Report - click.thedailymoneytips.com/aicrownj1023/2db2d5e6ad1ab1aafd532d2c7d773770/48/1990911199/139350/6edc3d98062e20596ae710d84bb4d7de/63293

Report Overview

Visited public
2023-12-09 20:50:26
Tags
URL
click.thedailymoneytips.com/aicrownj1023/2db2d5e6ad1ab1aafd532d2c7d773770/48/1990911199/139350/6edc3d98062e20596ae710d84bb4d7de/63293
Finishing URL
pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
IP / ASN
172.67.166.218
#13335 CLOUDFLARENET
Title
“The A.I. Crown Jewel”

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-09 07:44:59	2.7 kB	839 kB	142.250.74.168
paradigmpressgroup.com	unknown	2022-05-20	2022-07-18 18:25:53	2023-12-08 06:28:06	939 B	4.2 kB	18.214.111.198
s.yimg.com	375	1997-05-14	2012-05-21 00:45:00	2023-12-08 18:36:52	3.6 kB	32 kB	87.248.119.252
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08 05:17:21	2023-12-09 08:21:53	1.6 kB	542 kB	143.204.55.103
fast.wistia.com	5153	2007-03-18	2012-07-04 02:34:57	2023-12-08 19:31:27	3.8 kB	288 kB	151.101.66.132
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-09 06:06:20	2.8 kB	197 kB	142.250.74.131
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-09 06:34:48	605 B	578 B	142.250.74.163
api.getblueshift.com	9346	2014-03-09	2014-05-10 00:20:22	2023-12-08 19:24:24	738 B	339 B	35.165.135.172
470kwc1.com	unknown	2019-05-03	2020-04-29 23:06:05	2023-12-09 05:33:35	532 B	830 B	3.142.154.0
d2z65klgtz99km.cloudfront.net	unknown	2008-04-25	2021-03-17 02:03:23	2023-12-09 00:57:06	1.5 kB	161 kB	54.230.241.180
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-09 10:52:39	455 B	35 kB	142.250.74.170
pipedream.wistia.com	6958	2007-03-18	2017-01-30 05:30:40	2023-12-09 18:25:16	1.7 kB	1.4 kB	143.204.55.3
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-09 08:02:02	6.3 kB	3.1 kB	216.239.32.36
distillery.wistia.com	6708	2007-03-18	2012-09-30 04:46:15	2023-12-09 08:21:53	511 B	410 B	54.230.111.90
verifiedwebpage.com	unknown	2022-03-23	2022-03-23 19:03:14	2023-12-08 05:51:23	629 B	1.2 kB	188.114.97.1
click.thedailymoneytips.com	unknown	2019-06-27	2023-03-10 21:57:35	2023-12-09 06:40:09	891 B	1.7 kB	172.67.166.218
cdn.getblueshift.com	12716	2014-03-09	2016-09-19 05:21:38	2023-12-08 13:18:21	431 B	3.4 kB	54.230.111.60
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-09 07:42:19	509 B	108 kB	142.250.74.106
pro.paradigm-press.info	unknown	2019-02-19	2019-03-28 14:40:12	2023-12-08 06:28:02	1.2 kB	1.5 kB	192.135.136.169
pro.paradigmnewsletters.org	unknown	2018-12-12	2019-06-06 21:52:38	2023-12-09 05:33:45	2.0 kB	12 kB	161.129.26.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-09	medium	thedailymoneytips.com	Sinkholed
2023-12-09	medium	thedailymoneytips.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (34)

	URL	From	Size	First Seen	Last Seen
	fast.wistia.com/assets/external/engines/hls_video.js	ScriptElement	484 kB	2023-12-04	2023-12-12
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 21:23 Last Seen2023-12-12 14:56 Times Seen117 Hash 6e1e307293f078c95c07db8660ce607a 2a08bcf1166c9707485e568102f7c96e1f933b36 f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357 Loading...

	unknown	ScriptElement	1.2 kB	2023-03-14	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28 Last Seen2024-08-21 06:59 Times Seen257 Hash 596005034249bdf75aca818504b579e8 ff04da238930839575b0b2709aadbdce5785bf12 110cf442650b6702dfbfa992c3537aca60014285e093faa411bb1f3ee45f2d4e Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:04 Times Seen342015 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:04 Times Seen341213 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	s.yimg.com/wi/ytc.js	ScriptElement	18 kB	2023-06-26	2024-08-29
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.252 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33 Last Seen2024-08-29 17:29 Times Seen6264 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	ScriptElement	81 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen192 Hash 31f0b908fbd5fc16bf6737c637b83178 26f5effe6525ca16ceb9815cb26776a8ac36f81c 863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P95MDDF	ScriptElement	395 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P95MDDF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash 13740d6686ee69374b74643bd2dbccc6 4c4970f843c9f01810677f3095c51430ce41f917 62089fc09beb1f6050aa449fd419394cc392b5b4bd88a8cf5bbe4a519325fdec Loading...

	unknown	ScriptElement	1.3 kB	2023-03-10	2025-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1426 Hash 94d29b65bf770b80ca20ff02e2ba5f41 a4c1ab460dbe34b9672c2745f50e0c792a64d932 2d59b45ab2c9e86e411bdd0f5f9d8bb84b383a197faf372ee4e91a0c9a651b87 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash 1b942598e5ebe0432ae014b008148c5b 63d79dd6f78b6fa3d330d9f70ed48048f2cb9dd8 f91cdf301758a9d6e20bc3455aa0ad44dd54cf784f593aceb2283318c2117f94 Loading...

	fast.wistia.com/assets/external/googleAnalytics4.js	ScriptElement	17 kB	2023-11-30	2023-12-12
Pretty URL fast.wistia.com/assets/external/googleAnalytics4.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 19:49 Last Seen2023-12-12 14:56 Times Seen77 Hash 9bbbdbdad3d0da00881800f39ed6ad8b 03563b32521b2a04dc6e7ba8b5f1fe21181be7f0 f47b95dbf3f004a7305cfe6c6b107d76dac597a4c50a52e3f33240f76e4598d5 Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	39 B	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen3027 Hash af8745eef59c123e59cd4703ea4cc40e 8aab93d5d6e19c3430396e434f734df7699aeda0 419e6fe661d8187589ce9e3f1f2888d3bd1fc5f4af3dc1e6a0321a66c31e1191 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T5B9F8TL	ScriptElement	196 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T5B9F8TL IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash e8bac4cb25c6f0a95c4e6b4ac2adda49 112766133629813ea179fb66adeb7626de02e9d1 51419c14e0d045f99b3ad890f7413de925ddd94d763252f09fb92dc644c13e5e Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash 6bfa85325d17bdaf99d6c48c4539b496 dcab4590a8eeae34b0e63df480f24c1e901800bc 0d293b59ef3ca7a501f575c64a240bc9dbaad8c1c637806793a4a2d8c334a6b9 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c	ScriptElement	243 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash ebe11439ac31dd0b5f07f8594b3af8ad ded70bf110d29ba8dab9c53e3cdf97d5327bedaa 2965fc35fee358a30e5b5afce6025ad6d8767a1037a95b6e2eb40163a81e4264 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 20:40 Times Seen29049 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	358 B	2023-11-03	2024-08-20
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 14:40 Last Seen2024-08-20 21:16 Times Seen103 Hash 017f8851150bde97e81af36eeda5685e 9ede0f6cb1c8f39598661c09e3c0ed07c21b895f d0b432e9bf52b7a1f241cd6e58e9f83ae81f894195aaa9a64707eae34056818e Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	341 B	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1430 Hash 285bc9b441da8c1fbab42396acae2df3 833ac60111a789824e40a385d2e225c129751bbd 7849138d30558b224e5ccd5847d7ea5767630e220bf7d4e3496e99c5fa02974f Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	341 B	2023-09-13	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02 Last Seen2025-04-26 09:06 Times Seen1423 Hash ce1c2dd4d39647e5c7e8a4ded7c7d48a 4f7b2f537cb1a05bd6a7f661fce09d2db271bb38 8a871b5034d221b1a98614580a9a998b0a63ad1bff46c93d65d0ed544c3638fc Loading...

	pro.paradigmnewsletters.org/p/Scripts/Common.js	ScriptElement	2.4 kB	2023-03-09	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/Scripts/Common.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	836 B	2023-11-08	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 05:21 Last Seen2025-04-26 09:06 Times Seen1401 Hash 4e2e4cbe63ac644606cfa87e76452824 3936c2eb6588579868016076278ccd961760eda0 85c1ef4cc98021ecdbab4fb4016a5a3500c7c47f6a2dd042083947f32ab1fb05 Loading...

	cdn.getblueshift.com/blueshift.js	ScriptElement	6.6 kB	2023-11-22	2024-08-20
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 06:19 Last Seen2024-08-20 18:22 Times Seen312 Hash 859d16b4786a243736a9b219445eae43 e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5 393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen887 Hash 525d0b8417e918e828c73233e2e7b437 98cce5ccb75b57d7a47822a88b159d54bdf05fdd 9dc28f8d48c697f48911cc3ce9ae64edfae072127840572164c90548695e82ca Loading...

	fast.wistia.com/assets/external/allIntegrations.js	ScriptElement	23 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen129 Hash 9a9248fb8178a9640de37511b065850f 086459b7f718251f753b82cee05f51c6ca2d3a84 fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12 Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	3.7 kB	2023-10-30	2024-08-20
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-30 18:58 Last Seen2024-08-20 21:46 Times Seen78 Hash f13bd2ddfa7c69932cad9db67ebc1d1a 6e48b6f7f8be417542c4ce398f087a28ae945fd5 340085e33ba5e260027502616e06cff86e7fe7551e4da66677b19f5f7600a50b Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	2.3 kB	2023-09-13	2024-08-21
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02 Last Seen2024-08-21 06:59 Times Seen338 Hash 3d013cb0fd283e7527d6262873f50105 3d9da52452e8a90890f0d9d09ac8d8e6229e9e5b d22ae161cd5b68410950c730064c07aa23aefbb494e3f35770c376cd7858909f Loading...

	unknown	ScriptElement	326 B	2023-03-14	2025-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28 Last Seen2025-04-26 09:06 Times Seen1449 Hash aedcaf36e4ad85dbf51037318c8ab10c c6210e518ab8eeb0a496b966241caeb1c464516a 5a0af2eeee3dcb3f4e43e4533947d91a74f63d17a73691aac1ad46367989809f Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash deeaa7c0af6a3a2abc4f6232e0726eaa 82dff020198b4ca13a2e26a4ebc0ad661a66712d e1d46eadd939d65337b58355bbd09d26261a5b2bd05b4802e8d448ee0a937d26 Loading...

	www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c	ScriptElement	279 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash 28695e90e745d95180b7019c3fab7500 971aa6a33ed99196c4d0ac15dc58146fa6ca1355 00232c3529755570fb9fd79b5429e7f4320f41bd8d719d1622803a01af1edf6f Loading...

	pro.paradigmnewsletters.org/p/Scripts/HideContent.js	ScriptElement	721 B	2023-03-09	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/Scripts/HideContent.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true	ScriptElement	2.2 kB	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1614 Hash e4f3e2e42bacfb36a7847e627e7e8276 5492c5e58d3c3abd4a40f736078f546b450e8085 5b86639a656d86f430a56426ae9ac2c83fe1a5c11d91739037f8b1146f5677b8 Loading...

	fast.wistia.com/assets/external/E-v1.js	ScriptElement	761 kB	2023-12-07	2023-12-11
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 20:39 Last Seen2023-12-11 15:44 Times Seen73 Hash 126858c9f3376ca1bc419aa2a2d0af28 51e06cde2e8cc415d06c63e144e6c36d2c95270d 78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877 Loading...

	unknown	ScriptElement	266 B	2023-11-16	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 19:30 Last Seen2024-08-20 19:14 Times Seen64 Hash ed25dafc14be45594c053b58c04d353e bd1b01b726385b4dfde35c88c21def7e10c416d1 686708e20640fabc0c8374c5d8929f5ca01bfefd0b825fadfccc6cab3a7a235a Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NKRVP76	ScriptElement	398 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NKRVP76 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash ab32ccb1acc6377180f8c78fbc09c6de ff08c4356001daa483f31cfbc5be9f030605456a 241b2d930722baf7bade3a380c8f73cfc2f78c9846581bf08c8cc8e236336538 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C	ScriptElement	243 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 21:50 Last Seen2023-12-09 21:50 Times Seen1 Hash 91351a280dc5d52fb76c61697172453a 61beb48e79fefcc9eaae587c393c07bea42c5419 934158640f9a58274dc070061a25cfaadbac0b6ccf79cc240521929273882100 Loading...

HTTP Transactions (60)

URL IP Response Size

verifiedwebpage.com/go?ehash=2db2d5e6ad1ab1aafd532d2c7d773770&product=33260&ar=48&cid=139350&lid=6edc3d98062e20596ae710d84bb4d7de&slhash=63293&mtaid=[s7]&cid2=[s8]

188.114.97.1

302 Found

134 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=2db2d5e6ad1ab1aafd532d2c7d773770&product=33260&ar=48&cid=139350&lid=6edc3d98062e20596ae710d84bb4d7de&slhash=63293&mtaid=[s7]&cid2=[s8]
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
Fingerprint0D:F8:EF:F4:23:CD:FB:7E:DE:C7:29:3C:B4:F7:A4:CE:6A:FB:89:AB
ValiditySat, 14 Oct 2023 13:52:56 GMT - Fri, 12 Jan 2024 13:52:55 GMT

File type
HTML document text - HTML document text - HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /go?ehash=2db2d5e6ad1ab1aafd532d2c7d773770&product=33260&ar=48&cid=139350&lid=6edc3d98062e20596ae710d84bb4d7de&slhash=63293&mtaid=[s7]&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 20:49:54 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=466111&AFID=430135&SID=3415202737506641410
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=2c87be994236a43500eb4c67ad33f5c4; path=/
pixel_session_hash_33260=3415202737506641410; expires=Mon, 08-Jan-2024 20:49:53 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_33260=ad039eaf3e63ed28a0a8b7cd099f6f833c8de2f60573c1a91a09cb09c33e88f7; expires=Mon, 11-Dec-2023 20:49:53 GMT; Max-Age=172800
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB0lQzhJCCh8yvwbdg38HyPDbyQzsnnuMh%2FIR5SbLruKpImMLAHZgRhIvEXaeSmhtjWq6mu8MlZLUz5AKm1838kykZrTT3po9oWdhGJNDpdLdeX6Cy3dT36rk44tytam1h2gIbdR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83301e07b9fe0b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

470kwc1.com/clk.trk?CID=466111&AFID=430135&SID=3415202737506641410

3.142.154.0

301 Moved Permanently

216 B

URL User Request GET HTTP/1.1
470kwc1.com/clk.trk?CID=466111&AFID=430135&SID=3415202737506641410
IP
3.142.154.0:80
ASN
#16509 AMAZON-02

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
e8f046f7232244cc96d172ad0d9e9d95
208c53e701e0610765e7659332485e838413a369
0fd9a66a38cb9c2bb19de328e492d8242597e99dd3670c2312165d5f4ae73a20

HTTP Headers

GET /clk.trk?CID=466111&AFID=430135&SID=3415202737506641410 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 20:49:55 GMT
content-type: text/html; charset=utf-8
content-length: 216
location: https://pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05
cache-control: private
server: Microsoft-IIS/10.0
p3p: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
x-aspnet-version: 4.0.30319
set-cookie: LTTC6_466111=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05; expires=Sat, 16-Dec-2023 20:49:55 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

click.thedailymoneytips.com/

172.67.166.218

143 B

URL
click.thedailymoneytips.com/
IP
172.67.166.218:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text - HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 09 Dec 2023 20:49:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0kolywwZDz9Zb95vWDg%2BwCeEYFhQYEXWNKB6atTepRKmb%2FJYYUhkOs%2BwdqJcFz2WDu7CKC%2BQnFWmImQGGfUXj%2F1celzg8hU3IfdrOU78Kv%2B8EGFwHka5%2B6HNUqQrm6GA50ChJ7yHppuYKYBVWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 83301e15bfdeb4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05

192.135.136.169

301 Moved Permanently

216 B

URL User Request GET HTTP/1.1
pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05
IP
192.135.136.169:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
e8f046f7232244cc96d172ad0d9e9d95
208c53e701e0610765e7659332485e838413a369
0fd9a66a38cb9c2bb19de328e492d8242597e99dd3670c2312165d5f4ae73a20

HTTP Headers

GET /m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05
Date: Sat, 09 Dec 2023 20:49:55 GMT
Content-Length: 216
Set-Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!0k03+31yixfOoAM0QCUGrw3uOK3bWVgj9AxCa00GdT46NDEZBoF1KMtl8u/nb/M5RCSr/XBPYr0Ucts=; path=/; Httponly

pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05

192.135.136.169

301 Moved Permanently

255 B

URL User Request GET HTTP/1.1
pro.paradigm-press.info/m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05
IP
192.135.136.169:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with CRLF line terminators
Size
255 B (255 bytes)
Hash
c4bac050398d7d43c0206a2445ee9f99
165fa9c8a656d91f3ded61c4276d61255a7ea8f6
f72f10cfd1d706a7e13382cdb771998e7b7f353ef0bfd1a7e3b0f7bd97a8ded4

HTTP Headers

GET /m/2257091?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!0k03+31yixfOoAM0QCUGrw3uOK3bWVgj9AxCa00GdT46NDEZBoF1KMtl8u/nb/M5RCSr/XBPYr0Ucts=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Date: Sat, 09 Dec 2023 20:49:57 GMT
Content-Length: 255
Set-Cookie: 2257091=2671416; expires=Fri, 29-Dec-2023 20:49:57 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!nWzLiNlvX2GtK5s0QCUGrw3uOK3bWQ3YElvkhFzAtf+YjWs5ztcJ9Hos6UpwKYyoU8TVQmug+yvsZQQ=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true

161.129.26.18

200 OK

9.3 kB

URL User Request GET HTTP/1.1
pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document text - exported SGML document, Unicode text, UTF-8 text, with very long lines (1672), with CRLF, LF line terminators
Size
9.3 kB (9315 bytes)
Hash
633bc2a7652d8733ec9c1a8c683d56bf
e8d0827399829efefde4ea6e4f8ccd779ae3d369
528a141cfa50dfb492343c1731c76df6cd1ce59eefead3e616f2f53d05027e53

HTTP Headers

GET /p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 20:49:57 GMT
Content-Length: 9315
Set-Cookie: LALNZA40=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!UKcFthJy3rdYibo0QCUGrw3uOK3bWVkAv91TwrXU0D2rscPGuHEQBu/0Mdv1bGJOkWEX0WlkWwkddAk=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

fast.wistia.com/assets/external/E-v1.js

151.101.66.132

200 OK

129 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65474)
Size
129 kB (129063 bytes)
Hash
126858c9f3376ca1bc419aa2a2d0af28
51e06cde2e8cc415d06c63e144e6c36d2c95270d
78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2dfa35fa3c2d63da5bfe8edd5f3cb8df"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:49:58 GMT
age: 3365
x-served-by: cache-iad-kiad7000039-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 75, 13
x-timer: S1702154998.366801,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 129063
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/Common.js

161.129.26.18

200 OK

1.1 kB

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
DNT: 1
Connection: keep-alive
Cookie: LALNZA40=; BIGipServerIRIS_PROD_HTTPS_POOL=!UKcFthJy3rdYibo0QCUGrw3uOK3bWVkAv91TwrXU0D2rscPGuHEQBu/0Mdv1bGJOkWEX0WlkWwkddAk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 20:49:57 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.170

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:29 GMT
expires: Fri, 06 Dec 2024 15:44:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 191129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/HideContent.js

161.129.26.18

200 OK

466 B

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
DNT: 1
Connection: keep-alive
Cookie: LALNZA40=; BIGipServerIRIS_PROD_HTTPS_POOL=!UKcFthJy3rdYibo0QCUGrw3uOK3bWVkAv91TwrXU0D2rscPGuHEQBu/0Mdv1bGJOkWEX0WlkWwkddAk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 20:49:57 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

cdn.getblueshift.com/blueshift.js

54.230.111.60

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6564), with no line terminators
Size
2.8 kB (2805 bytes)
Hash
859d16b4786a243736a9b219445eae43
e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5
393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2805
Connection: keep-alive
Last-Modified: Tue, 21 Nov 2023 12:16:06 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 09 Dec 2023 20:33:31 GMT
Cache-Control: max-age=3600
ETag: "e7a548f293fa4dad39c906cae250b1ed"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N_aIp289hZFOCJ39O1LedhRcqoKC1RCMMEMTiIv5Ap7NzGfd6AFBXg==
Age: 988

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:21 GMT
expires: Fri, 06 Dec 2024 15:42:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 191257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/orbitron/v31/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nysimBoWgz.woff2

142.250.74.131

200 OK

6.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/orbitron/v31/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nysimBoWgz.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6408, version 1.0 - data
Size
6.4 kB (6408 bytes)
Hash
9b882484151d0c9684be930fdeff7f36
4497fee4c526023fc48ee8ff652d993a83b53911
85fb9efe5f3acc876988dda311a5a6b4350dcdbfc49068fb77116d19fe6a06aa

HTTP Headers

GET /s/orbitron/v31/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nysimBoWgz.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:55:20 GMT
expires: Fri, 06 Dec 2024 15:55:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:51:23 GMT
content-type: font/woff2
age: 190478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:21 GMT
expires: Fri, 06 Dec 2024 15:42:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 191257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:21 GMT
expires: Fri, 06 Dec 2024 15:42:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 191257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.131

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0 - data
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:21 GMT
expires: Fri, 06 Dec 2024 15:42:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 191257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Orbitron:wght@900&display=swap

142.250.74.106

200 OK

107 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@500;600;700;800&family=Orbitron:wght@900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression - data
Size
107 kB (107121 bytes)
Hash
b08a8ba36589959a698afb2be23c1f89
8ce71bcd25a4be17dcbc0ef6fd0b4b46e9d5c75b
aa1e0c3fe5e4d37a9ae9cb3301e9a9d1f1fcafc525600ca336d870dc42e1f460

HTTP Headers

GET /css2?family=Inter:wght@500;600;700;800&family=Orbitron:wght@900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 20:49:58 GMT
date: Sat, 09 Dec 2023 20:49:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-T5B9F8TL

142.250.74.168

200 OK

68 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T5B9F8TL
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (4625)
Size
68 kB (68466 bytes)
Hash
e8bac4cb25c6f0a95c4e6b4ac2adda49
112766133629813ea179fb66adeb7626de02e9d1
51419c14e0d045f99b3ad890f7413de925ddd94d763252f09fb92dc644c13e5e

HTTP Headers

GET /gtm.js?id=GTM-T5B9F8TL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:58 GMT
expires: Sat, 09 Dec 2023 20:49:58 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

142.250.74.168

200 OK

111 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (56012)
Size
111 kB (110999 bytes)
Hash
ab32ccb1acc6377180f8c78fbc09c6de
ff08c4356001daa483f31cfbc5be9f030605456a
241b2d930722baf7bade3a380c8f73cfc2f78c9846581bf08c8cc8e236336538

HTTP Headers

GET /gtm.js?id=GTM-NKRVP76 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:58 GMT
expires: Sat, 09 Dec 2023 20:49:58 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/lv3fk45qvy.json

151.101.66.132

200 OK

1.6 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/lv3fk45qvy.json
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
JSON data - , ASCII text, with very long lines (5777), with no line terminators
Size
1.6 kB (1601 bytes)
Hash
ed21432de6e80b7d688d572a02d96842
72da54594402c482882e0addbf24677d18f5432b
465333f7fcbf1d8f5c33d386ecce923f3f4f0d208f60645bcfeb736e80dff41b

HTTP Headers

GET /embed/medias/lv3fk45qvy.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"465333f7fcbf1d8f5c33d386ecce923f"
x-request-id: ebac8656-ff89-497b-956d-b1eab3bb9971
x-runtime: 0.054645
content-encoding: br
x-envoy-upstream-service-time: 56
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: TpTLeI7oo01O_GjJ7YGmzyYVjGWUAD3DtwCSPC_FEkW47EQIb3IEpw==
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:49:59 GMT
age: 58058
x-served-by: cache-iad-kiad7000047-IAD, cache-bma1648-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 36, 1
x-timer: S1702154999.035111,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1601
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_BG_final.jpg

54.230.241.180

200 OK

88 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_BG_final.jpg
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.10.34, datetime=2023:09:25 11:13:19], progressive, precision 8, 1920x1080, components 3 - data
Size
88 kB (87778 bytes)
Hash
ab8d6cbb15f30f1ea92cb336e9da95da
f2cc93f01ea8bfddfd3ff7f73be71e67536c1e21
f93dc311b7a2a6e74958a03a507331119e165b15d221f411fa57081667b87510

HTTP Headers

GET /ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_BG_final.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 87778
server: nginx
date: Wed, 11 Oct 2023 17:32:11 GMT
last-modified: Mon, 25 Sep 2023 15:22:51 GMT
cache-control: max-age=31536000
expires: Thu, 10 Oct 2024 17:32:11 GMT
etag: "6511a5cb-156e2"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 72wtArMxUGA4GOuDQ3DRYtRV0rSCLVzXDQH2-jDXXMhhGCYVlUU8Nw==
age: 5109468
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c

142.250.74.168

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (92695 bytes)
Hash
28695e90e745d95180b7019c3fab7500
971aa6a33ed99196c4d0ac15dc58146fa6ca1355
00232c3529755570fb9fd79b5429e7f4320f41bd8d719d1622803a01af1edf6f

HTTP Headers

GET /gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:59 GMT
expires: Sat, 09 Dec 2023 20:49:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

paradigmpressgroup.com/favicons/favicon-16x16.png

18.214.111.198

200 OK

587 B

URL GET HTTP/2
paradigmpressgroup.com/favicons/favicon-16x16.png
IP
18.214.111.198:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
FingerprintAE:B7:D7:11:15:BA:76:70:3D:73:D7:75:77:C9:E5:A6:E2:9B:6F:5F
ValidityFri, 10 Nov 2023 14:51:26 GMT - Thu, 08 Feb 2024 14:51:25 GMT

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced - data
Size
587 B (587 bytes)
Hash
2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 20:49:59 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1290840722.1702155006&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1960569273

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1290840722.1702155006&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1960569273
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDB:33:6A:DD:DA:72:55:0D:55:09:60:6E:D1:5B:40:D8:2B:9B:4F:3C
ValidityMon, 20 Nov 2023 08:12:16 GMT - Mon, 12 Feb 2024 08:12:15 GMT

File type
GIF image data, version 89a, 1 x 1 - data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1290840722.1702155006&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1960569273 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:49:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/apple-touch-icon.png

18.214.111.198

200 OK

3.0 kB

URL GET HTTP/2
paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
18.214.111.198:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
FingerprintAE:B7:D7:11:15:BA:76:70:3D:73:D7:75:77:C9:E5:A6:E2:9B:6F:5F
ValidityFri, 10 Nov 2023 14:51:26 GMT - Thu, 08 Feb 2024 14:51:25 GMT

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced - data
Size
3.0 kB (3017 bytes)
Hash
dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 20:49:59 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: R9iFHfkqnm/0Dk/fNht8xh1kCao4SWaobzGIXEcDkjjZZahQ1wZdol6cmJ8cHwuptRKYZDq01Z8=
x-amz-request-id: 7V3SGENA0EMXMT3J
date: Sat, 09 Dec 2023 20:24:30 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1530
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: R9iFHfkqnm/0Dk/fNht8xh1kCao4SWaobzGIXEcDkjjZZahQ1wZdol6cmJ8cHwuptRKYZDq01Z8=
x-amz-request-id: 7V3SGENA0EMXMT3J
date: Sat, 09 Dec 2023 20:24:30 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1530
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: R9iFHfkqnm/0Dk/fNht8xh1kCao4SWaobzGIXEcDkjjZZahQ1wZdol6cmJ8cHwuptRKYZDq01Z8=
x-amz-request-id: 7V3SGENA0EMXMT3J
date: Sat, 09 Dec 2023 20:24:30 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1530
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.252

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: R9iFHfkqnm/0Dk/fNht8xh1kCao4SWaobzGIXEcDkjjZZahQ1wZdol6cmJ8cHwuptRKYZDq01Z8=
x-amz-request-id: 7V3SGENA0EMXMT3J
date: Sat, 09 Dec 2023 20:24:30 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1530
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/googleAnalytics4.js

151.101.66.132

200 OK

4.2 kB

URL GET HTTP/2
fast.wistia.com/assets/external/googleAnalytics4.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (16541)
Size
4.2 kB (4152 bytes)
Hash
9bbbdbdad3d0da00881800f39ed6ad8b
03563b32521b2a04dc6e7ba8b5f1fe21181be7f0
f47b95dbf3f004a7305cfe6c6b107d76dac597a4c50a52e3f33240f76e4598d5

HTTP Headers

GET /assets/external/googleAnalytics4.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "79bd690906b70d00bf740332ef800755"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:49:59 GMT
age: 2671
x-served-by: cache-iad-kcgs7200086-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 4
x-timer: S1702155000.844043,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 4152
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.66.132

200 OK

21 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65455)
Size
21 kB (21129 bytes)
Hash
31f0b908fbd5fc16bf6737c637b83178
26f5effe6525ca16ceb9815cb26776a8ac36f81c
863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "b09d2ef450c9011369afee5fc7a5a161"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:49:59 GMT
age: 3291
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 68, 77
x-timer: S1702155000.877498,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 21129
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10082412.json

87.248.119.252

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10082412.json
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: FMDBZN5KP7GK20QH
x-amz-id-2: odd4MGHaf0gPZ0vKNdYajXRt37roiP2kPCohqZ8/2Q5IVAysYwL/IRvMPi/+Y2QLwsB0gZjz1LI=
content-type: application/json
date: Sat, 09 Dec 2023 20:05:01 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2698
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10114794.json

87.248.119.252

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10114794.json
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: NDW31P5XK5GE1J9N
x-amz-id-2: m3A7YboLn4zpwUOMZ9xj8zw0r4Hpnb5ROF0rImZ8Qsw4y0mT3jNzVNTJdXgAyOvNw9RbvVklSeZICpyGAUZQYcUTR5D1BZg3
content-type: application/json
date: Sat, 09 Dec 2023 20:12:39 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 2240
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10091245.json

87.248.119.252

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10091245.json
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0S2GV6S4N4A9J12P
x-amz-id-2: rIbX1agDjUTSNg/yV2uMNkY67Vb3Xr4E4V0VEgauRkPJRiuQI89SLSqjVMcykXwtc1FrJRxaqkA=
content-type: application/json
date: Sat, 09 Dec 2023 20:44:52 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 307
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10125189.json

87.248.119.252

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10125189.json
IP
87.248.119.252:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0S2TAS1TJATG6X55
x-amz-id-2: JibuqdOOGoMQkU/G7MRTFPUF4mh+P9XLkK2JfnGis4y3MC0LToivJXlVq8Xoe7Dd/KahNX8G/Iw=
content-type: application/json
date: Sat, 09 Dec 2023 20:44:52 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 307
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c

142.250.74.168

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
84 kB (84043 bytes)
Hash
ebe11439ac31dd0b5f07f8594b3af8ad
ded70bf110d29ba8dab9c53e3cdf97d5327bedaa
2965fc35fee358a30e5b5afce6025ad6d8767a1037a95b6e2eb40163a81e4264

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:59 GMT
expires: Sat, 09 Dec 2023 20:49:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C

142.250.74.168

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
84 kB (84024 bytes)
Hash
91351a280dc5d52fb76c61697172453a
61beb48e79fefcc9eaae587c393c07bea42c5419
934158640f9a58274dc070061a25cfaadbac0b6ccf79cc240521929273882100

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:59 GMT
expires: Sat, 09 Dec 2023 20:49:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pipedream.wistia.com/mput?topic=metrics

143.204.55.3

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.3:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 921
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 20:49:59 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Elkac7tcw6iqzLpC0Y_hLHFB0KoWadEI0lYiMyiww0_n2rMDVLZNvw==
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=2&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2913

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=2&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2913
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=2&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2913 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=1&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2882

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=1&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2882
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=1&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2882 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=3&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2924

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=3&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2924
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=3&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Click%20Report&tfd=2924 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_CTP_01.jpg

54.230.241.180

200 OK

69 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_CTP_01.jpg
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.10.34, datetime=2023:09:25 13:09:19], progressive, precision 8, 800x450, components 3 - data
Size
69 kB (68647 bytes)
Hash
d5ad4b3893b6e58dcd5e4ff5a4a8f4c4
0dec9e7905db5a32a864d81b2a8f5dbb71b68976
5db434e8ff063b00d357e59e56251262f16450f7bd7ca4fa68828a9599f8bb10

HTTP Headers

GET /ALN/aln_crownjewel_0923/ALN_AI_CROWN_JEWEL_CTP_01.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 68647
server: nginx
date: Wed, 11 Oct 2023 17:32:12 GMT
last-modified: Mon, 25 Sep 2023 17:09:42 GMT
cache-control: max-age=31536000
expires: Thu, 10 Oct 2024 17:32:12 GMT
etag: "6511bed6-10c27"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lUqTX9s9MUrQ3bt73dwFLipDdozrqBuA0I8H9hEiDUmhXe4q7as6kA==
age: 5109468
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/hls_video.js

151.101.66.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117668 bytes)
Hash
6e1e307293f078c95c07db8660ce607a
2a08bcf1166c9707485e568102f7c96e1f933b36
f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "5258bd9b9f222d0dd6df0056cd2b7524"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:50:00 GMT
age: 3497
x-served-by: cache-iad-kcgs7200099-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 47
x-timer: S1702155000.229787,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 117668
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/lv3fk45qvy.m3u8

151.101.66.132

200 OK

758 B

URL GET HTTP/2
fast.wistia.com/embed/medias/lv3fk45qvy.m3u8
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
M3U playlist, ASCII text
Size
758 B (758 bytes)
Hash
166d8476d78ae63dc75b3aa6d7540cb2
b2169c00c9399a8d2e15db1a9bfff959936a58f8
723be5f48dfa5a739a6dc2e0467c756eecb92972aff19c11b4d96bdd3b5daff9

HTTP Headers

GET /embed/medias/lv3fk45qvy.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"723be5f48dfa5a739a6dc2e0467c756e"
x-request-id: ed95374b-c0aa-4668-8ec2-8341f2d310da
x-runtime: 0.034056
x-envoy-upstream-service-time: 35
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: X9ywJJsGRtdjACUl8lQrlGqbVSDwrn-GE8EPyXxDtvohc6dUXfcogw==
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:50:00 GMT
age: 4065
x-served-by: cache-iad-kjyo7100064-IAD, cache-bma1648-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 10121, 1
x-timer: S1702155000.389763,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 758
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.66.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
GIF image data, version 89a, 100 x 100 - data
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:50:00 GMT
age: 3528
x-served-by: cache-iad-kcgs7200077-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 100
x-timer: S1702155000.394200,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.3

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.3:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 20:50:00 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PopQ9283rzbwUhYk2mCJuZ1L2LknBKYk1gp9uphVBJ_QMvEwQE6WZw==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8

143.204.55.103

200 OK

107 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
107 kB (107228 bytes)
Hash
41b7b3049ed6b7956256b04cc0c0929f
d5b3896aea3a7090066b3537a0b4fc3a0a9dd4e1
d46c6efaa10ccf14b870b9f913babff3ea2411b4ad15a1f17e138d0f2524c8c7

HTTP Headers

GET /deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 107228
server: envoy
date: Sun, 12 Nov 2023 09:18:47 GMT
expires: Mon, 11 Nov 2024 09:18:47 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: ad7ac52c887c9c2afe75ece7cbf70bac395dd33c-hls-segment
surrogate-key: ad7ac52c887c9c2afe75ece7cbf70bac395dd33c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 87
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gbk_mFA1Bj_yfOs3Aho5C0jImtwMpyPII80eIJk8U8n_piqIsupEAA==
age: 2374273
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8/seg-1-v1-a1.ts

143.204.55.103

200 OK

325 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8/seg-1-v1-a1.ts
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
MPEG transport stream data - data
Size
325 kB (325240 bytes)
Hash
daf9fdd57b65d759fddcae0ab5fc5076
c22b19069e7903cbeaa417060f56a49b442b5430
0ae69927b06de54952b208bb8c602ca9a0f043a53e1114f0d3186985f467962f

HTTP Headers

GET /deliveries/ad7ac52c887c9c2afe75ece7cbf70bac395dd33c.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 325240
server: envoy
date: Wed, 15 Nov 2023 19:09:39 GMT
expires: Thu, 14 Nov 2024 19:09:39 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: ad7ac52c887c9c2afe75ece7cbf70bac395dd33c-hls-segment
surrogate-key: ad7ac52c887c9c2afe75ece7cbf70bac395dd33c-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 324
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3I0pu3HhE1c8_gfgpGrD4e6Fy-HHtzbDo-jjXcsAWecCMT5kCEMIig==
age: 2079621
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/fb90a73ec39b7bd08784e04666d8eb1d14df5d2d.m3u8

143.204.55.103

200 OK

107 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/fb90a73ec39b7bd08784e04666d8eb1d14df5d2d.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
107 kB (107228 bytes)
Hash
1f0cab48fdebf14b4c0604bf60a762eb
f2e775c63c0e250e56177cc4cf1b528c3dc4eb1e
4df58a7959a5d463e9f8c43b621d0eb8129d8551346f5d594894a3a8f6dd0d7c

HTTP Headers

GET /deliveries/fb90a73ec39b7bd08784e04666d8eb1d14df5d2d.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 107228
server: envoy
date: Tue, 05 Dec 2023 04:55:42 GMT
expires: Wed, 04 Dec 2024 04:55:42 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: fb90a73ec39b7bd08784e04666d8eb1d14df5d2d-hls-segment
surrogate-key: fb90a73ec39b7bd08784e04666d8eb1d14df5d2d-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 84
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wkzvh2mQEN_tFbK9o5YfXzPM4wraaBSLoClw4CiOBwz8BLO4RxyccQ==
age: 402858
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z89166879800&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=4&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=aln_aware&tfd=3568

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z89166879800&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=4&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=aln_aware&tfd=3568
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z89166879800&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=4&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=aln_aware&tfd=3568 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

distillery.wistia.com/x

54.230.111.90

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.90:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1826
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 20:50:00 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4ig8S5lLXWNtQ2ZYvAFClDSws_GqjomiInaJ36qtTjGUfH1S4XIvpQ==
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.66.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (23371)
Size
5.8 kB (5774 bytes)
Hash
9a9248fb8178a9640de37511b065850f
086459b7f718251f753b82cee05f51c6ca2d3a84
fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2de48c3cd29dd8ca8c43042875b49727"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 20:50:00 GMT
age: 3207
x-served-by: cache-iad-kcgs7200101-IAD, cache-bma1648-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 48
x-timer: S1702155001.994711,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 5774
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.3

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.3:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1526
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 20:50:01 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zjUROcxUshc1EKEddmbKPkilHMk0sbgK0mGhkhRtRvL51PNPCxQ9kQ==
X-Firefox-Spdy: h2

api.getblueshift.com/unity.gif?t=1702155008&e=pageload&r=&z=294615&x=59976d352f424c4b27d325518576b9b2&k=3dde9b1d-932d-2265-3e92-96e0a0f9da07&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue

35.165.135.172

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1702155008&e=pageload&r=&z=294615&x=59976d352f424c4b27d325518576b9b2&k=3dde9b1d-932d-2265-3e92-96e0a0f9da07&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue
IP
35.165.135.172:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint53:0D:6B:AE:94:24:EE:BE:0F:BD:6E:C6:61:2F:FD:37:71:D2:21:0F
ValidityThu, 09 Mar 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1 - data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1702155008&e=pageload&r=&z=294615&x=59976d352f424c4b27d325518576b9b2&k=3dde9b1d-932d-2265-3e92-96e0a0f9da07&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 20:50:01 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: https://pro.paradigmnewsletters.org
access-control-expose-headers: etag
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&_s=5&tfd=8570

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&_s=5&tfd=8570
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&_s=5&tfd=8570 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=6&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=12804

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=6&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=12804
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=6&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=12804 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=7&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=17805

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=7&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=17805
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702155005586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1290840722.1702155006&ul=en-us&sr=1280x1024&_s=7&sid=1702155006&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_aicrownjewel_0923%2FLALNZA40%2F%3Fcake_s1%3D12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05%26h%3Dtrue&dt=%E2%80%9CThe%20A.I.%20Crown%20Jewel%E2%80%9D&en=Engagement&tfd=17805 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 20:50:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d2z65klgtz99km.cloudfront.net/css/base-styles.css

54.230.241.180

200 OK

3.4 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/css/base-styles.css
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3424), with no line terminators
Size
3.4 kB (3414 bytes)
Hash
51f40e7db924251b27b19054b4593625
3984c3e46770d3434ca14e02435d4f4a1d3d51f8
881e23c64e57d67d436f55f470840633ad3b819b03e427d830f79bc942a87228

HTTP Headers

GET /css/base-styles.css HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 24 Nov 2023 00:54:22 GMT
last-modified: Fri, 28 Jul 2023 14:10:52 GMT
cache-control: max-age=2592000
expires: Sun, 24 Dec 2023 00:54:22 GMT
etag: W/"64c3cc6c-d56"
x-powered-by: PleskLin
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7vcYtfty3Btt7p5MdI2GH6JynxCgKCUTPEhHWLaSJo-Yk9UdjM7HrA==
age: 1367736
X-Firefox-Spdy: h2

click.thedailymoneytips.com/aicrownj1023/2db2d5e6ad1ab1aafd532d2c7d773770/48/1990911199/139350/6edc3d98062e20596ae710d84bb4d7de/63293

172.67.166.218

302 Found

0 B

URL User Request GET HTTP/2
click.thedailymoneytips.com/aicrownj1023/2db2d5e6ad1ab1aafd532d2c7d773770/48/1990911199/139350/6edc3d98062e20596ae710d84bb4d7de/63293
IP
172.67.166.218:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectthedailymoneytips.com
Fingerprint79:EC:85:19:05:49:AD:6B:8A:A1:90:4E:B9:8D:91:79:4B:F6:6C:79
ValidityWed, 25 Oct 2023 16:41:13 GMT - Tue, 23 Jan 2024 16:41:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /aicrownj1023/2db2d5e6ad1ab1aafd532d2c7d773770/48/1990911199/139350/6edc3d98062e20596ae710d84bb4d7de/63293 HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 20:49:53 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=2db2d5e6ad1ab1aafd532d2c7d773770&product=33260&ar=48&cid=139350&lid=6edc3d98062e20596ae710d84bb4d7de&slhash=63293&mtaid=[s7]&cid2=[s8]
cache-control: max-age=600
expires: Sat, 09 Dec 2023 20:59:52 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7oDdNWMWKkt1lTvoDfGEOFtY4fNgQFl7gSfCPzOkaiXpcowhHKJXp5QKfCrsSkoVjhANRh%2BaDQSh6wm%2BRbTPZLZWZ%2FW5OhYCL5RF0aemw3bOPz2ZlUAeKPe2awR2IMxCtarAg9mRGNys1gBwkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83301e033b4156c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P95MDDF

142.250.74.168

200 OK

395 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P95MDDF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/aln_aicrownjewel_0923/LALNZA40/?cake_s1=12_145925633_39173dbd-93de-4904-aedf-a95a1077bf05&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (58522)
Size
395 kB (395286 bytes)
Hash
13740d6686ee69374b74643bd2dbccc6
4c4970f843c9f01810677f3095c51430ce41f917
62089fc09beb1f6050aa449fd419394cc392b5b4bd88a8cf5bbe4a519325fdec

HTTP Headers

GET /gtm.js?id=GTM-P95MDDF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 20:49:58 GMT
expires: Sat, 09 Dec 2023 20:49:58 GMT
cache-control: private, max-age=900
last-modified: Sat, 09 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations