gunmaxx.com/campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da
301 Moved Permanently 178 B URL HTTP/1.1 gunmaxx.com/campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
Analyzer Verdict Alert fortinet Malware
GET /campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da HTTP/1.1
Host: gunmaxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 19 Nov 2022 11:30:53 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gunmaxx.com/campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2838
Expires: Sat, 19 Nov 2022 12:18:11 GMT
Date: Sat, 19 Nov 2022 11:30:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4391
Cache-Control: max-age=87205
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:53 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:44:18 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 10:45:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2745
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3515
Expires: Sat, 19 Nov 2022 12:29:28 GMT
Date: Sat, 19 Nov 2022 11:30:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jWiz0RJ7mw79s9wkw+EwilrRlGWwpuL+xDWJ2maPfkbh4t9jNx/WlgieTwvhexj6rngp7SGV2cE=
x-amz-request-id: BN7KJF2J3CGPAJRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 10:53:20 GMT
age: 2253
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:30:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 10:44:49 GMT
cache-control: public,max-age=3600
age: 2764
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0003ef5b75010a40b64a8c1cb9b2d5bc
b73107b4d07da5bc47467af239a7f86b7b96d99c
8ed09d7c0c5fa2383ba0e1fba79f197a4427c5bdb9605b819da62e5570cfea4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8ED09D7C0C5FA2383BA0E1FBA79F197A4427C5BDB9605B819DA62E5570CFEA4C"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 17:30:53 GMT
Date: Sat, 19 Nov 2022 11:30:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5422
Cache-Control: max-age=169581
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:53 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:37:14 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bup01yefGsvUTRLceAeOKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 91iwOytT1ji53TFTVXECKuPCCcs=
gunmaxx.com/campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da
301 Moved Permanently 0 B URL HTTP/1.1 gunmaxx.com/campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /campaigns/yf114lbr83a3e/track-url/cz211e74cy424/f3ebaa6088c007120baa3bc0a482b5ddfc6a44da HTTP/1.1
Host: gunmaxx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 19 Nov 2022 11:30:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: mwsid=ntp8j06ddi2qq7bhktkot4etnk; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 19 Nov 2022 11:30:53 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://go.offerwave.org/aff_c?offer_id=1361&aff_id=1416&source=cpnldedoffer&aff_sub=111822
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5df4eff218574992ebc0f0492dc85f10
557c99d1e18845291b4471a3f9fe96d2d871ff0e
af9349a226859e4cc9e9481c52e249183e2e4007723d84a6c47f798844996a08
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138940
Date: Sat, 19 Nov 2022 11:30:54 GMT
Etag: "63783a2a-1d7"
Expires: Mon, 21 Nov 2022 02:06:34 GMT
Last-Modified: Sat, 19 Nov 2022 02:06:34 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fOh_KYCs5yNVTDPIjXAB5iM62yyNR2VIgf1qtqixO9PPJQ0ZC9ZLKg==
go.offerwave.org/aff_c?offer_id=1361&aff_id=1416&source=cpnldedoffer&aff_sub=111822
302 Found 340 B URL HTTP/1.1 go.offerwave.org/aff_c?offer_id=1361&aff_id=1416&source=cpnldedoffer&aff_sub=111822
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a5fe40df7f19bb4bafe57c59a27583a8
a09318629e01943e230e51eecd441453994df170
1dcfa708ec1b4b0cc05bbea92d5124ff7187d779350f14f6eb35344a5f0f2756
GET /aff_c?offer_id=1361&aff_id=1416&source=cpnldedoffer&aff_sub=111822 HTTP/1.1
Host: go.offerwave.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 19 Nov 2022 11:30:54 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 340
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://reader215.go2cloud.org/aff_c?offer_id=329&aff_id=1103&aff_sub=111822&aff_sub5=102e3aa45c5ed151aa8a825957941e&aff_sub4=&aff_sub3=
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1361=ENC038f7ec2fa024c4c4336a7bf28e30f9a13aa6e4e9e606b4058e1dbb816d768ce387d1eff002c98ddbbbfad5a275d2a8b0ed0f591ba423963f70cbbda62a1ec84bdd6f23c7aa7343a98c3429cf071d52f3901bb5bf03604edc1e9202c8d64735dcd16046694417b215f52c3455301d87f466d3dc0631213203107721871cd74422e188561d1; expires=Mon, 19 Dec 2022 11:30:54 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 13 Oct 2025 22:10:54 GMT; path=/; SameSite=None; Secure
Tracking_id: 102e3aa45c5ed151aa8a825957941e
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: b173dfda74af8446f402d65b4683b6b5
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 480d9544c7dacabd88008285bd6144d0
e1e7d0a2fc912c4e2d04ffb83f65ebdce679a458
0e24abbf9ba714d58457650c7ff619774b68232be757989c6d8729102d7b9bcd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109570
Date: Sat, 19 Nov 2022 11:30:55 GMT
Etag: "6377b32b-1d7"
Expires: Sun, 20 Nov 2022 17:57:05 GMT
Last-Modified: Fri, 18 Nov 2022 16:30:35 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JlMwgJA_5qXgqkBYIFdFE2OU5xk2CYAcZek_tHPDQmVAjc3czKg_jQ==
Age: 5190
reader215.go2cloud.org/aff_c?offer_id=329&aff_id=1103&aff_sub=111822&aff_sub5=102e3aa45c5ed151aa8a825957941e&aff_sub4=&aff_sub3=
302 Found 408 B URL HTTP/1.1 reader215.go2cloud.org/aff_c?offer_id=329&aff_id=1103&aff_sub=111822&aff_sub5=102e3aa45c5ed151aa8a825957941e&aff_sub4=&aff_sub3=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a1f24d2bf11446493ec933e300b73367
a1f0c1268b6d3655a86221343b91c7dc65d7e720
34758fbd62aa085ff4666b6e252da7cf9cc2c99a7167ebd5a3a518119b16c0e2
GET /aff_c?offer_id=329&aff_id=1103&aff_sub=111822&aff_sub5=102e3aa45c5ed151aa8a825957941e&aff_sub4=&aff_sub3= HTTP/1.1
Host: reader215.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 19 Nov 2022 11:30:55 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 408
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: /aff_r?offer_id=329&aff_id=1103&url=http%3A%2F%2F470kwc2.com%2Fclk.trk%3FCID%3D444362%26AFID%3D515290%26SID%3D1103%2C%26AffiliateReferenceID%3D102ec60d38c8cdfff8b1e712134a7a&urlauth=351394672842790518581486992272
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_329=ENC03ca9d840f7771b9c2813d60e2e28b647389fa6d3d983ea9d5e9bc616565578dd851b40a2494cde9aaf63ded14dbee506e2bcd3e7fab7665843b09881453d7725d60f4c3b31c54720c0b31be48d50860aed30e462caa969f4aa2cb2f5e8f361d4e625ea8b7847088b3706fe6f7e6434471566de07b82a7e0433dfa74b87b3feadeb2c70c516c27e6d158023fedd1d817b191c1ad047d0ee9d87e10963392fe49b620405759; expires=Mon, 19 Dec 2022 11:30:55 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 13 Oct 2025 22:10:55 GMT; path=/; SameSite=None; Secure
Tracking_id: 102ec60d38c8cdfff8b1e712134a7a
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 2b396927e83806ee49da2e8bf8d81e3e
Access-Control-Allow-Headers: Tune-SDK-Version
reader215.go2cloud.org/aff_r?offer_id=329&aff_id=1103&url=http%3A%2F%2F470kwc2.com%2Fclk.trk%3FCID%3D444362%26AFID%3D515290%26SID%3D1103%2C%26AffiliateReferenceID%3D102ec60d38c8cdfff8b1e712134a7a&urlauth=351394672842790518581486992272
302 Found 307 B URL HTTP/1.1 reader215.go2cloud.org/aff_r?offer_id=329&aff_id=1103&url=http%3A%2F%2F470kwc2.com%2Fclk.trk%3FCID%3D444362%26AFID%3D515290%26SID%3D1103%2C%26AffiliateReferenceID%3D102ec60d38c8cdfff8b1e712134a7a&urlauth=351394672842790518581486992272
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f95eef19a8045cd45fa8e846a46959d2
0a67dcca79dd12b16032f6b6aaa5124659836802
69106cecc013502b94398e2a6214f036c3b7cb2193ef0a46fa27c77de72e1228
GET /aff_r?offer_id=329&aff_id=1103&url=http%3A%2F%2F470kwc2.com%2Fclk.trk%3FCID%3D444362%26AFID%3D515290%26SID%3D1103%2C%26AffiliateReferenceID%3D102ec60d38c8cdfff8b1e712134a7a&urlauth=351394672842790518581486992272 HTTP/1.1
Host: reader215.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_329=ENC03ca9d840f7771b9c2813d60e2e28b647389fa6d3d983ea9d5e9bc616565578dd851b40a2494cde9aaf63ded14dbee506e2bcd3e7fab7665843b09881453d7725d60f4c3b31c54720c0b31be48d50860aed30e462caa969f4aa2cb2f5e8f361d4e625ea8b7847088b3706fe6f7e6434471566de07b82a7e0433dfa74b87b3feadeb2c70c516c27e6d158023fedd1d817b191c1ad047d0ee9d87e10963392fe49b620405759; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 19 Nov 2022 11:30:55 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 307
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://470kwc2.com/clk.trk?CID=444362&AFID=515290&SID=1103,&AffiliateReferenceID=102ec60d38c8cdfff8b1e712134a7a
Pragma: no-cache
Access-Control-Allow-Origin: *
X-Request-Id: 29dae138f243249ef21dde79f683b1ab
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5057
Expires: Sat, 19 Nov 2022 12:55:12 GMT
Date: Sat, 19 Nov 2022 11:30:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5057
Expires: Sat, 19 Nov 2022 12:55:12 GMT
Date: Sat, 19 Nov 2022 11:30:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 84839dd7a1d5d50d40a848e92d3ae6ca
150c83236b3518afce551ef94e2c3dddc275ce3f
fb9fffd5dafa855d3f16aefcdf31f656ea5219547a91b336ab41a998ead28050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6103
x-amzn-requestid: 4f0d1ea8-611c-48cf-be66-dd26b6d56a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubTBFxDoAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5ac-4222e7656cb7a56b557d5b13;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eVbxWxzd0WCUQKztoedT6XAn3I3d2LApn8W0usl5HXTmMl8qCjrBnA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 04:04:52 GMT
age: 26763
etag: "150c83236b3518afce551ef94e2c3dddc275ce3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 50070
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 28022
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MFN-Yhp70fPLS4R_tVxEvzt-YQ7COwXaXrmifEfXfpiC0epJHSJq7w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 50070
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b428c8fece61cb8500ff6f6152efcc0
2667b5a57a13817a95e2e82b0f96dc3456afca00
53403b823626d7cd0b88f33e924b55274c7283397075d074303faaf4eaafdc49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9235
x-amzn-requestid: 01e6ce53-df49-40c9-8002-4f063d085898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: beZlTE9oIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f3c88-6470fa1b7a9ad45e63fc485c;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 06:26:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1HrMFgOYkXaPg5VO1MRTQSNNf0JN9GL5PfLk-STEWg-1h01SmSs4wg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 12:39:59 GMT
age: 82256
etag: "2667b5a57a13817a95e2e82b0f96dc3456afca00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: e42f040e-a2f9-4538-bbaf-f1e64719f424
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsmpGr5oAMFsmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e2a-15b03190049271db549b1770;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:15:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OjQm2RW65ZJDsUNay0untDwlufnFhXHwbpfAnCwEK3seEDiPIKrnfQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:00:02 GMT
age: 16253
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
470kwc2.com/clk.trk?CID=444362&AFID=515290&SID=1103,&AffiliateReferenceID=102ec60d38c8cdfff8b1e712134a7a
302 Found 216 B URL HTTP/1.1 470kwc2.com/clk.trk?CID=444362&AFID=515290&SID=1103,&AffiliateReferenceID=102ec60d38c8cdfff8b1e712134a7a
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 17ba2be1c651ed71b757e3ba9f51cec6
228badbcf9587f6c8153e0c8686baf85ccb877b6
74bd5376c9ee70d9d27f2926c362fb2f7e4c4e2dc38b88fc0faa0815a3fc7535
GET /clk.trk?CID=444362&AFID=515290&SID=1103,&AffiliateReferenceID=102ec60d38c8cdfff8b1e712134a7a HTTP/1.1
Host: 470kwc2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 19 Nov 2022 11:30:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 216
Connection: keep-alive
Cache-Control: private
Location: https://pro.paradigm-press.info/m/2062983?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2
P3P: policyref="/p3p/P3P.470kwc2.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version: 4.0.30319
Set-Cookie: LTTC6_444362=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2; expires=Sat, 26-Nov-2022 11:30:55 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1a1bbdfde779608971a342ff05ff04ee
0ef63fa0bd5d63914e91c8a7a700f5e67a19dc30
f9569a48468d746f485f49c6863d82762bb343e9a0a429e53dc2f41db45b2882
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9569A48468D746F485F49C6863D82762BB343E9A0A429E53DC2F41DB45B2882"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7710
Expires: Sat, 19 Nov 2022 13:39:26 GMT
Date: Sat, 19 Nov 2022 11:30:56 GMT
Connection: keep-alive
pro.paradigm-press.info/m/2062983?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2
301 Moved Permanently 11 kB URL HTTP/1.1 pro.paradigm-press.info/m/2062983?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (10616), with CRLF line terminators
Hash 73dd7a911afc37af3a81855ec7079b5e
3e0196d7fd03e97cc8be2f61bbbead232e1898b2
8afb99095cabf101c8c4234c26d1cb081b8740943aedb322edc3bf4474f7400a
GET /m/2062983?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true
Date: Sat, 19 Nov 2022 11:30:55 GMT
Content-Length: 10825
Set-Cookie: 2062983=2433179; expires=Fri, 09-Dec-2022 11:30:56 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!g16z1yPdIGrNi7Y3LmAiyEF5T3V6aIj5sDEH48VdJd/3+7fSfWf+8Sa2VWfaJJv2y8gfLPPzmmfOVjY=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1a1bbdfde779608971a342ff05ff04ee
0ef63fa0bd5d63914e91c8a7a700f5e67a19dc30
f9569a48468d746f485f49c6863d82762bb343e9a0a429e53dc2f41db45b2882
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9569A48468D746F485F49C6863D82762BB343E9A0A429E53DC2F41DB45B2882"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7710
Expires: Sat, 19 Nov 2022 13:39:26 GMT
Date: Sat, 19 Nov 2022 11:30:56 GMT
Connection: keep-alive
pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true
200 OK 22 kB URL HTTP/1.1 pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31349), with CRLF, LF line terminators
Hash f8c4a9d51e0632b05a2c8c1f0459e34d
d150194eed514a824c397e8a45f0bdf4d63d5b94
52c2214b1965ab060f539b7553475e40f94e29bf2c0bd553a9089b81ff7e1434
GET /p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 19 Nov 2022 11:30:56 GMT
Content-Length: 21710
Set-Cookie: LAWNY876=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!Zmdxt760omDQqgA3LmAiyEF5T3V6aGAOFOGU0Y7dnB7cX2T40mP0xNLUBEtdTsH11kxIErJR5yZ2eWE=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
use.typekit.net/nfp7qni.css
200 OK 805 B URL HTTP/2 use.typekit.net/nfp7qni.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 37e4158b68dbde3c0ce48a3cc3e47058
f98f0ec9a1eb92c43a975eceddf5c627d1ab4f25
fffcefd48a6bca99695361344378731c95fe6b244e651ad44de12aa791152d38
GET /nfp7qni.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 805
date: Sat, 19 Nov 2022 11:30:57 GMT
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
200 OK 25 kB URL HTTP/2 browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
IP
File type ASCII text, with very long lines (65429)
Hash 5d7bd7b4bd3e1985565195a6b7303da3
ee3aeffdce223a5cbd443e1030a4427489c3aebb
8137356ea3968d00a12aa6bb32d490f5c1f4b140ff9ab43ff4bbe4308c5523f4
GET /7.14.0/bundle.tracing.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 18 Oct 2023 05:05:57 GMT
last-modified: Wed, 28 Sep 2022 12:12:25 GMT
etag: "5d7bd7b4bd3e1985565195a6b7303da3"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:57 GMT
age: 2787900
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 25261
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
p.typekit.net/p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Sat, 19 Nov 2022 11:30:57 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 15:01:07 GMT
expires: Thu, 16 Nov 2023 15:01:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 246590
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116578 bytes)
Hash bdbf97450fb5396e702c70c4ef72843b
33cc384ea8c58399a0f0fa7e5c5af39933dbdd9d
723ea9586814ce81666653937550b60d14bf5c405e424e4835f83cc9d14b8efd
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-1c762"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:57 GMT
age: 761
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 1590, 34
x-timer: S1668857457.291920,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116578
X-Firefox-Spdy: h2
pro.paradigmnewsletters.org/p/Scripts/Common.js
200 OK 1.1 kB URL HTTP/1.1 pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 531f759e66179bdfddd96426d458ea14
f3b2ae3c57a5d7a2032c0f7dbfd579a58bd632e7
c98b18c4cc6c2849d549ab55e124bfe800f31148614eddb33c8924bcf54d5e98
GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true
Connection: keep-alive
Cookie: LAWNY876=; BIGipServerIRIS_PROD_HTTPS_POOL=!Zmdxt760omDQqgA3LmAiyEF5T3V6aGAOFOGU0Y7dnB7cX2T40mP0xNLUBEtdTsH11kxIErJR5yZ2eWE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 05:43:09 GMT
Accept-Ranges: bytes
ETag: "1be39421f7d61:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 19 Nov 2022 11:30:56 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
200 OK 466 B URL HTTP/1.1 pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash f12dd6f3f31e259ecc2eca76c902110a
889141478801c49932231713181481ab28448053
589ccfb3b9d9dc8b4b640a699e2f18dad228af487d1b6d0eef255421dc883691
GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/?cake_s1=11_133705158_64bee208-45eb-4781-835b-0d941d8537e2&h=true
Connection: keep-alive
Cookie: LAWNY876=; BIGipServerIRIS_PROD_HTTPS_POOL=!Zmdxt760omDQqgA3LmAiyEF5T3V6aGAOFOGU0Y7dnB7cX2T40mP0xNLUBEtdTsH11kxIErJR5yZ2eWE=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 08 Nov 2017 21:07:14 GMT
Accept-Ranges: bytes
ETag: "0adf48cd558d31:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 19 Nov 2022 11:30:56 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12908, version 1.0\012- data
Hash 16665b9f4631861e47e30e227eea4da4
bf293bdca2aea57481dd3055cbfc8ae63e132302
3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a
GET /s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:05:39 GMT
expires: Tue, 14 Nov 2023 20:05:39 GMT
cache-control: public, max-age=31536000
age: 401118
last-modified: Wed, 27 Apr 2022 16:11:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23736, version 1.0\012- data
Hash e2cad968cb158b719d38375c5b4c2855
f70e8c03147accc3b9006a285998cb6c04cc19d9
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
GET /s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 07:01:22 GMT
expires: Fri, 17 Nov 2023 07:01:22 GMT
cache-control: public, max-age=31536000
age: 188975
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 17:15:33 GMT
expires: Wed, 15 Nov 2023 17:15:33 GMT
cache-control: public, max-age=31536000
age: 324924
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
200 OK 89 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
IP
File type ASCII text, with very long lines (56020)
Hash 89afdf934c1ca8c4d377465372754e47
a8ec8f9eea2fb5a9e5d143a35111a99ce7f96609
45e93ff1f08b9507855fd7b3e44650bd8324e1d1ff98d4eb13db0cbf273c3ec8
GET /gtm.js?id=GTM-NKRVP76 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 11:30:57 GMT
expires: Sat, 19 Nov 2022 11:30:57 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/AWN_BidenBucks_SecretArmyRelead_BG.jpg
200 OK 114 kB URL HTTP/2 d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/AWN_BidenBucks_SecretArmyRelead_BG.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.10.32, datetime=2022:08:02 16:52:23], progressive, precision 8, 1920x1080, components 3\012- data
Size 114 kB (114313 bytes)
Hash 278deb56a4c152b57e7bce62d6c3524d
339d607c634fadb5103beeb1941c798ab4ac1fff
6e0ea5f28f17fa862b5c0bac19255f4e15160d854be756b38cd28812c44d0d91
GET /AWN/AWN_bidenbucks_0622/AWN_BidenBucks_SecretArmyRelead_BG.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 114313
server: nginx
date: Wed, 03 Aug 2022 19:26:01 GMT
last-modified: Tue, 02 Aug 2022 20:53:11 GMT
cache-control: max-age=31536000
expires: Thu, 03 Aug 2023 19:26:00 GMT
etag: "62e98eb7-1be89"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f5-JtkvILqeBvRj7Oe4FECNM_jRuiGZVWp990ziIUrIip3GntZIw8A==
age: 9302696
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-spa-1216.min.js
200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 2572
x-timer: S1668857458.039351,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/xcricpp48g.json?callback=wistiajson1
200 OK 1.6 kB URL HTTP/2 fast.wistia.com/embed/medias/xcricpp48g.json?callback=wistiajson1
IP
File type ASCII text, with very long lines (5039), with no line terminators
Hash bdcc2fdb33c0f3a5bc8f7fd194c3183a
86005528bf442d23ee7bec67e73b040c9897d04d
954a870457724f4a516e1dacef0cca18f484ec19436eefd9c754529d35615c26
GET /embed/medias/xcricpp48g.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: W/"19b2a8a404f5540c6777517ff1d14eaf"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 04dcaca379518537c377ac8778f3842d
x-runtime: 0.063181
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 69122
x-served-by: cache-iad-kjyo7100126-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 138, 1
x-timer: S1668857458.090711,VS0,VE4
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1551
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/wistia-mux.js
200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP
File type ASCII text, with very long lines (65468)
Hash 8ca4953da62f6c8a05b7f2d7333a83f7
c68e554587e7e3dc6da836b6501e926ae543f933
9d7adbd9c2243a23cf7cb8ab534ce188da6f2b78d75e52ab79fb6af490dc6279
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-7a30"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 761
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 138, 19
x-timer: S1668857458.094570,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31280
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/playPauseLoadingControl.js
200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
File type ASCII text, with very long lines (60125), with no line terminators
Hash 7264d7b49eb6dc6eef062a9511cfd32e
d6724f77d675d740c895a283e4b8e3dbdd1719d5
6cca15bd7bbece1644b8b31db564da9659fa85f73ea22b814cb831cf0113a4e3
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-3e59"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 761
x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 20
x-timer: S1668857458.140637,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 15961
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 1fe7d90058e95b54760451f18aaa9e8e
096a878bad261df46a140852cf3edd5fe7ea3da0
c4bfa8d7fe3479f5fbdc54c06adbba13c0265679dd2f00ea437da2577f4396c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5098
Cache-Control: max-age=128242
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "6377fc7a-139"
Expires: Sun, 20 Nov 2022 23:08:20 GMT
Last-Modified: Fri, 18 Nov 2022 21:43:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/AWN_SecretArmy_CTP_800px.jpg
200 OK 61 kB URL HTTP/2 d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/AWN_SecretArmy_CTP_800px.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=GIMP 2.10.32, datetime=2022:08:03 11:32:19], progressive, precision 8, 800x450, components 3\012- data
Hash 880a6cffbb8b257d3e17d5dd394e8b27
636d8be320d79b7ce5132ce66ef719c12acd93aa
c9c9f6dbb1d6d5bce5514cd175b0eabe209cb07df72bea5f986bc42c3ad0b136
GET /AWN/AWN_bidenbucks_0622/AWN_SecretArmy_CTP_800px.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60792
server: nginx
date: Sat, 13 Aug 2022 10:41:25 GMT
last-modified: Wed, 03 Aug 2022 15:32:48 GMT
cache-control: max-age=31536000
expires: Sun, 13 Aug 2023 10:41:25 GMT
etag: "62ea9520-ed78"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LMtbSviYUa9eX8lvnPleE7u4KScfpwT5kNvUf0WYWzgT29kGSx0ELA==
age: 8470173
X-Firefox-Spdy: h2
cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
200 OK 23 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd911bf17b828cc7b163c32407c6b94d
6c3bf4461bec7a3510da9f2e5e415df47a6277e5
1aca435afb2a895d810c6abfdf3e1247ebec22c9ae273bebd97e800cf8c42792
GET /libs/amplitude-4.1.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 23381
date: Tue, 31 May 2022 06:00:54 GMT
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
etag: "dd911bf17b828cc7b163c32407c6b94d"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Ab72F2O7EEayrsY6N3cFncAqh5p3OPFm
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qlw7rMukM8I_bGr1MsEdKFv8pUwSJxMl56DQQ5lSpxrmqGpTdqLb6w==
age: 14880605
X-Firefox-Spdy: h2
dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
200 OK 41 kB URL HTTP/2 dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
IP
File type ASCII text, with very long lines (40902), with no line terminators
Hash b565565314853b247e94736713e0f5e2
4a217d55d7037d996056f0deff0adaa7267b4245
76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6
GET /js/profiles.compressed.js?v=2.0.0 HTTP/1.1
Host: dizbubza2heg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 40902
server: nginx/1.4.6 (Ubuntu)
last-modified: Tue, 14 Jul 2020 15:07:01 GMT
accept-ranges: bytes
date: Sat, 19 Nov 2022 01:10:18 GMT
etag: "5f0dca15-9fc6"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 03fqUf-ZSFEwt5hbm7lHe5kwl2HibRyK9-bkOcrDEKFvaBqYuvV_wg==
age: 37240
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (16620), with no line terminators
Hash a73a09a868a98d7505575c520aaf6616
ed4e4c3fe9ad7ed18564e5f9aed6a9a68b522c7f
8b22d2e0e3e79c7ea27bf76720b302fd18ba1240fbf8dd99e54ced655d17c8e4
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c83bb35b39c166b49387a9cb3633d4be:1668418404.864545"
Last-Modified: Mon, 14 Nov 2022 09:17:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 19 Nov 2022 11:50:58 GMT
Date: Sat, 19 Nov 2022 11:30:58 GMT
Content-Length: 5276
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 42a5ddbe8f6f5abe924fc9060d630e3b
8f3f1cf4e9d6ba3176b25c2caf9ea958d1694d0a
b426d43bef89fa91dada624d5334111b77f284f1c4a49af081814e00106410a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=123310
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "6377f6ca-1d7"
Expires: Sun, 20 Nov 2022 21:46:08 GMT
Last-Modified: Fri, 18 Nov 2022 21:19:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
fast.wistia.com/assets/external/engines/hls_video.js
200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP
File type ASCII text, with very long lines (65469)
Size 114 kB (114373 bytes)
Hash ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-1bec5"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 761
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 90, 10
x-timer: S1668857458.304806,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 19 Nov 2022 10:41:09 GMT
expires: Sat, 19 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 2989
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08daf3afdf1beb6e824345f3b32be06d
b2da19afbe56cdd7b18dcf3210972924db2cd6d1
bb9f9130378ee9f9ec73a69f7df4274acc548598a3cf6f942a320328626487cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB9F9130378EE9F9EC73A69F7DF4274ACC548598A3CF6F942A320328626487CD"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Sat, 19 Nov 2022 15:07:27 GMT
Date: Sat, 19 Nov 2022 11:30:58 GMT
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0rt59X6aBhUUZ5Qg856SW2TV3NsibNdngTxjfReJlc3GP6hXNkz+xZo3c3iYuwihfZWSdRJbLBW4Dccp6vSJlA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 19 Nov 2022 11:30:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 90252ddbdbf234581aa466982dd8aa86
5752260e17bd60d956c962aa8c5e611fd2e7723d
9d221e68b36b67232eb37c334897ac25b8f98d2657f1c6a4384cdda26015a548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3299
Cache-Control: max-age=88246
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "63776745-139"
Expires: Sun, 20 Nov 2022 12:01:44 GMT
Last-Modified: Fri, 18 Nov 2022 11:06:45 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 471 B IP
Hash 42a5ddbe8f6f5abe924fc9060d630e3b
8f3f1cf4e9d6ba3176b25c2caf9ea958d1694d0a
b426d43bef89fa91dada624d5334111b77f284f1c4a49af081814e00106410a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=123310
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "6377f6ca-1d7"
Expires: Sun, 20 Nov 2022 21:46:08 GMT
Last-Modified: Fri, 18 Nov 2022 21:19:06 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
paradigmpressgroup.com/favicons/apple-touch-icon.png
200 OK 3.0 kB URL HTTP/2 paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
File type PNG image data, 180 x 180, 8-bit grayscale, non-interlaced\012- data
Hash dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4
GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10114794.json
200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10114794.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: C3TME5WJH03FR497
x-amz-id-2: uGqfi5YLFRwEVwjWijDkqehPDGMYpoI7NdCHE8VS1+0TWEYYjTI661Sv/6tlzxO57jojb4G3q/0=
content-type: application/json
date: Sat, 19 Nov 2022 10:33:25 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 3453
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10082412.json
200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10082412.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: C3TYY55ZAA4WJP5W
x-amz-id-2: 4DD+ALYh9R0ITv+37KgC2CIHATL+NzCczPs1iYCt7jBESSHzvohZA8WrVXgp5+sAfsu+0uD/3FxBKU65pYORzQ==
content-type: application/json
date: Sat, 19 Nov 2022 10:33:25 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 3453
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10125189.json
200 OK 2 B URL HTTP/2 s.yimg.com/wi/config/10125189.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: FXVV86BE7TJEF33H
x-amz-id-2: DMn/ihvwtrq57Vbwr/RMp9vgkkXqA21zFT5h3Vrv0G2zR9BQPRhYCYcuZlPDpTWjeQeZAfqPO2E=
content-type: application/json
date: Sat, 19 Nov 2022 11:16:30 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 868
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
paradigmpressgroup.com/favicons/favicon-16x16.png
200 OK 587 B URL HTTP/2 paradigmpressgroup.com/favicons/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6
GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=1502083933.1668857458&jid=685124497&gjid=230901343&_gid=741045415.1668857458&_u=YGBAiEABBAAAAEAAI~&z=490683045
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=1502083933.1668857458&jid=685124497&gjid=230901343&_gid=741045415.1668857458&_u=YGBAiEABBAAAAEAAI~&z=490683045
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=1502083933.1668857458&jid=685124497&gjid=230901343&_gid=741045415.1668857458&_u=YGBAiEABBAAAAEAAI~&z=490683045 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://pro.paradigmnewsletters.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Nov 2022 11:30:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6377f628-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 18 Nov 2022 21:16:24 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 51162
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 630
x-timer: S1668857459.522653,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1668857458360&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&_v=3.0.29&_uid=4d2bca0f-4196-464e-ae3c-1f7922617070&_getid=t
200 OK 35 B URL HTTP/2 c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1668857458360&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&_v=3.0.29&_uid=4d2bca0f-4196-464e-ae3c-1f7922617070&_getid=t
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1668857458360&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&_v=3.0.29&_uid=4d2bca0f-4196-464e-ae3c-1f7922617070&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=4d2bca0f-4196-464e-ae3c-1f7922617070; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXGH6ALExf%2BzrmW06ncIu%2Fq7ZlVJ5TOSgfp%2FyM%2BGszfwRhtpDgVQBU4ymBbZGRQ7GfMXtswjrcE6%2F0Eza6%2B0xgQ8vEgM6%2F6EHFr2gisYoT7Syyffo6wN68ksZWpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c89deb0c3c0b59-OSL
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
200 OK 14 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP
File type ASCII text, with very long lines (43227), with no line terminators
Hash 6d8f1d7b0b9c64b3229c664b7e97f8de
fb1d66e9234ab67dd91c02127348f5440e404b12
369727c9209b9974e4807e7ff2be2404475e0821a9bbd1aab17cfba3568ad8f2
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: text/javascript
last-modified: Tue, 08 Nov 2022 15:05:46 GMT
etag: W/"636a704a-a8d9"
expires: Sun, 20 Nov 2022 11:30:58 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/xcricpp48g.m3u8
200 OK 753 B URL HTTP/2 fast.wistia.com/embed/medias/xcricpp48g.m3u8
IP
Hash 241e5be140e494c088b2faa695588b56
ad24c578d94406534f8a900430da1fa984600eef
15e6fe20f1d75fcd3ee519630813b37cb5effb8ff2222d6c820e9c6f46d13a6d
GET /embed/medias/xcricpp48g.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"15e6fe20f1d75fcd3ee519630813b37c"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 41f35685d7a44ce6967069102bf63771
x-runtime: 0.029710
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
age: 0
x-served-by: cache-iad-kjyo7100153-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 819, 1
x-timer: S1668857459.515334,VS0,VE94
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 753
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash a2c22781d5bffaf4576b5319af5377cd
bd0191418dae5da019a6b3fe18efbb05e85d9512
73e327514113ee3c823d4a7602f340c7e4fd76a39519934e97e4ad438a61e82d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: max-age=112133
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "6377c43c-13a"
Expires: Sun, 20 Nov 2022 18:39:51 GMT
Last-Modified: Fri, 18 Nov 2022 17:43:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=0Sex1V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQc3hsZVcwcGlzc1phJTJCeXhjN3M2ckg2; expires=Thu, 14 Dec 2023 11:30:58 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 259843
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash be20754d80adc3e18593c501f2e731ac
65f39993805c2e7a597d4aa7d7158b905fe6956f
54b0b550468979985c7323ee8185e201168f81565c0e69b3a6af5dec6de717e1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Last-Modified: Sat, 19 Nov 2022 10:20:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash be20754d80adc3e18593c501f2e731ac
65f39993805c2e7a597d4aa7d7158b905fe6956f
54b0b550468979985c7323ee8185e201168f81565c0e69b3a6af5dec6de717e1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6352
Cache-Control: max-age=127683
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "6377f565-1d7"
Expires: Sun, 20 Nov 2022 22:59:01 GMT
Last-Modified: Fri, 18 Nov 2022 21:13:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
embedwistia-a.akamaihd.net/deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8
200 OK 77 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8
IP
ASN #20940 Akamai International B.V.
Hash a5552cc6e731740cd1bc9112686442a6
ebe7b6f595197a74ac3d38ed01ee6b4251ffddae
1c80625f4d530bac5c9fc94912302bf024b73f384a5d95c4963ea4d0a6bd5154
GET /deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 76618
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: b76be171e8562612ddd708291a1094f9caab5387-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
Accept-Ranges: bytes
Cache-Control: max-age=31188122
Expires: Wed, 15 Nov 2023 10:53:00 GMT
Date: Sat, 19 Nov 2022 11:30:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.digicert.com/
200 OK 313 B IP
Hash f6195b8f66eb03208eb97e12c27b8947
838910b453e3381fa973c445fad32721570b83a6
85ea1ba32e02a2f010671081bc8898fdeeb9dd4893cb667b94243dd83b86bd38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5068
Cache-Control: max-age=86071
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:58 GMT
Etag: "637757dd-139"
Expires: Sun, 20 Nov 2022 11:25:29 GMT
Last-Modified: Fri, 18 Nov 2022 10:01:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
embedwistia-a.akamaihd.net/deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8/seg-1-v1-a1.ts
200 OK 1.8 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.8 MB (1787128 bytes)
Hash 2992462884f3cd2b8d127a9d8e85e74e
17ebb1f99eb5b73fda687f08eb624ce2e0a23efb
4260c4f1aa0fec1e07b178fe8b998d638de29bc2675afd7fa41715e3dc275864
GET /deliveries/b76be171e8562612ddd708291a1094f9caab5387.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1787128
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: b76be171e8562612ddd708291a1094f9caab5387-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31225108
Expires: Wed, 15 Nov 2023 21:09:26 GMT
Date: Sat, 19 Nov 2022 11:30:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10114794&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10114794&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10114794&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
expires: Sat, 19 Nov 2022 11:30:58 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHK-eGMCEIDTLMA05oFCb7iw8wfA_o8FEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAApJMiuYnya4Zq6o7dNPvbtk; Expires=Sun, 19 Nov 2023 17:30:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2019%20Nov%202022%2011%3A30%3A58%20GMT&n=0&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2019%20Nov%202022%2011%3A30%3A58%20GMT&n=0&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Sat%2C%2019%20Nov%202022%2011%3A30%3A58%20GMT&n=0&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
expires: Sat, 19 Nov 2022 11:30:58 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHK-eGMCENS5kX7fmZTrRrQqr4cha5oFEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAAsTkvrSNAObyFnDI3bo0h6Q; Expires=Sun, 19 Nov 2023 17:30:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d
200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d
IP
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:30:58 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 2970c80dc9c925935b1aefa2f5458908
content-encoding: gzip
sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
expires: Sat, 19 Nov 2022 11:30:58 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHK-eGMCEDerWhbR-R2wFeS4EhFV1HEFEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAAviZ8uiuloc99WBGxXR3Dzk; Expires=Sun, 19 Nov 2023 17:30:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Biden%E2%80%99s%20%22Secret%20Army%22&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
expires: Sat, 19 Nov 2022 11:30:58 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBHK-eGMCEF9IYcDUeo-NLAAukVZc7Z0FEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAApdo--NpHeuHqbGMeA8_OmE; Expires=Sun, 19 Nov 2023 17:30:58 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=paradigmnewsletters.org&sn=FirefoxSyncframe&so=0&topUrl=pro.paradigmnewsletters.org&info=EcmFdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQdVJ3TFF1bEJMU2tYY3loUGtQNkxISQ&idsd=-322019164,-1093789638&cw=1&lsw=1
200 OK 77 kB URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=paradigmnewsletters.org&sn=FirefoxSyncframe&so=0&topUrl=pro.paradigmnewsletters.org&info=EcmFdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQdVJ3TFF1bEJMU2tYY3loUGtQNkxISQ&idsd=-322019164,-1093789638&cw=1&lsw=1
IP
Hash d2f7364f9ca67534d718be93a13825ec
11b532d55c240c4c4b3eb8acf795b9f4396732c1
69598a1ad8216eb2e92024258c02f2f2ab1a119adb30ae395b1362769e9c76bd
GET /sid/json?origin=onetag&domain=paradigmnewsletters.org&sn=FirefoxSyncframe&so=0&topUrl=pro.paradigmnewsletters.org&info=EcmFdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQdVJ3TFF1bEJMU2tYY3loUGtQNkxISQ&idsd=-322019164,-1093789638&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=pro.paradigmnewsletters.org&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1334115
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&optOut=false&bust=08265999504139094&referrer=
200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&optOut=false&bust=08265999504139094&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.4&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&optOut=false&bust=08265999504139094&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:30:58 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 19b7cd3bc8f939cfb281bced5e9622b5
content-encoding: gzip
embedwistia-a.akamaihd.net/deliveries/895ed75c4883771fb5270020cf78fba935fc3a34.m3u8/seg-1-v1-a1.ts
200 OK 1.2 MB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/895ed75c4883771fb5270020cf78fba935fc3a34.m3u8/seg-1-v1-a1.ts
IP
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 1.2 MB (1170488 bytes)
Hash 0046360ad404cfbec9ba4117efff1d4d
0592fb9aaae292d1c3c10fc9cca70c6d6d57941d
2b7257600ad92af343ad67af1f63b792ba5f862eaad07785728313c5e4bd981f
GET /deliveries/895ed75c4883771fb5270020cf78fba935fc3a34.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 1170488
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 895ed75c4883771fb5270020cf78fba935fc3a34-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31511167
Expires: Sun, 19 Nov 2023 04:37:06 GMT
Date: Sat, 19 Nov 2022 11:30:59 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 894802d88df968039fc3bea13a8d28e9
b162aefe5ddd08b4445f99e5d3f65400277dd12b
b1581a63ceca2384dd4ce27a962008cc5f2356683c1f9b787c1262c8d86ddc7d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168071
Date: Sat, 19 Nov 2022 11:30:59 GMT
Etag: "637896fe-1d7"
Expires: Mon, 21 Nov 2022 10:12:10 GMT
Last-Modified: Sat, 19 Nov 2022 08:42:38 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GpyBu78chn-TihuPG3-cRNi2krGD8T424OeVyH20Z7u2L-14l_Zoqg==
Age: 5372
bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=5042&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/&qt=1&ap=32&be=4114&fe=4933&dc=4778&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668857453039,%22n%22:0,%22f%22:3306,%22dn%22:3309,%22dne%22:3341,%22c%22:3341,%22s%22:3461,%22ce%22:3819,%22rq%22:3819,%22rp%22:3974,%22rpe%22:4091,%22dl%22:4099,%22di%22:4754,%22ds%22:4777,%22de%22:4789,%22dc%22:4929,%22l%22:4933,%22le%22:4935%7D,%22navigation%22:%7B%7D%7D&fcp=4789&jsonp=NREUM.setToken
200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=5042&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/&qt=1&ap=32&be=4114&fe=4933&dc=4778&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668857453039,%22n%22:0,%22f%22:3306,%22dn%22:3309,%22dne%22:3341,%22c%22:3341,%22s%22:3461,%22ce%22:3819,%22rq%22:3819,%22rp%22:3974,%22rpe%22:4091,%22dl%22:4099,%22di%22:4754,%22ds%22:4777,%22de%22:4789,%22dc%22:4929,%22l%22:4933,%22le%22:4935%7D,%22navigation%22:%7B%7D%7D&fcp=4789&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=5042&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/&qt=1&ap=32&be=4114&fe=4933&dc=4778&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668857453039,%22n%22:0,%22f%22:3306,%22dn%22:3309,%22dne%22:3341,%22c%22:3341,%22s%22:3461,%22ce%22:3819,%22rq%22:3819,%22rp%22:3974,%22rpe%22:4091,%22dl%22:4099,%22di%22:4754,%22ds%22:4777,%22de%22:4789,%22dc%22:4929,%22l%22:4933,%22le%22:4935%7D,%22navigation%22:%7B%7D%7D&fcp=4789&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:30:59 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76c89dea6814b517-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=e3f61ef56657e347; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
fast.wistia.com/assets/external/allIntegrations.js
200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP
File type ASCII text, with very long lines (21637), with no line terminators
Hash 98d8f1350f159ef9d630464f2677623c
ee33382759ec18abebe452fb065599627d729114
0bcc59bc6540d08234fceefb99483c915ced9406d7b30173817cb18553c462b3
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "6373bf7d-15f7"
last-modified: Tue, 15 Nov 2022 16:34:05 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:59 GMT
age: 762
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
x-cache-hits: 51, 9
x-timer: S1668857459.207159,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 5623
X-Firefox-Spdy: h2
distillery.wistia.com/x
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1588
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 19 Nov 2022 11:30:59 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1289679631209278&ev=PageView&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458684&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&it=1668857458443&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1289679631209278&ev=PageView&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458684&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&it=1668857458443&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1289679631209278&ev=PageView&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458684&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=28&it=1668857458443&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Nov 2022 11:30:59 GMT
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 39 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 115e26acfc810f0bb90dfb3474264086
6dc86aec5fef7553acebaff4ccf2c5179d95f793
f61347b35abefa2763c37146bb91fd106ed1ce6c836cf64d6e6574114b7ae4d6
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 73782
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1289679631209278&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458685&cd[external_id]=4d2bca0f-4196-464e-ae3c-1f7922617070&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=28&it=1668857458443&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1289679631209278&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458685&cd[external_id]=4d2bca0f-4196-464e-ae3c-1f7922617070&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=28&it=1668857458443&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1289679631209278&ev=Lytics%20Audiences&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue&rl=&if=false&ts=1668857458685&cd[external_id]=4d2bca0f-4196-464e-ae3c-1f7922617070&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=28&it=1668857458443&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 19 Nov 2022 11:30:59 GMT
X-Firefox-Spdy: h2
sslwidget.criteo.com/event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881
302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:30:58 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 13224265
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 1eff0882c6eddeda45ee0b20f99aae6a
8a3b5e3c290c480d5c0548e49ee3b73a07b8ff20
ec3a58d14ae5c75ffa1ac593b7a8e4f0bc9b3663de3bd6380cb6540c74a27c40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5727
Cache-Control: max-age=150430
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:30:59 GMT
Etag: "637850b2-139"
Expires: Mon, 21 Nov 2022 05:18:09 GMT
Last-Modified: Sat, 19 Nov 2022 03:42:42 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 958a574e034b8a44bfd0bd06d304a84c
873a6f5119825a09a95f26e14ce45ac0f45e4e81
2957ceddd19aef526412808678acc9ef7b0f0a299344a43601a28ce18398eeca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2957CEDDD19AEF526412808678ACC9EF7B0F0A299344A43601A28CE18398EECA"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Sat, 19 Nov 2022 13:32:38 GMT
Date: Sat, 19 Nov 2022 11:30:59 GMT
Connection: keep-alive
pipedream.wistia.com/mput?topic=metrics
200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 6678
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
matching.ivitrack.com/sync?realm=criteo&uid=k-94ZHcUrxa7MEd6qQZCfZhLGlB2sZcFxo_hxrFw
200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-94ZHcUrxa7MEd6qQZCfZhLGlB2sZcFxo_hxrFw
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-94ZHcUrxa7MEd6qQZCfZhLGlB2sZcFxo_hxrFw HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 958a574e034b8a44bfd0bd06d304a84c
873a6f5119825a09a95f26e14ce45ac0f45e4e81
2957ceddd19aef526412808678acc9ef7b0f0a299344a43601a28ce18398eeca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2957CEDDD19AEF526412808678ACC9EF7B0F0A299344A43601A28CE18398EECA"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Sat, 19 Nov 2022 13:32:38 GMT
Date: Sat, 19 Nov 2022 11:30:59 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0620496220afe1cafc1a45c818eadbc3
2b44496063ec634997ebccf3f6a16a8c53b32a8f
c69cb46b425837177f72caf890c9b6d99df474d70e418f5f8a46903433a75016
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153884
Date: Sat, 19 Nov 2022 11:30:59 GMT
Etag: "63786731-1d7"
Expires: Mon, 21 Nov 2022 06:15:43 GMT
Last-Modified: Sat, 19 Nov 2022 05:18:41 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F3RrMJsn-z7BINpMbq3UJxMUpPMK52oVLthwtBSi6d2U-_dLh7NtQQ==
Age: 3422
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:30:59 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 973802
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-FrydKkrxa7MEd6qQZCfZhLGlB2vgjGV_xNy6Ag
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-FrydKkrxa7MEd6qQZCfZhLGlB2vgjGV_xNy6Ag
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-FrydKkrxa7MEd6qQZCfZhLGlB2vgjGV_xNy6Ag HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3118590603580297000V10; Expires=Sun, 19 Nov 2023 11:31:00 GMT; domain=.media.net; Path=/;
data-c-ts=1668857460;Expires=Mon, 19 Dec 2022 11:31:00 GMT;path=/;domain=.media.net;
data-c=k-FrydKkrxa7MEd6qQZCfZhLGlB2vgjGV_xNy6Ag~~3;Expires=Mon, 19 Dec 2022 11:31:00 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sat, 19 Nov 2022 11:31:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 19 Nov 2022 11:31:00 GMT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 486 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
Hash eab38c91e3a911e68bf9dbc0b36770be
72e74b9c86aff4bb4cb71a8479a557889e2dc468
1673c17fac0c298aaf8a17b3a7a191f84a847ae8b92a64c3bcd718ae86e857ef
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 100200
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ
302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ&C=1
cf-ray: 76c89df58e730b45-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y3i.dC1R-8x0-sdPTuKYQwAA; Path=/; Domain=casalemedia.com; Expires=Sun, 19 Nov 2023 11:31:00 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=685; Path=/; Domain=casalemedia.com; Expires=Fri, 17 Feb 2023 11:31:00 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=685; Path=/; Domain=casalemedia.com; Expires=Fri, 17 Feb 2023 11:31:00 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcUsbEj9APaPNSP5S1IiwVKXGWl1nbIGdi0%2FTOQMxUsQas2kfeAZY4p%2Fol7NHVyuyksDeTNywmVvyDWgZug7TIFgKaRE53ZyUKiEh15klni%2FJP0TvHy4VKAD3kKOetD7CWpH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e79d7264ffe3880ee50f3a0fe082e4e8
064bf0d478a929ac55f42ea2b7c5edcc940537e1
07225eb51a008e58af521745416e008997e6d8c79974e6e5e14d9386724a149e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4155
Cache-Control: max-age=139510
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63782c2f-1d7"
Expires: Mon, 21 Nov 2022 02:16:10 GMT
Last-Modified: Sat, 19 Nov 2022 01:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 313 B IP
Hash dc15d06cf370c0160fe7403672bdb66d
1bc6a49a524315897e8515784e016b1f33481022
22193d04f7682702a3729b033a171df8d7ef81bbf9cdea38c77b0479afafd6e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5840
Cache-Control: max-age=108058
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "6377aabe-139"
Expires: Sun, 20 Nov 2022 17:31:58 GMT
Last-Modified: Fri, 18 Nov 2022 15:54:38 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_cm=&google_hm=ay1WYlZ3S1VyeGE3TUVkNnFRWkNmWmhMR2xCMnZ6YVNJbzVsNERIZw&google_tc=
302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_cm=&google_hm=ay1WYlZ3S1VyeGE3TUVkNnFRWkNmWmhMR2xCMnZ6YVNJbzVsNERIZw&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 38d020d43d0e1b78f0247108a9ab529c
3f66d739769e1751c9555b9d27118ddecf5db6e9
c72e4278af65593a634f33346baae01040832e6b25f2a61c4c46ce62850cc2b4
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_cm=&google_hm=ay1WYlZ3S1VyeGE3TUVkNnFRWkNmWmhMR2xCMnZ6YVNJbzVsNERIZw&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_error=3
date: Sat, 19 Nov 2022 11:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-4eujVErxa7MEd6qQZCfZhLGlB2tCcyLsT9CxmA
200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-4eujVErxa7MEd6qQZCfZhLGlB2tCcyLsT9CxmA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-4eujVErxa7MEd6qQZCfZhLGlB2tCcyLsT9CxmA HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sat, 19 Nov 2022 11:31:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 19 Nov 2022 11:31:00 GMT
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ&C=1
200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-WdX2u0rxa7MEd6qQZCfZhLGlB2u_GWMzrnJuEQ&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
content-length: 43
cf-ray: 76c89df5eec40b45-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XIpOxoF5DzQPChm%2BypVO5ZHqVlyUZhBivr1afQqgqi4gLJ878yc3EOmS4XIgqL03mAzgrUWa41pTC0VI8ZA2MpzICtMWDXRXIxaAlJiJPRdWtFUcFNOPVs%2Fkkw%2BpWcJpOmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xH36Ykrxa7MEd6qQZCfZhLGlB2suVdOQuE7cLg&expires=30
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xH36Ykrxa7MEd6qQZCfZhLGlB2suVdOQuE7cLg&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-xH36Ykrxa7MEd6qQZCfZhLGlB2suVdOQuE7cLg&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
ocsp.digicert.com/
200 OK 471 B IP
Hash 058f931b920c5dd509d6602fb2718140
60e83c804c89169e595873e6538f85294827798e
e7604ace773bc3bc1d8f2de568a11956b7487a07262cdac8d81de081ccd73b78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4345
Cache-Control: max-age=102958
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63779ca9-1d7"
Expires: Sun, 20 Nov 2022 16:06:58 GMT
Last-Modified: Fri, 18 Nov 2022 14:54:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-FPc6lUrxa7MEd6qQZCfZhLGlB2tlDeicKiiv3w
200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-FPc6lUrxa7MEd6qQZCfZhLGlB2tlDeicKiiv3w
IP
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-FPc6lUrxa7MEd6qQZCfZhLGlB2tlDeicKiiv3w HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sat, 19 Nov 2022 11:30:59 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=7206444249601397606; expires=Tue, 19 Dec 2023 11:31:00 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 19 Dec 2023 11:31:00 GMT; domain=smartadserver.com; path=/
csync=79:k-FPc6lUrxa7MEd6qQZCfZhLGlB2tlDeicKiiv3w; expires=Sun, 19 Nov 2023 11:31:00 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cm.adform.net/pixel?adform_pid=15&adform_pc=k-ojsTSErxa7MEd6qQZCfZhLGlB2sEBQCiJ5r8yA
200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-ojsTSErxa7MEd6qQZCfZhLGlB2sEBQCiJ5r8yA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-ojsTSErxa7MEd6qQZCfZhLGlB2sEBQCiJ5r8yA HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 22 May 2018 14:15:49 GMT
etag: "5b042615-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d4015d7671100c332d8b21b03e66f79f
ad0ba1f7ecc6d519e1e62aab4bb8435120f46f81
a52a856f27f3f4a6d56b608503e0ab97e6248215f38b0004ceed10d4d291b043
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Last-Modified: Sat, 19 Nov 2022 10:30:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: a578ceff-e168-4a47-9064-de166e13b915
Set-Cookie: uuid2=7201048793361046333; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 17-Feb-2023 11:31:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash b45c840e89e6d53e733bddc0ced9f941
66dfcfe702bcdc7d9db5a138d8e5ddc7b09799b2
074ca6b901a00c885e0f076776eff6aca6eba590be6df196f46f6da687f1d81b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5455
Cache-Control: max-age=158812
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63787281-1d7"
Expires: Mon, 21 Nov 2022 07:37:52 GMT
Last-Modified: Sat, 19 Nov 2022 06:06:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBHS-eGMCEHjIeDPzbAqgdi7Fc3wUePwFEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAAvbvRfBhpNLMz1Uyy0Lq0X4; Expires=Sun, 19 Nov 2023 17:31:00 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88691652873325310494271811340161644278; Max-Age=15552000; Expires=Thu, 18 May 2023 11:31:00 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: acfjUiuKSaU=
Content-Length: 0
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-py50L0rxa7MEd6qQZCfZhLGlB2ub3V5jh7f5-w&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 19 Nov 2022 11:31:00 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBHS-eGMCEDqfO8jURbp2kgogvbSXgAwFEgEBAQEPemOCYwAAAAAA_eMAAA&S=AQAAAslMhX6kvC2qWs2QscDoaUg; Expires=Sun, 19 Nov 2023 17:31:00 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 306f418448d9386973e8cba677ee3cdf
f342b95b8fc1eceff87ed077f7b0b989b845f07c
346557785638bf307a869139a386b7cac91eed4b900848150312ea3a296b3699
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 01:56:51 GMT
Expires: Sat, 26 Nov 2022 01:56:50 GMT
Etag: "f342b95b8fc1eceff87ed077f7b0b989b845f07c"
Cache-Control: max-age=569749,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c89df6c9151c16-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 36946efc19a668190cddf68253433e65
16eb0f15b1381035779411155edb1f47b90155c0
a40853a35067952707bcafe6d70e8f4537e5fa0276d0b0fa0f18a48d5299e3f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5442
Cache-Control: max-age=171380
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "6378a3a6-1d7"
Expires: Mon, 21 Nov 2022 11:07:20 GMT
Last-Modified: Sat, 19 Nov 2022 09:36:38 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: 86338743-d8d5-439f-a502-99d75903721b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x.bidswitch.net/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=5eec3d21-3d9b-48c7-94ae-6503e339d64f; path=/; expires=Sun, 19-Nov-2023 11:31:00 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668857460; path=/; expires=Sun, 19-Nov-2023 11:31:00 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668857460; path=/; expires=Sun, 19-Nov-2023 11:31:00 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668857460; path=/; expires=Sun, 19-Nov-2023 11:31:00 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA
200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA&KRTB&23144-uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA&KRTB&23286-uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA&KRTB&23287-uid:k-OfHzgErxa7MEd6qQZCfZhLGlB2vkA3G2k5HRsA; domain=pubmatic.com; secure; expires=Mon, 19-Dec-2022 11:30:58 GMT; path=/
PugT=1668857458; domain=pubmatic.com; secure; expires=Mon, 19-Dec-2022 11:30:58 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 68acce8ee9f31b8c1742aea5c640521b
b20a6117a1cb11a52a719e7c248a49927a260fdd
f6ff0fd265a77f0c60e2c68cc3df0edcb86b1e73a976f49dfae303eff47ea5bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151023
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "637862fc-1d7"
Expires: Mon, 21 Nov 2022 05:28:03 GMT
Last-Modified: Sat, 19 Nov 2022 05:00:44 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QO2GYukHRkmHA-PCivlh6ASJu8yqNH_XPdyW9U4BWRz16CMFuad29A==
Age: 1639
ad.yieldlab.net/m?dt_id=8664&ext_id=k-6zimHkrxa7MEd6qQZCfZhLGlB2udmk7r3391Mg
204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-6zimHkrxa7MEd6qQZCfZhLGlB2udmk7r3391Mg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-6zimHkrxa7MEd6qQZCfZhLGlB2udmk7r3391Mg HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Fri, 18 Nov 2022 11:31:00 GMT
Date: Sat, 19 Nov 2022 11:31:00 GMT
Connection: keep-alive
Set-Cookie: id=cdc46e44-25c8-49ce-95e9-c89192f8fbc7; Path=/; Domain=yieldlab.net; Expires=Sun, 19-Nov-2023 11:31:00 GMT; Max-Age=31536000; Secure; SameSite=None
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0ba8f5f7e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 0soY79uvSY4=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3859ff247156c5452e97f6f2dd7c0149
b9f865c03294a22d2aee6bb8c3e60282bf4885d1
55100f39eb14de1b5d46bb1be9f14f097642aa3bff1a3a23564baa73f793b6ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95538
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "6377821e-1d7"
Expires: Sun, 20 Nov 2022 14:03:18 GMT
Last-Modified: Fri, 18 Nov 2022 13:01:18 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iw5m6MbsisR7zoLL4IKF3eXWdhAjV8kWVq-yugHSrZPf3GMadHLZew==
Age: 3720
ocsp.sectigo.com/
200 OK 471 B IP
Hash 408480467a535aaf00fa8fa71556fbc3
2ab842237c5f48c8d22674aaa63962a3f8cf9fe9
084dfe36f156548b4cfd5259e47ca6d13798f50f749808372e9f9295204bee54
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 03:11:53 GMT
Expires: Wed, 23 Nov 2022 03:11:52 GMT
Etag: "2ab842237c5f48c8d22674aaa63962a3f8cf9fe9"
Cache-Control: max-age=315051,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c89df749d91c16-OSL
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k--2s_8krxa7MEd6qQZCfZhLGlB2sT5xvDt1LviQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-64QZ60rxa7MEd6qQZCfZhLGlB2uqyF6xjXAQNQ
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-64QZ60rxa7MEd6qQZCfZhLGlB2uqyF6xjXAQNQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-64QZ60rxa7MEd6qQZCfZhLGlB2uqyF6xjXAQNQ HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 19 Nov 2022 11:31:00 GMT
X-Firefox-Spdy: h2
trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D4d2bca0f-4196-464e-ae3c-1f7922617070%26account_id%3D7633a10cce24ede709377546c8e3146d
200 OK 80 B URL HTTP/2 trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D4d2bca0f-4196-464e-ae3c-1f7922617070%26account_id%3D7633a10cce24ede709377546c8e3146d
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4ea17ba3ef67d2e6752f82f0a1dd963b
f8fe758f4e56dc3828a772c261501beed93dc24b
255baafc8ed06f65606d4b66f0e554ea3eb41b6000625ca29a8e5de50da0b2f6
GET /sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D4d2bca0f-4196-464e-ae3c-1f7922617070%26account_id%3D7633a10cce24ede709377546c8e3146d HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
cache-control: no-cache, no-store
pragma: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:30:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668857459.688788,VS0,VE81
x-vcl-time-ms: 81
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=7022&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=7022&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=7022&ck=1&ref=https://pro.paradigmnewsletters.org/p/awn_bidenbucks_newlife_0722/LAWNY876/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1599
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76c89df57d48b517-OSL
Access-Control-Allow-Origin: https://pro.paradigmnewsletters.org
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 657699
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-a_6URErxa7MEd6qQZCfZhLGlB2vcci6eq1ovLw
200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-a_6URErxa7MEd6qQZCfZhLGlB2vcci6eq1ovLw
IP
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-a_6URErxa7MEd6qQZCfZhLGlB2vcci6eq1ovLw HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=09575977ec09c2248d197999c405503f; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 11:31:00 GMT
content-length: 49
x-envoy-upstream-service-time: 3
server: ayl-lb-fra02
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4720896af23ee5fb4cd4fc082c6c3c5a
0f148bff451fa3b7bd63ce8be69d25f376d282ab
e6b0be33b60ef1d0a23bf5c264834532731e3a95880ada3b50ff4199b479e004
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135562
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63782536-1d7"
Expires: Mon, 21 Nov 2022 01:10:22 GMT
Last-Modified: Sat, 19 Nov 2022 00:37:10 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eGp8gLTSE6CJWhjxRY4hM0NzMVi2xhDB_3-zDjlPCyzDvRGzgf5jKw==
Age: 1992
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a2a8dd13377d403273710965ef45efac
341abddd1bceca62cc41c5cffc5cae52ed118f07
c0fa6d171e813dcedbda969e5d6ea9e8ed6359b687c88c7a880cdc09c5af085c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94548
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63777408-1d7"
Expires: Sun, 20 Nov 2022 13:46:48 GMT
Last-Modified: Fri, 18 Nov 2022 12:01:12 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sWpdCa6haMJjsJyliG7sif0rzZ5inwQuFfMniK5afatbzfxq5Y1RQg==
Age: 6336
sync.outbrain.com/cookie-sync?p=criteo&uid=k-HI1TbErxa7MEd6qQZCfZhLGlB2uSMDeJYqyeUA
200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-HI1TbErxa7MEd6qQZCfZhLGlB2uSMDeJYqyeUA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-HI1TbErxa7MEd6qQZCfZhLGlB2uSMDeJYqyeUA HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:31:00 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: bf1ed5ed777e5f0a1446564482aad35c
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 99d462b4b79462133d6cfb4af6790983
3bb456d12ce895772c627678c2dda7e5aa19d9c6
074865113599f05af8cf6c03bec8bfeb6f6ec7c9151f496f9f24eb11eb69142b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113374
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "6377bd25-1d7"
Expires: Sun, 20 Nov 2022 19:00:34 GMT
Last-Modified: Fri, 18 Nov 2022 17:13:09 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m2B8Q9RVSbpfuSsZchn9xwjG4nfcYgt-617OUla2mtu7lXy9MHYCPQ==
Age: 6445
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g
302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g
set-cookie: tuuid=a7f2dd61-7a32-430e-8bac-f18e5f9de713; Expires=Fri, 17 Feb 2023 11:31:00 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668857460; Expires=Fri, 17 Feb 2023 11:31:00 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash aa2c0d252c34570e9eca40bf8fe97aef
7d5856a9b5845a0ce2189679254cba2b8e6f5210
977bcf15ae28a4e7de26f30950fdd63580da42136911013e8ca5b192a38733d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5482
Cache-Control: max-age=93691
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:31:00 GMT
Etag: "63777405-1d7"
Expires: Sun, 20 Nov 2022 13:32:31 GMT
Last-Modified: Fri, 18 Nov 2022 12:01:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
sync-criteo.ads.yieldmo.com/sync?id=k-5TkG6krxa7MEd6qQZCfZhLGlB2usfBAQb6ZYbg&pn_id=criteo&ext=1
200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-5TkG6krxa7MEd6qQZCfZhLGlB2usfBAQb6ZYbg&pn_id=criteo&ext=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-5TkG6krxa7MEd6qQZCfZhLGlB2usfBAQb6ZYbg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g2ba3a260f68160615d9%7C1668857460500%7C0%7C; Domain=.yieldmo.com; Expires=Sun, 19-Nov-2023 11:31:00 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-5TkG6krxa7MEd6qQZCfZhLGlB2usfBAQb6ZYbg; Domain=ads.yieldmo.com; Expires=Sun, 19-Nov-2023 11:31:00 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-EJutBkrxa7MEd6qQZCfZhLGlB2uLh2xQ8cC_4g HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 19 Nov 2022 11:31:00 GMT
set-cookie: _kuid_=PNUNIlif; Expires=Thu, 18-May-23 11:31:00 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n007-dub-prod.krxd.net
x-request-time: D=132 t=1668857460
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 19 Nov 2022 11:31:00 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 418574
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash c10df92afa1c976a84b6d7251c6f3ea3
ac60d422926702bf7cdb8567fffa5482a99f4214
8d51e8734379efd8e87e391f09088cefd41dbbc4d4986e93964a40692de80049
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "8D51E8734379EFD8E87E391F09088CEFD41DBBC4D4986E93964A40692DE80049"
Last-Modified: Sat, 19 Nov 2022 08:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2069
Expires: Sat, 19 Nov 2022 12:05:30 GMT
Date: Sat, 19 Nov 2022 11:31:01 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:01 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: a528e160-67fd-11ed-8394-0000ac170005
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 15200
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js
200 OK 0 B URL HTTP/2 c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js
IP
GET /api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 5770
last-modified: Sat, 19 Nov 2022 09:54:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT8xZcWKMm4GDHyfrqbKITXuWLnXA2Ue%2FkhoTTFdbOcn5njJMxReCLKEb3%2B8X2B7nyrI%2FyaZATqXGJ0nkYsC6hrHeFqRT45vzPMd2K52moTIcvlx4Lf6kEtrhawE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89de8fa380b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5GzREUrxa7MEd6qQZCfZhLGlB2vKzx_qKp3jma-WmthOgGmP
200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-5GzREUrxa7MEd6qQZCfZhLGlB2vKzx_qKp3jma-WmthOgGmP
IP
GET /usersync/push?partner=criteo&partnerId=k-5GzREUrxa7MEd6qQZCfZhLGlB2vKzx_qKp3jma-WmthOgGmP HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22a4601320-67fd-11ed-b889-0bf4803e3152%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 03 Dec 2022 11:31:00 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22a4601320-67fd-11ed-b889-0bf4803e3152%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 03 Dec 2022 11:31:00 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22a4601320-67fd-11ed-b889-0bf4803e3152%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 03 Dec 2022 11:31:00 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22a4601320-67fd-11ed-b889-0bf4803e3152%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sat, 03 Dec 2022 11:31:00 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-5GzREUrxa7MEd6qQZCfZhLGlB2vKzx_qKp3jma-WmthOgGmP%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sat, 03 Dec 2022 11:31:00 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_error=3
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_error=3
IP
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-VbVwKUrxa7MEd6qQZCfZhLGlB2vzaSIo5l4DHg&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 300594
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c.lytics.io/static/pathfora.min.css
200 OK 0 B URL HTTP/2 c.lytics.io/static/pathfora.min.css
IP
GET /static/pathfora.min.css HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Cookie: seerid=4d2bca0f-4196-464e-ae3c-1f7922617070
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6423
last-modified: Sat, 19 Nov 2022 09:43:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JGZiIl9wV34vss6bnjVcamGlCXbNa5DECOVaY2%2FkfEIi743%2BKBKKL%2BdYR4w0KD4gAoaEsMywRiVoaw9wCWdHuH8vSqxCvViAkj4J7qlSEEcEh4OsdpPy4Au2X4T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89defda110b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,900;1,900&family=Teko:wght@700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,900;1,900&family=Teko:wght@700&display=swap
IP
GET /css2?family=Lato:ital,wght@0,900;1,900&family=Teko:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 11:30:57 GMT
date: Sat, 19 Nov 2022 11:30:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=pro.paradigmnewsletters.org&origin=onetag
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?topUrl=pro.paradigmnewsletters.org&origin=onetag
IP
GET /syncframe?topUrl=pro.paradigmnewsletters.org&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:57 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=022bb7fb-e318-449f-858e-fc6b9fefc5fc; expires=Thu, 14 Dec 2023 11:30:58 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 656148
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=0Sex1V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQc3hsZVcwcGlzc1phJTJCeXhjN3M2ckg2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=EcmFdV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBib2ZUaGNDYjNEWjZLWSUyQlRnN0xQdVJ3TFF1bEJMU2tYY3loUGtQNkxISQ; expires=Thu, 14 Dec 2023 11:30:58 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 314347
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.lytics.io/static/pathfora.min.js
200 OK 0 B URL HTTP/2 c.lytics.io/static/pathfora.min.js
IP
GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Cookie: seerid=4d2bca0f-4196-464e-ae3c-1f7922617070
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 6424
last-modified: Sat, 19 Nov 2022 09:43:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1ql9LAXRONvtNyOBonDUvxmv%2B6aGpIhvWks44Yf9ENQNLkAGJKWFHP0kRdOBaT%2FBJs%2Bz6DHHNhKY5YNLIhXBl8ihZtzi7F%2FzYRis3RUSFLrTUPu%2Bt9%2FhgJnN%2B0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89def797d0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 752690
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-U8JXT0rxa7MEd6qQZCfZhLGlB2sX9Xmo-JYVpQ
200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-U8JXT0rxa7MEd6qQZCfZhLGlB2sX9Xmo-JYVpQ
IP
GET /sync?UICR=k-U8JXT0rxa7MEd6qQZCfZhLGlB2sX9Xmo-JYVpQ HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:31:00 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/4d2bca0f-4196-464e-ae3c-1f7922617070?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%224d2bca0f-4196-464e-ae3c-1f7922617070%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1668857458389&callback=u_475095757117043300
200 OK 0 B URL HTTP/2 c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/4d2bca0f-4196-464e-ae3c-1f7922617070?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%224d2bca0f-4196-464e-ae3c-1f7922617070%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1668857458389&callback=u_475095757117043300
IP
GET /api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/4d2bca0f-4196-464e-ae3c-1f7922617070?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%224d2bca0f-4196-464e-ae3c-1f7922617070%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Fawn_bidenbucks_newlife_0722%2FLAWNY876%2F%3Fcake_s1%3D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1668857458389&callback=u_475095757117043300 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:58 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin:
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KLJEDsDqBijFeY%2BSiMIiVW1rx%2FwxI%2BBxreuyffsPsw0nl980XhBSUriX5kM7fdUSmMJR7ThdMSYTs6ftXH3AElymnvsU2W9m8LUVc8JquC09Ei3nF1khGCuzt%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c89deb1c470b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
200 OK 0 B IP
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8PU+etBmyjd2SKJSEpLw8x1OqT06il7FIV0DA0F9/O+ax23WposoJRzm15PNNmWm1VvPr1U4XpE=
x-amz-request-id: 6W505B2VG06B3DZA
date: Sat, 19 Nov 2022 11:28:18 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 161
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
widget.us.criteo.com/event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881
200 OK 0 B URL HTTP/2 widget.us.criteo.com/event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881
IP
GET /event?a=97773&v=5.12.3&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=2WMRtV9jVTZWekRDSDhTemxqcEtUWlhHbElsJTJGcXpITUllWnVHTm5GQ3lMcWt1WTJRNVA5Z1MlMkZUcHdVYVpIckZhVlFjZUpJbDJid25SY3BYM2NVeE55N0YlMkZFMmElMkJRemxtTEVPSlEyQ25IMnJKOVpsUFR0VlB5NXQ4cXAzQ0pSSG5YSXJ0JTJGc0szVktLdmluZkVxeGh4QlNRZmNBJTNEJTNE&tld=paradigmnewsletters.org&fu=https%253A%252F%252Fpro.paradigmnewsletters.org%252Fp%252Fawn_bidenbucks_newlife_0722%252FLAWNY876%252F%253Fcake_s1%253D11_133705158_64bee208-45eb-4781-835b-0d941d8537e2%2526h%253Dtrue&dtycbr=2881 HTTP/1.1
Host: widget.us.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:30:59 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 26073063
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ne_ipErxa7MEd6qQZCfZhLGlB2vfeCjCamTSVg
200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-ne_ipErxa7MEd6qQZCfZhLGlB2vfeCjCamTSVg
IP
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-ne_ipErxa7MEd6qQZCfZhLGlB2vfeCjCamTSVg HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:31:00 GMT
x-fastly-to-nlb-rtt: 21987
access-control-allow-credentials: true
X-Firefox-Spdy: h2
23.250.14.10
23.38.201.81
185.235.84.87
185.64.189.110
18.202.12.61
188.125.94.206
3.123.115.183
104.18.33.19
37.157.6.247
141.226.228.48