	2014-03-09	2014-05-10	2024-04-24	724 B	339 B	44.231.112.93
p.typekit.net	620	2010-08-02	2012-05-23	2024-04-24	494 B	338 B	23.36.76.96
d2z65klgtz99km.cloudfront.net	unknown	2008-04-25	2021-03-17	2024-04-18	1.4 kB	4.3 MB	54.230.241.121
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-04-18	617 B	1.0 kB	104.18.21.187
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-23	539 B	15 kB	216.58.207.227
s.yimg.com	375	1997-05-14	2012-05-21	2024-04-24	3.5 kB	32 kB	87.248.119.251
470kwc1.com	unknown	2019-05-03	2020-04-29	2024-04-18	956 B	1.2 kB	18.217.134.101
pro.paradigm-press.info	unknown	2019-02-19	2019-03-28	2024-04-18	545 B	841 B	192.135.136.169
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-04-18	866 B	1.7 kB	172.67.172.49
fast.wistia.com	5153	2007-03-18	2012-07-04	2024-04-24	3.7 kB	298 kB	151.101.130.132
cdn.getblueshift.com	12716	2014-03-09	2016-09-19	2024-04-23	419 B	3.4 kB	54.230.111.116
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-24	2.2 kB	528 kB	142.250.74.72
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-23	6.2 kB	3.1 kB	216.239.34.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-24	458 B	1.4 kB	142.250.74.170
pro.paradigmnewsletters.org	unknown	2018-12-12	2019-06-06	2024-04-18	2.8 kB	13 kB	161.129.26.18
use.typekit.net	494	2010-08-02	2012-07-05	2024-04-23	2.2 kB	83 kB	23.36.76.122
pipedream.wistia.com	6958	2007-03-18	2017-01-30	2024-04-24	1.1 kB	914 B	143.204.55.100
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08	2024-04-24	1.6 kB	934 kB	143.204.55.103

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	goodlifestylenews.com	Sinkholed
2024-04-24	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	unknown	469 B	2023-03-10	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen398 Hash 1b942598e5ebe0432ae014b008148c5b 63d79dd6f78b6fa3d330d9f70ed48048f2cb9dd8 f91cdf301758a9d6e20bc3455aa0ad44dd54cf784f593aceb2283318c2117f94 Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/sandbox%20eval%20code	147 B	2023-04-11	2024-05-04
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 14:27:53 Times Seen344719 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	s.yimg.com/wi/ytc.js	18 kB	2023-06-26	2024-05-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo-UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33:35 Last Seen2024-05-04 08:02:10 Times Seen12797 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-05-04
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-04 12:24:35 Times Seen119080 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	pro.paradigmnewsletters.org/p/Scripts/Common.js	2.4 kB	2023-03-09	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/Scripts/Common.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-05-01 22:13:49 Times Seen713 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	39 B	2023-03-10	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen552 Hash af8745eef59c123e59cd4703ea4cc40e 8aab93d5d6e19c3430396e434f734df7699aeda0 419e6fe661d8187589ce9e3f1f2888d3bd1fc5f4af3dc1e6a0321a66c31e1191 Loading...

	unknown	1.3 kB	2024-02-05	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-05 00:22:28 Last Seen2024-05-01 22:13:49 Times Seen140 Hash c14d2737cadb3a0ca008bfa3669bd651 8288b4fcb69ee42fbfbaf0533ad239dd37a971a2 4224a6ccdb4870ef44685b1205c3e52feaa7f902f3a6ff3ee36746772bceedf1 Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	341 B	2023-03-10	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen401 Hash 285bc9b441da8c1fbab42396acae2df3 833ac60111a789824e40a385d2e225c129751bbd 7849138d30558b224e5ccd5847d7ea5767630e220bf7d4e3496e99c5fa02974f Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	341 B	2023-09-13	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02:57 Last Seen2024-05-01 22:13:49 Times Seen377 Hash ce1c2dd4d39647e5c7e8a4ded7c7d48a 4f7b2f537cb1a05bd6a7f661fce09d2db271bb38 8a871b5034d221b1a98614580a9a998b0a63ad1bff46c93d65d0ed544c3638fc Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	836 B	2023-11-08	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 05:21:07 Last Seen2024-05-01 22:13:49 Times Seen357 Hash 4e2e4cbe63ac644606cfa87e76452824 3936c2eb6588579868016076278ccd961760eda0 85c1ef4cc98021ecdbab4fb4016a5a3500c7c47f6a2dd042083947f32ab1fb05 Loading...

	unknown	326 B	2023-03-14	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28:39 Last Seen2024-05-01 22:13:49 Times Seen407 Hash aedcaf36e4ad85dbf51037318c8ab10c c6210e518ab8eeb0a496b966241caeb1c464516a 5a0af2eeee3dcb3f4e43e4533947d91a74f63d17a73691aac1ad46367989809f Loading...

	www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c	299 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:58 Last Seen2024-04-25 00:55:59 Times Seen2 Hash 9f9d60eb3440d5409957b2f2822a626e 5560672e721b7edd9b57a2274d86cf4f676dae43 b4f5baa647c61bac70dcf942d83c16c8b8b64872e3d9516aec424a2ba18473b3 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-04
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 14:27:54 Times Seen344213 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C	271 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:58 Last Seen2024-04-25 00:55:59 Times Seen2 Hash b4ec2e9fac8dd02945ec8d285b414959 6b6982243ea96e094b76472419c960b3ea8afdf2 e214e7d3f83d73d26e5572673ae8b0ff8532b747339337557c14ce7b1f650d07 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c	271 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:58 Last Seen2024-04-25 00:55:59 Times Seen2 Hash 96278fc8ad1d38beef382f0c96dd8054 8dea38e254ae81932b276428fc5582afd152ad92 b6a60d365d7fba24914c811599ad7778bcc81f00e9ca3223580c751d512c8c2f Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	4.8 kB	2024-04-05	2024-04-29
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-05 00:55:11 Last Seen2024-04-29 20:49:27 Times Seen12 Hash 4a13469f34e593007a918efeb20adbd3 4282dcd002c549dfe438a8c3f80e0e6011c521d1 4b1b6969f22ae63c9abab75c752a6536f0f2fa9176b672ca703eb69ea09f86c8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NKRVP76	415 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NKRVP76 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:59 Last Seen2024-04-25 00:55:59 Times Seen2 Hash 2cc4b3b7ad943bee4c0a5b696e846c9c e065f5a399c0c1bdd4134ec15a350fefd24ecebc d12302a8c3adc8c505441f9b5542486cb0113b6637eb93c6a3c2d5da33391143 Loading...

	unknown	469 B	2023-03-10	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen398 Hash deeaa7c0af6a3a2abc4f6232e0726eaa 82dff020198b4ca13a2e26a4ebc0ad661a66712d e1d46eadd939d65337b58355bbd09d26261a5b2bd05b4802e8d448ee0a937d26 Loading...

	fast.wistia.com/assets/external/googleAnalytics4.js	18 kB	2024-04-25	2024-05-01
Pretty URL fast.wistia.com/assets/external/googleAnalytics4.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:59 Last Seen2024-05-01 22:13:50 Times Seen24 Hash 125fa6aa86400029af6299aa435df040 216871e2474a3ee803e1c33629114ea5a37181b0 aad103f9dea1d7462e57569b46a915d35a702958c6071b86b867a780df5a91a8 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	83 kB	2024-04-10	2024-05-04
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:36:41 Last Seen2024-05-04 00:41:18 Times Seen261 Hash 7845f53703880c301c91e55dacfb2730 a91923e2fe5f5a139f65a41682cee83637c636bf 441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942 Loading...

	pro.paradigmnewsletters.org/p/Scripts/HideContent.js	721 B	2023-03-09	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/Scripts/HideContent.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-05-01 22:13:49 Times Seen714 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	unknown	469 B	2023-03-10	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen398 Hash 6bfa85325d17bdaf99d6c48c4539b496 dcab4590a8eeae34b0e63df480f24c1e901800bc 0d293b59ef3ca7a501f575c64a240bc9dbaad8c1c637806793a4a2d8c334a6b9 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P95MDDF	466 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P95MDDF IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:59 Last Seen2024-04-25 00:55:59 Times Seen2 Hash b4f6db443c58fe9b4fcd6f8be4039521 8ca3b2acc0f2f66b9531cfed1b428154350bf0c7 03999f4cf46ea19f8408a4680748c9dc92753beeef6938b7aaa76c1f12f8ef59 Loading...

	unknown	469 B	2023-03-10	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen399 Hash 525d0b8417e918e828c73233e2e7b437 98cce5ccb75b57d7a47822a88b159d54bdf05fdd 9dc28f8d48c697f48911cc3ce9ae64edfae072127840572164c90548695e82ca Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	486 kB	2024-04-10	2024-04-29
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:36:41 Last Seen2024-04-29 20:49:28 Times Seen210 Hash 0d0944584a2e0b7299c788dfbcc6224b dbafb5834a1553d168e2e61633d9dfb37d29a438 c6c26035fb90773bae20e3accc00fe4bf7368ac9eb802ce0ee066ffb3f89b738 Loading...

	fast.wistia.com/assets/external/allIntegrations.js	23 kB	2024-04-10	2024-05-04
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:40:57 Last Seen2024-05-04 00:41:18 Times Seen196 Hash d5dd13ae4e2cc9dbc4601c4d95143418 13405305698ad9cc7f44a86871fa1c0d057a9bf4 709f139528814cc9d5158ed469a578082a81607df49b40e41a6fb4b240567ecd Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	2.3 kB	2024-04-15	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-15 00:54:47 Last Seen2024-05-01 22:13:49 Times Seen37 Hash 78f3038d152f3fb35e4dad2a1e43ebb2 d7e1fbe3a79d9b14aaf7d3c4d2c006b512f988b6 4ddaedebcebea1e406f00f6b83c9960fef92e343295fd73c33d2886df256d221 Loading...

	cdn.getblueshift.com/blueshift.js	6.6 kB	2024-01-24	2024-05-01
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-24 10:38:48 Last Seen2024-05-01 22:13:50 Times Seen661 Hash e70a08bd9e7ef156c1673f55ed87aa85 9dfa4cf582654332eb4e1ada9843594ca64bb0d2 a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5 Loading...

	unknown	1.3 kB	2023-03-10	2024-05-01
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:49 Times Seen399 Hash 94d29b65bf770b80ca20ff02e2ba5f41 a4c1ab460dbe34b9672c2745f50e0c792a64d932 2d59b45ab2c9e86e411bdd0f5f9d8bb84b383a197faf372ee4e91a0c9a651b87 Loading...

	pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true	2.2 kB	2023-03-10	2024-05-01
Pretty URL pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07:22 Last Seen2024-05-01 22:13:50 Times Seen401 Hash e4f3e2e42bacfb36a7847e627e7e8276 5492c5e58d3c3abd4a40f736078f546b450e8085 5b86639a656d86f430a56426ae9ac2c83fe1a5c11d91739037f8b1146f5677b8 Loading...

	fast.wistia.com/assets/external/E-v1.js	821 kB	2024-04-25	2024-04-25
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.130.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:55:59 Last Seen2024-04-25 11:18:22 Times Seen18 Hash 20fe967bcd5ac28ca99ac2438b0f970a b7550a74f89acbaa601247749d6365c0e953cdaf 1fd3853e40997fffe6b88365e074f065dd452a6dc1af13213172460043411aec Loading...

HTTP Transactions (60)

URL IP Response Size

470kwc1.com/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664

18.217.134.101

302 Found

134 B

URL User Request GET HTTP/2
470kwc1.com/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664
IP
18.217.134.101:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject470kwc1.com
Fingerprint71:DE:CD:1D:C9:7F:26:78:C1:13:CE:8A:81:B9:15:B9:EC:6C:33:DC
ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /clk.trk?CID=468053&AFID=430135&SID=3415433504656277664 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 24 Apr 2024 22:55:28 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://470kwc1.com:443/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664

470kwc1.com/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664

3.17.114.146

302 Found

216 B

URL User Request GET HTTP/2
470kwc1.com/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664
IP
3.17.114.146:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject470kwc1.com
Fingerprint71:DE:CD:1D:C9:7F:26:78:C1:13:CE:8A:81:B9:15:B9:EC:6C:33:DC
ValiditySun, 17 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
8a5b9cfb382dbe59cf90c1cd68252aea
60db1cc773e2b58f0db456efa6f0cc361b665bba
4f625dd6edbc5c77e4cc43e7885eb119c64204ad559191fbe86417cf24de7ac7

HTTP Headers

GET /clk.trk?CID=468053&AFID=430135&SID=3415433504656277664 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 22:55:28 GMT
content-type: text/html; charset=utf-8
content-length: 216
location: https://pro.paradigm-press.info/m/2307059?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad
cache-control: private
server: Microsoft-IIS/10.0
p3p: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
x-aspnet-version: 4.0.30319
set-cookie: LTTC6_468053=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad; expires=Wed, 01-May-2024 22:55:28 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

pro.paradigm-press.info/m/2307059?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad

192.135.136.169

301 Moved Permanently

253 B

URL User Request GET HTTP/1.1
pro.paradigm-press.info/m/2307059?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad
IP
192.135.136.169:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintDE:EE:B1:D3:CC:79:7C:05:E2:B2:A5:58:14:0E:7F:4E:13:52:EE:49
ValidityMon, 22 Apr 2024 14:08:54 GMT - Sun, 21 Jul 2024 14:08:53 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
253 B (253 bytes)
Hash
6d8eb00f10b486c8887868dcad55ba79
f74ddf2d7b548aec16ecd92aaec490701205dd48
567dc9f13411c69242062801922b39bfdad794941e79a71c5d7e8aea17e67b0a

HTTP Headers

GET /m/2307059?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Date: Wed, 24 Apr 2024 22:55:28 GMT
Content-Length: 253
Set-Cookie: 2307059=2733285; expires=Tue, 14-May-2024 22:55:29 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!vz1ntll6Ng/rBuM0QCUGrw3uOK3bWft4hBIV+SY3oqAUV6XX5dwhJ3LpxM9Zg/CXbGTknnQbht8ycYg=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

go.goodlifestylenews.com/

172.67.172.49

143 B

URL
go.goodlifestylenews.com/
IP
172.67.172.49:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 22:55:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6OxYp3eodqTR5cif9rrpZdm9QGy5oVgapNjVFaU%2FRDNjkuFzYAQZjnPaMvaWvQhtwem99QfhBk4OCwziIgs4Sg1CQ0l%2BOMy1mZw5xbHQ%2BkYc7fm9edlHGCcJk59WUmL7SqAcjNt0ArYOgc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8799ae604f4956c4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true

161.129.26.18

253 B

URL User Request GET
pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
IP
161.129.26.18:0
ASN
#11372 14WEST-AS

File type
HTML document, ASCII text, with CRLF line terminators
Size
253 B (253 bytes)
Hash
6d8eb00f10b486c8887868dcad55ba79
f74ddf2d7b548aec16ecd92aaec490701205dd48
567dc9f13411c69242062801922b39bfdad794941e79a71c5d7e8aea17e67b0a

HTTP Headers

GET /p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Referrer-Policy: no-referrer-when-downgrade
Date: Wed, 24 Apr 2024 22:55:29 GMT
Content-Length: 253
Set-Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!UuuO95ByWiQ5Dkg0QCUGrw3uOK3bWc2kTsV4cYI6KO8u5noZtS20CIONjXrfMCk+wTkgrnEPBouIApI=; path=/; Httponly

pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true

161.129.26.18

9.2 kB

URL User Request GET
pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
IP
161.129.26.18:0
ASN
#11372 14WEST-AS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1672), with CRLF, LF line terminators
Size
9.2 kB (9245 bytes)
Hash
c744e53fb603a6ea1e2a261d10427622
ae6daa9421c816557cbc5e97f19844b820396845
70fff0b6512febd0f1abe32bcc705414d07f27fdea0481c681e9fbce7da2fa9d

HTTP Headers

GET /p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!UuuO95ByWiQ5Dkg0QCUGrw3uOK3bWc2kTsV4cYI6KO8u5noZtS20CIONjXrfMCk+wTkgrnEPBouIApI=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Wed, 24 Apr 2024 22:55:29 GMT
Content-Length: 9245
Set-Cookie: LAWN4392=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!5mQyUDeLwvcTkes0QCUGrw3uOK3bWXphBGIDSbOUqzR8cYKsHTe+IN7igWxGUERBIljj5cBN8miTEeU=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

216.58.211.10

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:54:39 GMT
expires: Fri, 18 Apr 2025 17:54:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 536451
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/E-v1.js

151.101.130.132

200 OK

137 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65474)
Size
137 kB (136866 bytes)
Hash
20fe967bcd5ac28ca99ac2438b0f970a
b7550a74f89acbaa601247749d6365c0e953cdaf
1fd3853e40997fffe6b88365e074f065dd452a6dc1af13213172460043411aec

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 20:03:57 GMT
etag: "6ad6c78daadc4c58258c9d89dea74c96"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:30 GMT
age: 3003
x-served-by: cache-iad-kcgs7200088-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 1645
x-timer: S1713999331.843888,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4c28c160e6e9b44cd0508d30268df2ca31ca7dc8
content-length: 136866
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/Common.js

161.129.26.18

200 OK

1.1 kB

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintDE:EE:B1:D3:CC:79:7C:05:E2:B2:A5:58:14:0E:7F:4E:13:52:EE:49
ValidityMon, 22 Apr 2024 14:08:54 GMT - Sun, 21 Jul 2024 14:08:53 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!UuuO95ByWiQ5Dkg0QCUGrw3uOK3bWc2kTsV4cYI6KO8u5noZtS20CIONjXrfMCk+wTkgrnEPBouIApI=; LAWN4392=; BIGipServerIRIS_PROD_HTTPS_POOL=!5mQyUDeLwvcTkes0QCUGrw3uOK3bWXphBGIDSbOUqzR8cYKsHTe+IN7igWxGUERBIljj5cBN8miTEeU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Wed, 24 Apr 2024 22:55:29 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

use.typekit.net/cbv5qfb.css

23.36.76.122

200 OK

809 B

URL GET HTTP/2
use.typekit.net/cbv5qfb.css
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (516)
Size
809 B (809 bytes)
Hash
42c09d1852d82478d323b53c0f50a529
7ae2bd107e50fcc475ab888c67659610ac495279
319fbfbb7f86c701bc2e4a24b3abe3f31dfde38a45a3ef2019d1c41af5029528

HTTP Headers

GET /cbv5qfb.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 809
date: Wed, 24 Apr 2024 22:55:30 GMT
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/HideContent.js

161.129.26.18

200 OK

466 B

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
FingerprintDE:EE:B1:D3:CC:79:7C:05:E2:B2:A5:58:14:0E:7F:4E:13:52:EE:49
ValidityMon, 22 Apr 2024 14:08:54 GMT - Sun, 21 Jul 2024 14:08:53 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!UuuO95ByWiQ5Dkg0QCUGrw3uOK3bWc2kTsV4cYI6KO8u5noZtS20CIONjXrfMCk+wTkgrnEPBouIApI=; LAWN4392=; BIGipServerIRIS_PROD_HTTPS_POOL=!5mQyUDeLwvcTkes0QCUGrw3uOK3bWXphBGIDSbOUqzR8cYKsHTe+IN7igWxGUERBIljj5cBN8miTEeU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Wed, 24 Apr 2024 22:55:29 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

p.typekit.net/p.css?s=1&k=cbv5qfb&ht=tk&f=26034.26052.26053.26054.26056.26062&a=135983404&app=typekit&e=css

23.36.76.96

200 OK

5 B

URL GET HTTP/2
p.typekit.net/p.css?s=1&k=cbv5qfb&ht=tk&f=26034.26052.26053.26054.26056.26062&a=135983404&app=typekit&e=css
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=cbv5qfb&ht=tk&f=26034.26052.26053.26054.26056.26062&a=135983404&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:31 GMT
X-Firefox-Spdy: h2

cdn.getblueshift.com/blueshift.js

54.230.111.116

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.116:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6625), with no line terminators
Size
2.8 kB (2826 bytes)
Hash
e70a08bd9e7ef156c1673f55ed87aa85
9dfa4cf582654332eb4e1ada9843594ca64bb0d2
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2826
Connection: keep-alive
Last-Modified: Wed, 24 Jan 2024 03:44:50 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 24 Apr 2024 22:22:04 GMT
Cache-Control: max-age=3600
ETag: "bd39fba69cd2745738daf44e0e350f6e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -c-sImM6-zgc4YKLfjHuAIsuqwuA_AyWO1XbAkQHYZaSAbcuIia3VQ==
Age: 2012

use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3

23.36.76.122

200 OK

27 kB

URL GET HTTP/2
use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27408, version 1.0
Size
27 kB (27408 bytes)
Hash
ca6f1d9e7730169261dd9f29c7b4cc3f
01d08d23e222dee5fee50a5d7d8bc6bcd7ec0e41
3426ba6d12629295e6905fc2df1fbe0accb038122fb3858949a78ff75fdc96fd

HTTP Headers

GET /af/6ce26b/00000000000000003b9acafd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27408
etag: "664c33910513fbd670a2ab47b2c8c1f8b02d68b6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 22:55:31 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.36.76.122

200 OK

26 kB

URL GET HTTP/2
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26392, version 1.0
Size
26 kB (26392 bytes)
Hash
83aff1d23eb8e137c5e38ed45348a1ec
7663cb96dac6f3a68ad9036899e3611d33cdf1de
da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d

HTTP Headers

GET /af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26392
etag: "7d4a321fb4284bed9856c33aee6c065aba0855a7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 22:55:31 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.36.76.122

200 OK

27 kB

URL GET HTTP/2
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56
ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26812, version 1.0
Size
27 kB (26812 bytes)
Hash
fd6b32c4721c8c5b477a367a2a60cf38
5e35ed38b7e9ab6857be9f891f87ef5b00578efc
464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028

HTTP Headers

GET /af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26812
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 22:55:31 GMT
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

142.250.74.72

200 OK

117 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (56012)
Size
117 kB (117279 bytes)
Hash
2cc4b3b7ad943bee4c0a5b696e846c9c
e065f5a399c0c1bdd4134ec15a350fefd24ecebc
d12302a8c3adc8c505441f9b5542486cb0113b6637eb93c6a3c2d5da33391143

HTTP Headers

GET /gtm.js?id=GTM-NKRVP76 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 22:55:31 GMT
expires: Wed, 24 Apr 2024 22:55:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 22:11:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 117279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P95MDDF

142.250.74.72

200 OK

120 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P95MDDF
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (58328)
Size
120 kB (119579 bytes)
Hash
b4f6db443c58fe9b4fcd6f8be4039521
8ca3b2acc0f2f66b9531cfed1b428154350bf0c7
03999f4cf46ea19f8408a4680748c9dc92753beeef6938b7aaa76c1f12f8ef59

HTTP Headers

GET /gtm.js?id=GTM-P95MDDF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 22:55:31 GMT
expires: Wed, 24 Apr 2024 22:55:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 22:17:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 119579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

216.58.207.227

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13820, version 1.0
Size
14 kB (13820 bytes)
Hash
2dd698f2699a5ef991625825011bff90
523ff9357131751e57dd78cb92b218a49a130d1d
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5

HTTP Headers

GET /s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:34:36 GMT
expires: Fri, 18 Apr 2025 02:34:36 GMT
cache-control: public, max-age=31536000
age: 591655
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c

142.250.74.72

200 OK

100 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
100 kB (99899 bytes)
Hash
9f9d60eb3440d5409957b2f2822a626e
5560672e721b7edd9b57a2274d86cf4f676dae43
b4f5baa647c61bac70dcf942d83c16c8b8b64872e3d9516aec424a2ba18473b3

HTTP Headers

GET /gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 22:55:31 GMT
expires: Wed, 24 Apr 2024 22:55:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d2z65klgtz99km.cloudfront.net/AWN/awn_chaosrally_0324/chaos-rally-bg.jpg

54.230.241.121

200 OK

324 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/awn_chaosrally_0324/chaos-rally-bg.jpg
IP
54.230.241.121:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x694, components 3
Size
324 kB (324495 bytes)
Hash
de7f717bc2ce75a31c9cf8a0fef79560
33bfb9a3994d0ca0eef217bdabd4a10c72a988b8
4b1275cb5efd35bf56390140280792462f3d732418e70a7d97a4a6167bb0eadb

HTTP Headers

GET /AWN/awn_chaosrally_0324/chaos-rally-bg.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 324495
server: nginx
date: Fri, 15 Mar 2024 20:08:14 GMT
last-modified: Tue, 12 Mar 2024 13:59:34 GMT
cache-control: max-age=31536000
expires: Sat, 15 Mar 2025 20:08:14 GMT
etag: "65f05fc6-4f38f"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xziIkDhDcB9gPYiacWPUPr6alAkLAzIhGxl2SkCeEdac2RSDamwNhQ==
age: 3466037
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 6GtTQ+CwnB3NlnFRQ9Xhq0Re2v0itwNGKiyFVPjMYOgvbwziZizLS0BvhDjcZ/ePM3BHWAEQS2I=
x-amz-request-id: T2HV0KRPZ7NM2E8X
date: Wed, 24 Apr 2024 22:08:38 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2814
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 6GtTQ+CwnB3NlnFRQ9Xhq0Re2v0itwNGKiyFVPjMYOgvbwziZizLS0BvhDjcZ/ePM3BHWAEQS2I=
x-amz-request-id: T2HV0KRPZ7NM2E8X
date: Wed, 24 Apr 2024 22:08:38 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2814
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 6GtTQ+CwnB3NlnFRQ9Xhq0Re2v0itwNGKiyFVPjMYOgvbwziZizLS0BvhDjcZ/ePM3BHWAEQS2I=
x-amz-request-id: T2HV0KRPZ7NM2E8X
date: Wed, 24 Apr 2024 22:08:38 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2814
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 6GtTQ+CwnB3NlnFRQ9Xhq0Re2v0itwNGKiyFVPjMYOgvbwziZizLS0BvhDjcZ/ePM3BHWAEQS2I=
x-amz-request-id: T2HV0KRPZ7NM2E8X
date: Wed, 24 Apr 2024 22:08:38 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2814
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=537684902.1713999332&gtm=45je44m0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1051002144

172.217.21.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=537684902.1713999332&gtm=45je44m0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1051002144
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=537684902.1713999332&gtm=45je44m0v9122066590z8811578897za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1051002144 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 22:55:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/8p6wbm2hqg.json

151.101.130.132

200 OK

1.8 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/8p6wbm2hqg.json
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JSON text data
Size
1.8 kB (1761 bytes)
Hash
6900fa5c7e64807331984918b72506ec
037620d16fbfdd81ff15dd6ca12c8265630543ce
93073173903941e0cb7588032923ff57e98a540ea31b83036e6bd295e53a1080

HTTP Headers

GET /embed/medias/8p6wbm2hqg.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"93073173903941e0cb7588032923ff57"
x-request-id: 06411d9b-c9c3-45e8-a917-c0f59e7dd5f5
x-runtime: 0.055726
content-encoding: br
x-envoy-upstream-service-time: 57
via: 1.1 309e9e958e8d35f7e17ae8ac267b7dea.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD12-P1
x-amz-cf-id: iAXk8pJnP-tXCEn74bz1u6qXxTeucyxastWQdai3CG1H1me6SwroVA==
accept-ranges: bytes
age: 11018
date: Wed, 24 Apr 2024 22:55:32 GMT
x-served-by: cache-iad-kiad7000130-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 94, 0
x-timer: S1713999332.007706,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1761
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/apple-touch-icon.png

44.210.42.183

200 OK

3.0 kB

URL GET HTTP/2
paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
44.210.42.183:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
Fingerprint9F:5E:5C:45:8B:D7:39:29:DA:7C:07:64:1E:F0:C5:D7:22:AE:AB:4D
ValidityWed, 10 Apr 2024 16:51:00 GMT - Tue, 09 Jul 2024 16:50:59 GMT

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced
Size
3.0 kB (3017 bytes)
Hash
dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:55:32 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/favicon-16x16.png

44.210.42.183

200 OK

587 B

URL GET HTTP/2
paradigmpressgroup.com/favicons/favicon-16x16.png
IP
44.210.42.183:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
Fingerprint9F:5E:5C:45:8B:D7:39:29:DA:7C:07:64:1E:F0:C5:D7:22:AE:AB:4D
ValidityWed, 10 Apr 2024 16:51:00 GMT - Tue, 09 Jul 2024 16:50:59 GMT

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced
Size
587 B (587 bytes)
Hash
2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:55:32 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10082412.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10082412.json
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: YBXH1FGYR0CJ2XX2
x-amz-id-2: kF7lLeCk7+MXmAxYwqV49Z/iJ/r8AfjxS5CHYLNTOQhrBM4rWRJ6//LhsTITuALhB1Bi6ROX649YpfVXa+dsMzLicFAAxZ/HsrgnvyR+y8s=
content-type: application/json
date: Wed, 24 Apr 2024 22:12:54 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2558
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10114794.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10114794.json
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 3QBMEDEYA3BFSK75
x-amz-id-2: qwlX/ejSDz0gb5V2i9PR0A6x4lhUcAnZ8HDi2iB4eMd76/aylM5jbhAhpf8ouVScPjUUyEa4puw=
content-type: application/json
date: Wed, 24 Apr 2024 22:00:11 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 3321
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10125189.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10125189.json
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: DD3MQ6REF9GT4ZZH
x-amz-id-2: nLZN3gXDF/Ws/d8K9uV5a30Q4DC75z8mi2l5VfDtFOhYJGnpsNb2fvxjcWr2ztMSHm/aLP7tKxw=
content-type: application/json
date: Wed, 24 Apr 2024 22:11:51 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2621
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10091245.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10091245.json
IP
87.248.119.251:443
ASN
#203220 Yahoo-UK Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerDigiCert Inc
Subject*.fantasysports.yahoo.com
FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB
ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 5DACC8T2AG2QJYFA
x-amz-id-2: S1aaZsZAipvWEI9liFEUEhuEwvhh2dfHza9dtpKqgOgykla58HkNFi4GUerxaOjDmkzTFSO4v7A=
content-type: application/json
date: Wed, 24 Apr 2024 22:27:34 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 1678
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/googleAnalytics4.js

151.101.130.132

200 OK

4.5 kB

URL GET HTTP/2
fast.wistia.com/assets/external/googleAnalytics4.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (17654)
Size
4.5 kB (4476 bytes)
Hash
125fa6aa86400029af6299aa435df040
216871e2474a3ee803e1c33629114ea5a37181b0
aad103f9dea1d7462e57569b46a915d35a702958c6071b86b867a780df5a91a8

HTTP Headers

GET /assets/external/googleAnalytics4.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 20:03:57 GMT
etag: "8f6950dab8a3f2d3cbcebfb350d07236"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:32 GMT
age: 2997
x-served-by: cache-iad-kiad7000047-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 67, 65
x-timer: S1713999332.159012,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4c28c160e6e9b44cd0508d30268df2ca31ca7dc8
content-length: 4476
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.130.132

200 OK

22 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
22 kB (21596 bytes)
Hash
7845f53703880c301c91e55dacfb2730
a91923e2fe5f5a139f65a41682cee83637c636bf
441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 24 Apr 2024 20:03:57 GMT
etag: "054f6647c2b3166c5479ecec2e1cdb23"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:32 GMT
age: 2997
x-served-by: cache-iad-kiad7000026-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 14, 49
x-timer: S1713999332.189356,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4c28c160e6e9b44cd0508d30268df2ca31ca7dc8
content-length: 21596
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/awn_chaosrally_0324/Jim-ctp-800px.webp

54.230.241.121

200 OK

4.0 MB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/awn_chaosrally_0324/Jim-ctp-800px.webp
IP
54.230.241.121:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.0 MB (3962480 bytes)
Hash
b2378a035ce925a3c216e683250858cd
b5b240ea8cd23d37b557abfe5c18298876fff50f
da221df132181d1e4b6a389bd024053d81208ad092f204fe7521e56c05052651

HTTP Headers

GET /AWN/awn_chaosrally_0324/Jim-ctp-800px.webp HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 3962480
server: nginx
date: Tue, 23 Apr 2024 04:54:50 GMT
last-modified: Fri, 15 Mar 2024 20:20:19 GMT
cache-control: max-age=172800
expires: Thu, 25 Apr 2024 04:54:50 GMT
etag: "65f4ad83-3c7670"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UAlSZxuwfp4I9doLIjUGQ0NSprd78u3TCX23HpNhpX1uE5o4XGDqmw==
age: 151242
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2027

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2027
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2027 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2054

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2054
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2054 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=awn_aware&_c=1&tfd=2054

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=awn_aware&_c=1&tfd=2054
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=4&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=awn_aware&_c=1&tfd=2054 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2046

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2046
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Click%20Report&tfd=2046 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/hls_video.js

151.101.130.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (118197 bytes)
Hash
0d0944584a2e0b7299c788dfbcc6224b
dbafb5834a1553d168e2e61633d9dfb37d29a438
c6c26035fb90773bae20e3accc00fe4bf7368ac9eb802ce0ee066ffb3f89b738

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 24 Apr 2024 20:03:57 GMT
etag: "eb7dd49fb6d9bc27920e7403bf0de676"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:32 GMT
age: 2997
x-served-by: cache-iad-kcgs7200058-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 13, 28
x-timer: S1713999333.511943,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4c28c160e6e9b44cd0508d30268df2ca31ca7dc8
content-length: 118197
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c

142.250.74.72

200 OK

94 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
94 kB (94115 bytes)
Hash
96278fc8ad1d38beef382f0c96dd8054
8dea38e254ae81932b276428fc5582afd152ad92
b6a60d365d7fba24914c811599ad7778bcc81f00e9ca3223580c751d512c8c2f

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 22:55:33 GMT
expires: Wed, 24 Apr 2024 22:55:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C

142.250.74.72

200 OK

94 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
94 kB (94070 bytes)
Hash
b4ec2e9fac8dd02945ec8d285b414959
6b6982243ea96e094b76472419c960b3ea8afdf2
e214e7d3f83d73d26e5572673ae8b0ff8532b747339337557c14ce7b1f650d07

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 22:55:33 GMT
expires: Wed, 24 Apr 2024 22:55:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

distillery.wistia.com/x

54.230.111.55

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.55:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1668
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 24 Apr 2024 22:55:33 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 10
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w4xwgdKi1UpIuagxiQzSNqoLQvXIgfARzaajZV4sYNIzvaCffltunQ==
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.130.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:33 GMT
age: 311
x-served-by: cache-iad-kcgs7200077-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 2
x-timer: S1713999333.223110,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/8p6wbm2hqg.m3u8

151.101.130.132

200 OK

943 B

URL GET HTTP/2
fast.wistia.com/embed/medias/8p6wbm2hqg.m3u8
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
M3U playlist, ASCII text
Size
943 B (943 bytes)
Hash
dd99f9a372e8c1f775f677ec5900a7eb
300585086dd91474899cc861b76f799080202534
7554c26e53e85264650943faafd9cd1d2d0d3ff8f1e5a47f0290b682396ad923

HTTP Headers

GET /embed/medias/8p6wbm2hqg.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"7554c26e53e85264650943faafd9cd1d"
x-request-id: 98b640a9-461f-4ec5-b450-5fab6de42511
x-runtime: 0.033834
x-envoy-upstream-service-time: 37
via: 1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD61-P1
x-amz-cf-id: 41x8a2rtObq3uwYBsypOV5MesFGeQ9xCgqdYHxRCNIaRHofPd2_voA==
accept-ranges: bytes
age: 7701
date: Wed, 24 Apr 2024 22:55:33 GMT
x-served-by: cache-iad-kjyo7100170-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1029, 0
x-timer: S1713999333.222907,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 943
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.130.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (23371)
Size
5.8 kB (5773 bytes)
Hash
d5dd13ae4e2cc9dbc4601c4d95143418
13405305698ad9cc7f44a86871fa1c0d057a9bf4
709f139528814cc9d5158ed469a578082a81607df49b40e41a6fb4b240567ecd

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 24 Apr 2024 20:03:57 GMT
etag: "4d5cbf7cb285a542334e7de7bc37ed93"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:55:33 GMT
age: 2999
x-served-by: cache-iad-kjyo7100122-IAD, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 78, 32
x-timer: S1713999333.284602,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4c28c160e6e9b44cd0508d30268df2ca31ca7dc8
content-length: 5773
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.100

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.100:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1107
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Wed, 24 Apr 2024 22:55:33 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
server: envoy
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -wVgtaVES9QkfjDfWRFaSZGuJvec44sdjjC59XxeVgWUXhk8RsUVcg==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8

143.204.55.103

200 OK

85 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
85 kB (85168 bytes)
Hash
2df3655f266cd6857212261db1c9805c
e98546e62c5fbd7ce15d3cfd6b3ed18403e25131
35d5192dc478bf1208be64ef3a325d354b72b57684adc54a506ac705d811ca00

HTTP Headers

GET /deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 85168
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2-hls-segment
surrogate-key: a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 160
date: Wed, 24 Apr 2024 07:20:44 GMT
expires: Thu, 24 Apr 2025 07:20:44 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iaterAqaJOlzEb8lhslxxe4Pd2C_Tlo44T_oJS9iUeEFBP42hrcDOQ==
age: 56089
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8/seg-1-v1-a1.ts

143.204.55.103

200 OK

761 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8/seg-1-v1-a1.ts
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
761 kB (761400 bytes)
Hash
d858f57241e8df950a0233e987373fec
5020e20f357916f705e11e566e7440ae47923311
a31a7b5a310e4ef6cf4e0e72dc3c893ebed914e852490758e30ec6e5687dbe54

HTTP Headers

GET /deliveries/a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 761400
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2-hls-segment
surrogate-key: a076b6fb1aa42a87bb1c3021a3038d632dd9bbe2-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 86
date: Sat, 20 Apr 2024 03:07:22 GMT
expires: Sun, 20 Apr 2025 03:07:22 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qMl1XHVg5ibODZ9zR_NvksEtFXfXrcBTsaG9YCX9Q3c5gu6vIQlTQQ==
age: 416891
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/595d55c6f1b5e15feb22484f907926e0cf410a7d.m3u8

143.204.55.103

200 OK

85 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/595d55c6f1b5e15feb22484f907926e0cf410a7d.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
85 kB (85168 bytes)
Hash
300beb02cba757784b4dc3268c3b1aea
f3c0baa87ea569602aad0a61374340544b5c45bf
5691f76b88bb0a3caadd81904df1d9155beb1704ec3c76a7b54cbfedfeb99771

HTTP Headers

GET /deliveries/595d55c6f1b5e15feb22484f907926e0cf410a7d.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 85168
server: envoy
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 595d55c6f1b5e15feb22484f907926e0cf410a7d-hls-segment
surrogate-key: 595d55c6f1b5e15feb22484f907926e0cf410a7d-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 161
date: Wed, 24 Apr 2024 02:39:04 GMT
expires: Thu, 24 Apr 2025 02:39:04 GMT
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vLAvEoMH9Cr7ueJ1q0rtnQuNQJiMoz39KE6TDktXzrdXWVcykk1iug==
age: 72989
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

api.getblueshift.com/unity.gif?t=1713999333&e=pageload&r=&z=492331&x=59976d352f424c4b27d325518576b9b2&k=926fe617-4b67-0e07-ab6c-95628ef6fdc3&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue

44.231.112.93

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1713999333&e=pageload&r=&z=492331&x=59976d352f424c4b27d325518576b9b2&k=926fe617-4b67-0e07-ab6c-95628ef6fdc3&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue
IP
44.231.112.93:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
FingerprintD1:61:A7:FF:D0:FD:A2:46:9B:FE:0C:A8:F1:8A:A9:24:9B:70:04:65
ValidityWed, 07 Feb 2024 00:00:00 GMT - Fri, 07 Mar 2025 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1713999333&e=pageload&r=&z=492331&x=59976d352f424c4b27d325518576b9b2&k=926fe617-4b67-0e07-ab6c-95628ef6fdc3&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:55:33 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: https://pro.paradigmnewsletters.org
access-control-expose-headers: etag
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.100

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.100:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2213
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Wed, 24 Apr 2024 22:55:34 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
server: envoy
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TyswCULFhOLGQM-xYjUuK805w8lo5FAWPqseCg6r2lwW4cTX__ScKg==
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&_s=5&tfd=7400

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&_s=5&tfd=7400
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&_s=5&tfd=7400 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=11980

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=11980
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z8811578897za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=6&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=11980 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=16980

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=16980
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je44m0v9122066590z878323495za200&_p=1713999331211&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=537684902.1713999332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=7&sid=1713999331&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_chaosrally_0324%2FLAWN4392%2F%3Fcake_s1%3D04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad%26h%3Dtrue&dt=BIDEN%20OUT%20JUNE%2013&en=Engagement&tfd=16980 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Wed, 24 Apr 2024 22:55:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Bebas+Neue&display=swap

142.250.74.170

200 OK

799 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Bebas+Neue&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (817), with no line terminators
Size
799 B (799 bytes)
Hash
c493231efba2219e3348f16e938d7380
95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c
ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0

HTTP Headers

GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 22:55:30 GMT
date: Wed, 24 Apr 2024 22:55:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

go.goodlifestylenews.com/BidenChaos0324/1b57dbff03b5148711f102c3bc5b9092/55/leadsource/2578/1610/4a9834ecac99f8a72a7e3bb0819f9019/mpmta

172.67.172.49

302 Found

0 B

URL User Request GET HTTP/2
go.goodlifestylenews.com/BidenChaos0324/1b57dbff03b5148711f102c3bc5b9092/55/leadsource/2578/1610/4a9834ecac99f8a72a7e3bb0819f9019/mpmta
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /BidenChaos0324/1b57dbff03b5148711f102c3bc5b9092/55/leadsource/2578/1610/4a9834ecac99f8a72a7e3bb0819f9019/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 22:55:27 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=1b57dbff03b5148711f102c3bc5b9092&product=44769&ar=55&cid=2578&lid=1610&slhash=4a9834ecac99f8a72a7e3bb0819f9019&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Wed, 24 Apr 2024 23:05:26 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaG2YqZXQWVcHXMlRbWK2B%2BlNpdh5pDFbasFDAAIiYhnPgSFDMN%2BO8otcqqjQl5Yp788VismIACttv3cLxZIz0NnwFBwR5PragmNj5uceKE1J7qZ3l6vUt6wpCEhVTIAiuEussEmEc7kGDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799ae4db98eb517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/css/base-styles.css

54.230.241.121

200 OK

3.4 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/css/base-styles.css
IP
54.230.241.121:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_chaosrally_0324/LAWN4392/?cake_s1=04_153027636_4e55fe58-a75a-498e-9761-f858197d14ad&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3424), with no line terminators
Size
3.4 kB (3414 bytes)
Hash
51f40e7db924251b27b19054b4593625
3984c3e46770d3434ca14e02435d4f4a1d3d51f8
881e23c64e57d67d436f55f470840633ad3b819b03e427d830f79bc942a87228

HTTP Headers

GET /css/base-styles.css HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 29 Mar 2024 13:32:42 GMT
last-modified: Fri, 28 Jul 2023 14:10:52 GMT
cache-control: max-age=2592000
expires: Sun, 28 Apr 2024 13:32:42 GMT
etag: W/"64c3cc6c-d56"
x-powered-by: PleskLin
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _4AgMqcEXKPLTO2RPtxF7W5k0-PHiw82kSCAfTXOa-3JQhEoSzxc3A==
age: 2280168
X-Firefox-Spdy: h2

verifiedwebpage.com/go?ehash=1b57dbff03b5148711f102c3bc5b9092&product=44769&ar=55&cid=2578&lid=1610&slhash=4a9834ecac99f8a72a7e3bb0819f9019&mtaid=mpmta&cid2=[s8]

104.18.21.187

302 Found

0 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=1b57dbff03b5148711f102c3bc5b9092&product=44769&ar=55&cid=2578&lid=1610&slhash=4a9834ecac99f8a72a7e3bb0819f9019&mtaid=mpmta&cid2=[s8]
IP
104.18.21.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=1b57dbff03b5148711f102c3bc5b9092&product=44769&ar=55&cid=2578&lid=1610&slhash=4a9834ecac99f8a72a7e3bb0819f9019&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 24 Apr 2024 22:55:28 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=468053&AFID=430135&SID=3415433504656277664
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=e628dc31ac0f6c704f985be08f9fa08a; path=/
pixel_session_hash_44769=3415433504656277664; expires=Fri, 24-May-2024 22:55:26 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_44769=987dfaa07cf94719593c1646211817a87fc665d9d8ecee9707c804cd7d0fbe76; expires=Fri, 26-Apr-2024 22:55:26 GMT; Max-Age=172800
__cf_bm=ECqFiud5wfGmdQ21PnX2P.86mGYTKVho3FHutmAxNcI-1713999328-1.0.1.1-zM2_qMZuSeVFhPf6suTJf9qgwWYeuXh1vveMDJejfPElpMPqu4yVK4KLinIaJYeUxnc_ftXuy.JNCaeWx3FlzQ; path=/; expires=Wed, 24-Apr-24 23:25:28 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8799ae526ef9b503-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by