Report - links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7

Report Overview

Submitted URL
links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
IP
35.238.129.105
ASN
#15169 GOOGLE
Submitted
2022-11-29 00:21:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.amplitude.com	2911	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	24 kB	54.230.245.209
c.lytics.io	5538	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	84 kB	104.26.3.22
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	10 kB	188.125.94.206
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	578 B	505 B	151.101.85.44
links.goodlifestylenews.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	35.238.129.105
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	21 kB	142.250.74.174
rs.fullstory.com	2455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	1.8 kB	35.186.194.58
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	707 B	254 B	70.42.32.159
paradigmpressgroup.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	837 B	4.2 kB	18.214.111.198
distillery.wistia.com	6708	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	164 B	52.207.88.224
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fast.wistia.com	5153	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	160 kB	151.101.86.110
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	19 kB	151.101.86.137
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	35 kB	142.250.74.138
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	90 kB	142.250.74.10
dizbubza2heg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	41 kB	143.204.42.18
verifiedsecure.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	587 B	1.3 kB	104.26.14.168
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.165
pro.paradigm-press.info	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	520 B	11 kB	192.135.136.169
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	45 kB	216.58.207.195
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	629 B	719 B	142.250.150.154
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.8 kB	212.82.100.181
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	962 B	607 B	162.247.241.14
embedwistia-a.akamaihd.net	8967	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	797 kB	23.36.76.200
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.9 kB	93.184.220.29
go.goodlifestylenews.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	9.2 kB	172.67.172.49
pro.paradigmnewsletters.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	25 kB	161.129.26.18
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.35
edge.fullstory.com	2769	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	67 kB	35.201.112.186
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	5.7 kB	23.38.201.81
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.176.211
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	42 kB	34.120.237.76
470kwc1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	810 B	40.113.236.107
d1u56hvpilpmef.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	233 kB	54.230.245.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7	Malware
2022-11-29	medium	links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7	Malware
2022-11-29	medium	go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	goodlifestylenews.com	Sinkholed
2022-11-28	medium	goodlifestylenews.com	Sinkholed
2022-11-28	medium	goodlifestylenews.com	Sinkholed

JavaScript (37)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 20:01:32 Times Seen36966699 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	2.2 kB	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen391 Hash e4f3e2e42bacfb36a7847e627e7e8276 5492c5e58d3c3abd4a40f736078f546b450e8085 5b86639a656d86f430a56426ae9ac2c83fe1a5c11d91739037f8b1146f5677b8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NKRVP76	320 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NKRVP76 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 22:06:44 Times Seen1 Hash 5cff9237e9b8ca1605d97591c3538126 5f750b130773556cce73e36bd9cbc4e5ccc56447 f6fc303d485295f1c26138c7fed3de00fa70a44503cf5f5415ebca3352859ced Loading...

	c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000	11 kB	2023-03-11	2023-03-11
Pretty URL c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000 IP 104.26.3.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 22:06:44 Times Seen1 Hash 63ef95025d6debadb9f2b99f51108a46 5edf69a7176091b275e21a0f764c46f2bbfffd2c 4f34d8fd72979bb67aa0a5f496e4e32fef9b9b470f7020d8a03d29e13da8fd0e Loading...

	tr.outbrain.com/cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	fast.wistia.com/assets/external/E-v1.js	643 kB	2023-03-11	2023-03-11
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.86.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:54:56 Last Seen2023-03-11 22:25:22 Times Seen1 Hash 5496b29f92170a463d402a2ee865010f 1bf888a76ff7b5910f3713cbb8d091f8541c5948 b4e2edb4b64948d39c4a5afa081e9148ee4fda21032377a4f22c3d53874d29d8 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	575 B	2023-03-10	2023-03-13
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2023-03-13 15:07:17 Times Seen1 Hash 8b0451be138c195d87174d9ead54f31f 31854d38eb0c7164e221cd4d481748b89b901e26 544914fb70a88f88b38b523a35711da352dafb5d8faa3582acb22c6e9e890d8f Loading...

	c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js	66 kB	2023-03-11	2023-03-11
Pretty URL c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js IP 104.26.3.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:39:01 Last Seen2023-03-11 23:33:54 Times Seen1 Hash 8f83364914ab9d620e89ec1503928447 8aa144a83f4121e4c28ffac56916cdecd71b102f d01ef05f057a8e032adbdea6c3a9c3d5db029597ec472f50aee9b93a032466db Loading...

	c.lytics.io/static/pathfora.min.js	104 kB	2023-03-07	2023-07-17
Pretty URL c.lytics.io/static/pathfora.min.js IP 104.26.3.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2023-07-17 22:58:52 Times Seen115 Hash 0d0ef41d96918b4c895a7672747e2249 07a6e2ebc86ce05f79287df1cf7c36fbe3fa9b3c 09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	496 kB	2023-03-08	2023-03-11
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.86.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:05 Last Seen2023-03-11 23:49:38 Times Seen1 Hash 1a49b10ba376131dee870b92aa218039 6cd3f83efb44a411436dbe82a1bf02414132a0a9 3b09df678ae79dc767f92e4dc106c4cc1c505a8ca36611b5ee18bc508500416d Loading...

	bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	fast.wistia.com/assets/external/allIntegrations.js	22 kB	2023-03-08	2023-03-13
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.86.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:20 Last Seen2023-03-13 18:16:36 Times Seen1 Hash 24185379cc7a2ddca30abf67bb14307a 1423e351eb7d4c740885bd24dc6763cf2fd26fae f22394f867711a1c7bc1754ac44271073c2782cfd2d4072fc5a9f5182c105327 Loading...

	pro.paradigmnewsletters.org/p/Scripts/Common.js	2.4 kB	2023-03-09	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/Scripts/Common.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-04-18 04:23:56 Times Seen700 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	39 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen542 Hash af8745eef59c123e59cd4703ea4cc40e 8aab93d5d6e19c3430396e434f734df7699aeda0 419e6fe661d8187589ce9e3f1f2888d3bd1fc5f4af3dc1e6a0321a66c31e1191 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	31 kB	2023-03-09	2023-03-13
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2023-03-13 15:07:17 Times Seen1 Hash 15b249f91ca232c0410978ca5511c4c8 c6a4149c69269197b0ce55e70ae8babf9849e545 5fe48432c384271ccbbb56a295c926ff296b80fd23a42785cc8f3b7e0d9e11b8 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	1.2 kB	2023-03-11	2023-03-11
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 23:22:47 Times Seen1 Hash 5f9df219bcbb7a5bf7ba70c6999d69c1 4c985577418b226cce0f223b5ea3ce220896272d 8a75317a8372d207cb3a53524ebe45bef0680c37f698ddb84f26e88752c0af9a Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	1.3 kB	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen389 Hash 94d29b65bf770b80ca20ff02e2ba5f41 a4c1ab460dbe34b9672c2745f50e0c792a64d932 2d59b45ab2c9e86e411bdd0f5f9d8bb84b383a197faf372ee4e91a0c9a651b87 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	469 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen388 Hash 1b942598e5ebe0432ae014b008148c5b 63d79dd6f78b6fa3d330d9f70ed48048f2cb9dd8 f91cdf301758a9d6e20bc3455aa0ad44dd54cf784f593aceb2283318c2117f94 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	341 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen391 Hash 285bc9b441da8c1fbab42396acae2df3 833ac60111a789824e40a385d2e225c129751bbd 7849138d30558b224e5ccd5847d7ea5767630e220bf7d4e3496e99c5fa02974f Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	2.9 kB	2023-03-11	2023-03-11
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 23:22:47 Times Seen1 Hash ef74e9c1e5785dcdeae3c2ace43739df 156c8d731ce8e048569ca117bb4a848f56be2924 0a553555dc76dc426a361f0397756e2ea65d5831c3d4291827bb220c3d0c0127 Loading...

	dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0	41 kB	2023-03-10	2023-03-11
Pretty URL dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0 IP 143.204.42.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2023-03-11 23:33:54 Times Seen1 Hash b565565314853b247e94736713e0f5e2 4a217d55d7037d996056f0deff0adaa7267b4245 76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.206 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	pro.paradigmnewsletters.org/p/Scripts/HideContent.js	721 B	2023-03-09	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/Scripts/HideContent.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56:16 Last Seen2024-04-18 04:23:56 Times Seen701 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	812 B	2023-03-11	2023-03-11
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:23:37 Last Seen2023-03-11 23:33:54 Times Seen1 Hash 47c34d0483610cfc51ab117b0167bc6b 512713023c5f5e67aeb6042a498344ee873766f9 e24148f7fa340f6b96b169519639c5aaad5af8c8a47c789bbc8a53fc3e1cc84f Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	469 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen388 Hash 6bfa85325d17bdaf99d6c48c4539b496 dcab4590a8eeae34b0e63df480f24c1e901800bc 0d293b59ef3ca7a501f575c64a240bc9dbaad8c1c637806793a4a2d8c334a6b9 Loading...

	edge.fullstory.com/s/fs.js	264 kB	2023-03-08	2023-03-11
Pretty URL edge.fullstory.com/s/fs.js IP 35.201.112.186 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:14 Last Seen2023-03-11 23:51:59 Times Seen1 Hash 32aace6585a1d8ac23e73b2a638d66e4 9c4a3a57dad2348b19821938e712e90420bcde42 6a5ff7be92be9d18a9b5d912a6983e14e28f97c9168bc47a01ca7d5172035d10 Loading...

	c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/config.js	90 kB	2023-03-10	2023-03-11
Pretty URL c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/config.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2023-03-11 23:33:54 Times Seen1 Hash b6d228cc1affeaa7327199433d343aae 8e7b552681f27752b8d324ed0b06680c2fde569d e91c4a35e3c744f3fea596b05b3cc9a17db0a872292895c59ee056cd6c1b5cc6 Loading...

	cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js	69 kB	2023-03-10	2023-03-17
Pretty URL cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js IP 54.230.245.209 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:23 Last Seen2023-03-17 11:37:28 Times Seen1 Hash a34b6bbfd39536c9127fe5da36569f2e 798cb3cec7cfadda33e2e3b9a31b5a560de0b3ec 68f2442634034675ac1d813fafe849afbc539d8672ee280127f7b4de691a0649 Loading...

	fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1	4.8 kB	2023-03-11	2023-03-11
Pretty URL fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1 IP 151.101.86.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 22:06:44 Times Seen1 Hash caf8e0f587c2e665c299d26a159e7517 13ba9a411550a4fa04d2bebbf24acb69af665fe4 01bd5398f2048df7d9afcc0e30985b47b39f4ed4330a0304c4b5ebca6c53e8b7 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	60 kB	2023-03-08	2023-03-12
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:20 Last Seen2023-03-12 11:44:00 Times Seen1 Hash c0b789b07a4c922fd1b141215dd82b8f d699b3f73796175f61d71f58ff5cc24d391912dc 59bc154daf7e95bda2f67cfcf2bc0dbbaa1e5d17e721a7f1600c928c583f8b5a Loading...

	js-agent.newrelic.com/nr-spa-1216.min.js	50 kB	2023-03-07	2024-03-22
Pretty URL js-agent.newrelic.com/nr-spa-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:43 Times Seen568 Hash 63e2df852d15ab21d7ff8fc4363222e8 7ee401ba652db0a4ec960350e17216cda01e22fb 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	300 B	2023-03-11	2023-03-11
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:06:44 Last Seen2023-03-11 22:06:44 Times Seen1 Hash 8514bb6cc6adb38d6a46758b87a6cae1 04a6ae281152b46110adc0d2f731e08c489c56cb 814a3e252b61f3740f7486135c610dd2023d1f0564605daa9379b10864034f81 Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	5.1 kB	2023-03-10	2023-03-11
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2023-03-11 23:33:54 Times Seen1 Hash 7623acba545dfba0a0075b21554d68a1 4b6b30736412ca209e2da9aab8b72ec5ab4a7032 ea267a863269e1234ff1ecccd815c33b8fa881a2ced418be74bca2ccb5c4b5ea Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	469 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen389 Hash 525d0b8417e918e828c73233e2e7b437 98cce5ccb75b57d7a47822a88b159d54bdf05fdd 9dc28f8d48c697f48911cc3ce9ae64edfae072127840572164c90548695e82ca Loading...

	pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true	469 B	2023-03-10	2024-04-18
Pretty URL pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07:22 Last Seen2024-04-18 04:23:56 Times Seen388 Hash deeaa7c0af6a3a2abc4f6232e0726eaa 82dff020198b4ca13a2e26a4ebc0ad661a66712d e1d46eadd939d65337b58355bbd09d26261a5b2bd05b4802e8d448ee0a937d26 Loading...

	fast.wistia.com/assets/external/wistia-mux.js	127 kB	2023-03-08	2023-03-12
Pretty URL fast.wistia.com/assets/external/wistia-mux.js IP 151.101.86.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:20 Last Seen2023-03-12 13:11:35 Times Seen1 Hash ca6c9d6f669ef27445775fe22a1cddfd e0bb37284ae754768988e9ad053ccfa84485b29a 7fac142ecfa68da3327c762c816f65fe76f9eaa4b3934e6f1cf9e721abb0664a Loading...

HTTP Transactions (97)

URL IP Response Size

links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7

35.238.129.105

308 Permanent Redirect

0 B

URL HTTP/1.1
links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
IP
35.238.129.105:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7 HTTP/1.1
Host: links.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
content-length: 0
location: https://links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Tue, 29 Nov 2022 00:20:49 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5113
Cache-Control: max-age=128145
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:49 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:56:34 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 00:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 76
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Tue, 29 Nov 2022 00:20:49 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: yXOHYI/W0Bad5stsdSV8FkS217Ych6X86AghMMfz4zZnR3wpGmc3sN94OmLUZSeY8N2kisCqbgo=
x-amz-request-id: QP3HHB0W01JNNRE4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 23:42:16 GMT
age: 2313
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f2a7601957cadb4717d7293a9c6b001
16c87507fa43374c1f7bf86aebb308bf53931754
c6c3a9d5f5e2d5092505fd84dbb19cbf85c455a8c780b67b8cba77553cf9677c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6C3A9D5F5E2D5092505FD84DBB19CBF85C455A8C780B67B8CBA77553CF9677C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19968
Expires: Tue, 29 Nov 2022 05:53:38 GMT
Date: Tue, 29 Nov 2022 00:20:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 00:08:55 GMT
cache-control: public,max-age=3600
age: 715
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7

35.238.129.105

302 Found

201 B

URL HTTP/1.1
links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
IP
35.238.129.105:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
201 B (201 bytes)
Hash
cc5ed5bb35f84b951bafaf754e60e977
2235103ba4911a1e37b78a11ddd9fc9129daa325
7b06473a7688120817f09cf648ccd452a97c91a517c2f3fb129161ea6b057cae

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7 HTTP/1.1
Host: links.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _session_id=6152bce616420fb51831622b001e16ca
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
transfer-encoding: chunked
status: 302 Found
cache-control: no-cache
vary: Origin
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d7e69e3b-b627-4805-83f2-e9f8d4f1885c
location: https://go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989
x-download-options: noopen
x-runtime: 0.024080
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 00:20:50 GMT
set-cookie: _session_id=6152bce616420fb51831622b001e16ca; path=/; expires=Tue, 29 Nov 2022 12:20:50 GMT; HttpOnly
x-powered-by: Phusion Passenger 5.3.7
server: nginx/1.14.0 + Phusion Passenger 5.3.5

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7a5348004528368170bb5d4a00f972a7
1b6b2803ad15c8d5d11b6dc3176d2596e7ee917c
a451bc0b5e78cf902f7d4e6563b858955eb27cf689d48a68c5766a603f641e63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112550
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:50 GMT
Etag: "63846508-117"
Expires: Wed, 30 Nov 2022 07:36:40 GMT
Last-Modified: Mon, 28 Nov 2022 07:36:40 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:50 GMT
Last-Modified: Mon, 28 Nov 2022 22:56:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.176.211

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.176.211:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IFPD3Hg66Rng2nXVjV0PNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RjH7DqFMn8JGH4RW0P81Po5XVkg=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7a5348004528368170bb5d4a00f972a7
1b6b2803ad15c8d5d11b6dc3176d2596e7ee917c
a451bc0b5e78cf902f7d4e6563b858955eb27cf689d48a68c5766a603f641e63

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=112550
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:51 GMT
Etag: "63846508-117"
Expires: Wed, 30 Nov 2022 07:36:41 GMT
Last-Modified: Mon, 28 Nov 2022 07:36:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d1e395dafb656ab3ae5e892cde52344
ba3b5cd59df774ae930c5f2c5962aeb298fbda3d
f22827f7f69ede4afc6f653fbb7c6c38393da5c70796fd96db996b2052accd80

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102127
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:51 GMT
Etag: "63843c52-118"
Expires: Wed, 30 Nov 2022 04:42:58 GMT
Last-Modified: Mon, 28 Nov 2022 04:42:58 GMT
Server: nginx
Content-Length: 280

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9203 bytes)
Hash
5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 74026
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989

172.67.172.49

302 Found

8.4 kB

URL HTTP/2
go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989
IP
172.67.172.49:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8402 bytes)
Hash
faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 29 Nov 2022 00:20:51 GMT
content-type: text/html; charset=UTF-8
location: https://VerifiedSecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]
cache-control: max-age=600
expires: Tue, 29 Nov 2022 00:30:51 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdqeEbedUY1W0efjC5nKTmzLeIrk2eZc2uhmzbhb23p6n8ikSkn57eqIGVxEaQ0XhUTr%2FUUFic2Gxkxx%2Bcgvbm3uqQRjsvy5mzGE3YjEr8SH6qVnpHBWh4Ht%2BUQolwhi0YW7vmkz9aAi5nQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e06fe46b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:16:47 GMT
age: 72245
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8578 bytes)
Hash
4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 23:18:30 GMT
age: 3742
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8796 bytes)
Hash
7e44c46db2ac9917110dc47aa38fdc85
b5b245c90705ad80c31d457c0d7c96709ca31e96
5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:56:22 GMT
age: 33870
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4901 bytes)
Hash
c812ff38eed34e674ee4090ffc602358
3515adf47d25a17eec2a62d045d217cd23a0f985
17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4901
x-amzn-requestid: a5ad8fee-b892-4485-9975-40e183506a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIsO3HDGIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380272b-5827122433cb8c6d5ab7e300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:23:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MSxsBockYtOQ1vJwadowGgFdFGyqM2R4ax2EQTLoVPu6y0hWy1H1sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 15:12:07 GMT
age: 32925
etag: "3515adf47d25a17eec2a62d045d217cd23a0f985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082

40.113.236.107

302 Found

216 B

URL HTTP/1.1
470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082
IP
40.113.236.107:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
155e716965ebdde6152a575d954dde7b
0591cc8c04569707858e38f7415a1ee884f0a533
f0aa3e13e2b7bb76458d3849680369caff5852b11cebfa0dc54b6ea5144ac84b

HTTP Headers

GET /clk.trk?CID=445608&AFID=430135&SID=3414659424126765082 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 29 Nov 2022 00:20:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 216
Connection: keep-alive
Cache-Control: private
Location: https://pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4
P3P: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version: 4.0.30319
Set-Cookie: LTTC6_445608=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4; expires=Tue, 06-Dec-2022 00:20:53 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b32e4f3cb5f48d2044bf6914eb697a5a
7e71e63f888f1b50b95d339a3de35c0080544289
240bce6094fcf537ef1ec7e0552f30a97d9c23b2399b58447b79ebab5fdb738c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "240BCE6094FCF537EF1EC7E0552F30A97D9C23B2399B58447B79EBAB5FDB738C"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 29 Nov 2022 01:12:17 GMT
Date: Tue, 29 Nov 2022 00:20:54 GMT
Connection: keep-alive

pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4

192.135.136.169

301 Moved Permanently

11 kB

URL HTTP/1.1
pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4
IP
192.135.136.169:0
ASN
#11372 14WEST-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (10616), with CRLF line terminators
Size
11 kB (10824 bytes)
Hash
74fe05f2ede3817276484e85f55ffec5
815081da863f35c503a79b9d1cde7c52b1f30f8e
3f1183004e8911f486b7d5f7b1ba3a0ee7896eccdd3fd52d0d3ab6682c0480ea

HTTP Headers

GET /m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Date: Tue, 29 Nov 2022 00:20:53 GMT
Content-Length: 10824
Set-Cookie: 2101473=2482377; expires=Mon, 19-Dec-2022 00:20:54 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!swERCHKISrLG8rxbyhZUbYl6SkaXWgqGqY251fnI8KYy/j94xIU+eTKYmzn6vYd4NanloFg03EnLPTs=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b32e4f3cb5f48d2044bf6914eb697a5a
7e71e63f888f1b50b95d339a3de35c0080544289
240bce6094fcf537ef1ec7e0552f30a97d9c23b2399b58447b79ebab5fdb738c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "240BCE6094FCF537EF1EC7E0552F30A97D9C23B2399B58447B79EBAB5FDB738C"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 29 Nov 2022 01:12:17 GMT
Date: Tue, 29 Nov 2022 00:20:54 GMT
Connection: keep-alive

pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true

161.129.26.18

200 OK

22 kB

URL HTTP/1.1
pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
IP
161.129.26.18:0
ASN
#11372 14WEST-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31333), with CRLF, LF line terminators
Size
22 kB (22076 bytes)
Hash
c64202fe4feecc436da760a3f7c8e9ce
8c7ef56e561212cdf758c4008d8ef6bec18e1fd7
728fe47d0915160778d16849c6e0ba109dbc5874f22edf5066cd0cc204ec5ba5

HTTP Headers

GET /p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 22076
Set-Cookie: LALNYA25=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.138

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 451795
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/Common.js

161.129.26.18

200 OK

1.1 kB

URL HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
161.129.26.18:0
ASN
#11372 14WEST-AS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
531f759e66179bdfddd96426d458ea14
f3b2ae3c57a5d7a2032c0f7dbfd579a58bd632e7
c98b18c4cc6c2849d549ab55e124bfe800f31148614eddb33c8924bcf54d5e98

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Connection: keep-alive
Cookie: LALNYA25=; BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 05:43:09 GMT
Accept-Ranges: bytes
ETag: "1be39421f7d61:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

fast.wistia.com/assets/external/E-v1.js

151.101.86.110

200 OK

472 B

URL HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
data
Size
472 B (472 bytes)
Hash
07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1c79d"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:55 GMT
age: 1319
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 13, 27
x-timer: S1669681255.462287,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116637
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pro.paradigmnewsletters.org/p/Scripts/HideContent.js

161.129.26.18

200 OK

466 B

URL HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
161.129.26.18:0
ASN
#11372 14WEST-AS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
f12dd6f3f31e259ecc2eca76c902110a
889141478801c49932231713181481ab28448053
589ccfb3b9d9dc8b4b640a699e2f18dad228af487d1b6d0eef255421dc883691

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Connection: keep-alive
Cookie: LALNYA25=; BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2018 07:05:29 GMT
Accept-Ranges: bytes
ETag: "9d768e35f49bd31:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2

216.58.207.195

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10276, version 1.0\012- data
Size
10 kB (10276 bytes)
Hash
009c6774d6b870532c82ac2bbdb0563b
feaafb7b23ce676cb96650594127d4caa20433f9
3e32984aefeea2b4a7bcbd0405129391503dcb298fcc0e354794f3baf0ddd26f

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:39:47 GMT
expires: Fri, 24 Nov 2023 21:39:47 GMT
cache-control: public, max-age=31536000
age: 355269
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 468804
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:40:23 GMT
expires: Thu, 23 Nov 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 448833
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap

142.250.74.10

200 OK

90 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
90 kB (89630 bytes)
Hash
11cfe56bcb1cf375fd35ff6ca14d55cf
a59e7570fe56f00730efd8b4579d7ff167047f39
3576874740af5b98c6fd80c568507c30e0b7f44e49bc350075d03452aa16d56a

HTTP Headers

GET /css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 00:20:55 GMT
date: Tue, 29 Nov 2022 00:20:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/top-bg.png

54.230.245.125

200 OK

80 kB

URL HTTP/2
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/top-bg.png
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1000 x 452, 8-bit/color RGBA, non-interlaced\012- data
Size
80 kB (79572 bytes)
Hash
437857dd7a4b5a12a58d35db70cf3577
96484cd7f4299f1fbfebb7327e608159d0fe4001
50c8fbd334aeb50d873142e67c2d18938afb004689614b13bb7cea25532abbdd

HTTP Headers

GET /ALN/aln_coiledcrypto_0822/top-bg.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 79572
server: nginx
date: Tue, 01 Nov 2022 10:23:07 GMT
last-modified: Thu, 04 Aug 2022 15:23:50 GMT
cache-control: max-age=31536000
expires: Wed, 01 Nov 2023 10:23:07 GMT
etag: "62ebe486-136d4"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4zl9YFU6ghCaVELXgweF2nPh4H_oZrutHXq_tRmYLeSPJtOyAviKIA==
age: 2383068
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/bottom-bg.png

54.230.245.125

200 OK

127 kB

URL HTTP/2
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/bottom-bg.png
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1000 x 381, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126810 bytes)
Hash
d56b565317854b4dede28ed4140f14ad
8702553054a62fcbfb05279e68cd8dc35222f8cb
a08812e6032831f6cc564ee4b38184cacd2b6927d09466f2a52cf31e3d773805

HTTP Headers

GET /ALN/aln_coiledcrypto_0822/bottom-bg.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 126810
server: nginx
date: Mon, 07 Nov 2022 12:26:00 GMT
last-modified: Thu, 04 Aug 2022 15:23:50 GMT
cache-control: max-age=31536000
expires: Tue, 07 Nov 2023 12:26:00 GMT
etag: "62ebe486-1ef5a"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E72vKHDcZaa3ltUDao4hyZ9PCuryHW2eNiTUbYsGnuSciPYuYlNHqg==
age: 1857296
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c63178fb4de35fcdc507ba1c9f476bd5
778979b339d2ab5628f61cb0eb2998c397bcd10e
c42cd86c057a2a56c81fdfdf5763aa2a6d86fef8c604732f7f99cc5fa30249c4

HTTP Headers

POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

edge.fullstory.com/s/fs.js

35.201.112.186

200 OK

66 kB

URL HTTP/2
edge.fullstory.com/s/fs.js
IP
35.201.112.186:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65410)
Size
66 kB (65803 bytes)
Hash
b3cc89ae11072c9ee7b443faa623e0e9
00a8279e679a5fb97dfc16860a1572094ff33f3b
0ac7e1b0178f6929b5aeb30c820f83a0101c6258415b280044955bad3974148c

HTTP Headers

GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsa83JJzx2FbrIGRhcnmt78xDhzoHdIz7Xw1jMiBEwJTVD1EjnW8eJqkJbQQbgD8-azpOcX2lQWGHQcKHHxH7E9D5NYco6O
x-goog-generation: 1667940125290071
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 65803
content-encoding: br
x-goog-hash: crc32c=LkMtdQ==, md5=s8yJrhEHLJ7ntEP6piPg6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 65803
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 28 Nov 2022 23:32:35 GMT
expires: Tue, 29 Nov 2022 00:32:35 GMT
cache-control: public, max-age=3600,no-transform
age: 2901
last-modified: Tue, 08 Nov 2022 20:42:05 GMT
etag: "b3cc89ae11072c9ee7b443faa623e0e9"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c63178fb4de35fcdc507ba1c9f476bd5
778979b339d2ab5628f61cb0eb2998c397bcd10e
c42cd86c057a2a56c81fdfdf5763aa2a6d86fef8c604732f7f99cc5fa30249c4

HTTP Headers

POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 22:41:08 GMT
expires: Tue, 29 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 5988
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d5a1fb3bacd9908905259c73a37c0151
1cb1938aed903d90e46ab470b22b967248f21c21
3c64ea4853c3b7a732f8a5c85305c413ed19d3c2ecf9739abd9fddd1e77c03f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=171669
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Etag: "63853d8c-117"
Expires: Thu, 01 Dec 2022 00:02:05 GMT
Last-Modified: Mon, 28 Nov 2022 23:00:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js

54.230.245.209

200 OK

23 kB

URL HTTP/2
cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
IP
54.230.245.209:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23381 bytes)
Hash
dd911bf17b828cc7b163c32407c6b94d
6c3bf4461bec7a3510da9f2e5e415df47a6277e5
1aca435afb2a895d810c6abfdf3e1247ebec22c9ae273bebd97e800cf8c42792

HTTP Headers

GET /libs/amplitude-4.1.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 23381
date: Tue, 31 May 2022 06:00:54 GMT
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
etag: "dd911bf17b828cc7b163c32407c6b94d"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Ab72F2O7EEayrsY6N3cFncAqh5p3OPFm
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IJH3HzVVS5BLBLeNbI5cuoU-rFc7B-4y6lLrruVRIcRbYp1aWqbf3g==
age: 15704403
X-Firefox-Spdy: h2

dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0

143.204.42.18

200 OK

41 kB

URL HTTP/2
dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
IP
143.204.42.18:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (40902), with no line terminators
Size
41 kB (40902 bytes)
Hash
b565565314853b247e94736713e0f5e2
4a217d55d7037d996056f0deff0adaa7267b4245
76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6

HTTP Headers

GET /js/profiles.compressed.js?v=2.0.0 HTTP/1.1
Host: dizbubza2heg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 40902
server: nginx/1.4.6 (Ubuntu)
date: Mon, 28 Nov 2022 06:59:17 GMT
last-modified: Tue, 14 Jul 2020 15:07:01 GMT
etag: "5f0dca15-9fc6"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kNYDR5GosljJijZ_E_75G-iAThpEPgXGVe5yhtH7wS5-VwTb9RRAsA==
age: 62499
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

23.38.201.81

200 OK

5.3 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
23.38.201.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (16574), with no line terminators
Size
5.3 kB (5269 bytes)
Hash
5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 29 Nov 2022 00:40:56 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Content-Length: 5269
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
75c1ad5630c0ea2201beca865aa00196
668de14dedb0a281738e0a614665797f70dae959
3feee3aa49ce8524ccc13847c65b5399bd7746afa0189178f4bdaf2a915b31de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FEEE3AA49CE8524CCC13847C65B5399BD7746AFA0189178F4BDAF2A915B31DE"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Tue, 29 Nov 2022 03:01:55 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive

c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js

104.26.3.22

200 OK

23 kB

URL HTTP/2
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js
IP
104.26.3.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (64432)
Size
23 kB (22791 bytes)
Hash
d1ee9fb29126bbe593634818dbeb9ebc
cf727de6865d208eb1ef39468ac3a9b0bf45ba5a
02351be8f09c37fe3f08fe3e277ea200627d5aa71d557f8b8023b1799c66d163

HTTP Headers

GET /api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 3568
last-modified: Mon, 28 Nov 2022 23:21:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLtATGCg0YU3rNoJT9btvUjK5Jau4FTshDFzGv9j3nba8AAaw4OGdpSKj5qMib9%2F5bUFs92vcGIwSAZNrGSMwdsrcMTzAtPcylN0v64fcfV3qDZ4QcdmhelfhQxQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77172e2bb9a30b59-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
098b84200301fda17addaa2b0c2b5aab
06a9aea6064bdb53a7e6fae61768a032c8582baa
b9761aeca616658fe327d9404650fc18b4c88a821e82aa69a8636b7b94a78aed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9761AECA616658FE327D9404650FC18B4C88A821E82AA69A8636B7B94A78AED"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Tue, 29 Nov 2022 01:13:02 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734

142.250.150.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734
IP
142.250.150.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://pro.paradigmnewsletters.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 00:20:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1

151.101.86.110

200 OK

1.5 kB

URL HTTP/2
fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4799), with no line terminators
Size
1.5 kB (1492 bytes)
Hash
e8e72c81c2f9b3de99aa3d9bb4dea50f
b00c89fa1a1e76074870892d0fcd88c2747f6d1f
253f6ea758381ab654bc70a60cc2a47c45ed4061d8369411caa01e6f93d04ea1

HTTP Headers

GET /embed/medias/rckoi5q4ao.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: W/"01bd5398f2048df7d9afcc0e30985b47"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 6ef18685be14ce145602985c3f3715b7
x-runtime: 0.054864
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:56 GMT
age: 32984
x-served-by: cache-iad-kcgs7200160-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 101, 1
x-timer: S1669681256.434645,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1492
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/wistia-mux.js

151.101.86.110

200 OK

31 kB

URL HTTP/2
fast.wistia.com/assets/external/wistia-mux.js
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65468)
Size
31 kB (31280 bytes)
Hash
8ca4953da62f6c8a05b7f2d7333a83f7
c68e554587e7e3dc6da836b6501e926ae543f933
9d7adbd9c2243a23cf7cb8ab534ce188da6f2b78d75e52ab79fb6af490dc6279

HTTP Headers

GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-7a30"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:56 GMT
age: 1319
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 19
x-timer: S1669681256.437563,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31280
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10091245.json

188.125.94.206

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10091245.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: JV1C2ZQDZDWTRV43
x-amz-id-2: poslNRY4xKDVPWJyN5eUwyAhMX2tXpSMdG5xH9cpYeR0B4harMbZbtSUfFw1Zaw1DbYUmTnIwoE=
content-type: application/json
date: Tue, 29 Nov 2022 00:11:45 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 551
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.yimg.com/wi/config/10125189.json

188.125.94.206

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10125189.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KWG6327RMK4EF4
x-amz-id-2: TrvXfoJdt3IU/sS/mBxnYlHvnzeQYCipl+ru259fQGuQRh7fFWX2I525gKzSQKfQnDPlmVJQLJg=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:55 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t

104.26.3.22

200 OK

35 B

URL HTTP/2
c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t
IP
104.26.3.22:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=6e5b7176-7de6-45b1-889e-84efafee205c; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOKDFEWAC1xcsbzLpG6DN1kUc2MBhoaMcqDiip%2BaD0oUcf4w6qabp7zmGHQuOXd6B44kpkfaTP%2BH8GxIF04lKD5qQWeMhZHEVanZKPKYcFLgJoUiS1bItwKF4rcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e2d6a920b59-OSL
X-Firefox-Spdy: h2

rs.fullstory.com/rec/page

35.186.194.58

200 OK

1.4 kB

URL HTTP/2
rs.fullstory.com/rec/page
IP
35.186.194.58:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (4447)
Size
1.4 kB (1440 bytes)
Hash
bff79f4b13266bb5bed2bd25a0a9930c
f488e42919b6b0bb1df64f3832925090d4801f7a
8078b85441a9bfeff8e668db2dfb0f3973aba60fc95dba51020e2f1ee1bed05e

HTTP Headers

POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 499
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://pro.paradigmnewsletters.org
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 29 Nov 2022 00:20:56 GMT
content-length: 1440
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
098b84200301fda17addaa2b0c2b5aab
06a9aea6064bdb53a7e6fae61768a032c8582baa
b9761aeca616658fe327d9404650fc18b4c88a821e82aa69a8636b7b94a78aed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9761AECA616658FE327D9404650FC18B4C88A821E82AA69A8636B7B94A78AED"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Tue, 29 Nov 2022 01:13:02 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive

s.yimg.com/wi/config/10082412.json

188.125.94.206

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10082412.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KYVAK1FQKXXTC0
x-amz-id-2: kzBEvCriLYctBjfTczNRRAzZ/iYGVbxIEDtkoWm7LzhnhUYQVhBLE1Pm5Z0iOJbsu4K/Ermc0tw=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:56 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10114794.json

188.125.94.206

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10114794.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KJ1EF6MHYNBNC2
x-amz-id-2: jYd8U0qKJcMzi4g44aggITy65hQxoyTb8JANmp9mpqKrTFOELsFdop5RGBhvP9RLQYZne9YCSZo=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:56 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000

104.26.3.22

200 OK

2.4 kB

URL HTTP/2
c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000
IP
104.26.3.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10786), with no line terminators
Size
2.4 kB (2430 bytes)
Hash
37e46a7bb50a43e5bbadcb3c9f538d96
486d2998651a91cc7a48076fe04a2cfc5775fe97
e3ddf039a7d4a1594d2e7622923d40be6705c1d9e1f20b725b2cd05e274f6e83

HTTP Headers

GET /api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin: 
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnRj5EzsSbEo8IcNklcmOhN7%2BPX3tW5FbdvKfAFEfLKXLuB%2BxH0KDgFHvc2c8hDo07LqYbKRiSZWcXzeZUsWqfHZ5RBLriJ%2FMrFJCpDnV9vqW9%2FPnyMuO75S0LVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e2d7a930b59-OSL
content-encoding: br
X-Firefox-Spdy: h2

d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/ctp.png

54.230.245.125

200 OK

25 kB

URL HTTP/2
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/ctp.png
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size
25 kB (25064 bytes)
Hash
881217abb4ed85b312f67e79c461450a
0b35b9130b388e40ec12e01da31faa9ef07ad91b
c3d4b8fa4e2f322c74e04b657a2d66b8da0ad05373af64c312d29d068beb9d85

HTTP Headers

GET /ALN/aln_coiledcrypto_0822/ctp.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 25064
server: nginx
date: Fri, 04 Nov 2022 10:21:27 GMT
last-modified: Wed, 31 Aug 2022 19:09:55 GMT
cache-control: max-age=31536000
expires: Sat, 04 Nov 2023 10:21:27 GMT
etag: "630fb203-61e8"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0Mo-QDrlGtFC4R5zP-7IUAEhAX-K85f67FKO4FNffUMyqfuUgBEMHg==
age: 2123969
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEIh7iDH23xMO_xAmfX_VcKIFEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAqG7sb92yVLt77pplXTypLE; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEBaU9knfNuJ_dMwSVLGDE14FEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAhV_EpOJ-F-IjbHHaC2KaQI; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.206

200 OK

6.0 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
data
Size
6.0 kB (5972 bytes)
Hash
818a3d192a89206e3deaeca02fef3871
7d1431892574e71513cde99c1df0e610274af60a
8c10eb9a7d54ee9264053c2f084aba25fd842fde2d6e888ed2be3b7f1e279e2d

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: X2qwDm1+ZQBB4jdHbh7v60XbdUT54QnIc2VyvnQANHXisk9heCnOWtvL4o7U8OWyA5M4rsJU6wU=
x-amz-request-id: A9JKR7WMFK1SKQFK
date: Mon, 28 Nov 2022 23:33:07 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2870
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEBDONYHW_r8eF90OiyaewRUFEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAqkmvvtr4zw1lYWyEVy9yL8; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

verifiedsecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]

104.26.14.168

302 Found

179 B

URL HTTP/2
verifiedsecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]
IP
104.26.14.168:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
179 B (179 bytes)
Hash
25e182ceeca7e9575e7adc7776469379
2daa7273bfd2ebead8a974816aa0ad47441c7f12
c9d1eb3be84c71f445fc86b4b9e99563148048873fe61bfe1ec0ca437eecf6db

HTTP Headers

GET /go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8] HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 29 Nov 2022 00:20:53 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=541cff29f38e41c95687ff930742f04f; path=/
pixel_session_hash_3029=3414659424126765082; expires=Thu, 29-Dec-2022 00:20:52 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_3029=2fa8405c8f41b5c4fe7373f6eecf20a0a42e2300dde7486c5ec6fed440050516; expires=Thu, 01-Dec-2022 00:20:52 GMT; Max-Age=172800
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXV8FarsRO%2BBY3RAkMiGBf7YfH4Wy1Qj0gYW6gaU88Tq4k2bJChl%2Fmt7S2%2Bmzf9MHauize%2FGzjGPPQNzuS8s0nhVmhCOAyo3iUgWZrYFaVDW4YyPqJ2YrL2BDGqphS3%2BdB1vdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e0bdd74b4ed-OSL
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer=

70.42.32.159

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer=
IP
70.42.32.159:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 00:20:57 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 9e9445dcfdd28ee5fc4dad6560cfa976
content-encoding: gzip

c.lytics.io/static/pathfora.min.js

104.26.3.22

200 OK

55 kB

URL HTTP/2
c.lytics.io/static/pathfora.min.js
IP
104.26.3.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
55 kB (55351 bytes)
Hash
f4d51e1ba8e891dcf9ab53a123e59ab4
247c9b43ee5bfee81b547b2b0dfc0cc83ba67bed
ba764fa3af9dd8607a0e7820e56b2b1db74809dcad84bcbbad5b3549e36eb7d9

HTTP Headers

GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Cookie: seerid=6e5b7176-7de6-45b1-889e-84efafee205c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 5760
last-modified: Mon, 28 Nov 2022 22:44:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjvxqaIJKzkKQxUUQ7B%2B03jn9xMJBQf71uR%2FvcPovNoTDGdM4Usd0%2FW98wqN6Ix2KREVWTijtlW08pJx5lHbIXofnzQL%2FXbulvp%2BGn%2BgkeWWjdDi%2Bq6sj6VYu998"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77172e31ec7d0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/hls_video.js

151.101.86.110

200 OK

114 kB

URL HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65469)
Size
114 kB (114373 bytes)
Hash
ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1bec5"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 1320
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 10
x-timer: S1669681257.417869,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-spa-1216.min.js

151.101.86.137

200 OK

18 kB

URL HTTP/2
js-agent.newrelic.com/nr-spa-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32010)
Size
18 kB (18216 bytes)
Hash
6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a

HTTP Headers

GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 234341
x-timer: S1669681257.476824,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/favicon-16x16.png

18.214.111.198

200 OK

587 B

URL HTTP/2
paradigmpressgroup.com/favicons/favicon-16x16.png
IP
18.214.111.198:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data
Size
587 B (587 bytes)
Hash
2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/apple-touch-icon.png

18.214.111.198

200 OK

3.0 kB

URL HTTP/2
paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
18.214.111.198:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced\012- data
Size
3.0 kB (3017 bytes)
Hash
dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.86.110

200 OK

1.2 kB

URL HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 100 x 100\012- data
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6385208b-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 28 Nov 2022 20:56:43 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 12120
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 172
x-timer: S1669681258.640906,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/rckoi5q4ao.m3u8

151.101.86.110

200 OK

749 B

URL HTTP/2
fast.wistia.com/embed/medias/rckoi5q4ao.m3u8
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
M3U playlist, ASCII text
Size
749 B (749 bytes)
Hash
8593043dcd672b459d6c7f4b7f16f775
30b07baac1390b4dac93d186e8cefaeb530903fa
1c841481e0906757d4e4798e1848c5ff319deb36d0ee9dffd9bef5634fe121b7

HTTP Headers

GET /embed/medias/rckoi5q4ao.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"1c841481e0906757d4e4798e1848c5ff"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 6b45b701df78e93c58c3c04a5f5dabaf
x-runtime: 0.031045
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 0
x-served-by: cache-iad-kjyo7100025-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 508, 1
x-timer: S1669681258.635089,VS0,VE91
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 749
X-Firefox-Spdy: h2

embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8

23.36.76.200

200 OK

126 kB

URL HTTP/1.1
embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
M3U playlist, ASCII text
Size
126 kB (126156 bytes)
Hash
16dad31d058172b901de607f1e851eb8
883d03d57bac1af298e95e4178369cd8e73102c5
96f4bb341364d022e3bd5f0d57746495599e4c6bf9702ad62dfe05cddb467996

HTTP Headers

GET /deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 126156
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c759e9674cd12ff252e945663560a0a48e8dea01-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=30832349
Expires: Mon, 20 Nov 2023 20:53:26 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
932c8e5de6e8da8cc7b5bed21711833e
f5fb395c941d7a0fbf21203e7e3903a6c2ef28ec
9c776ee3a7c336f2e892e19660d84bd695050203abd315c3d7f97adf247fb19f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122571
Date: Tue, 29 Nov 2022 00:20:57 GMT
Etag: "6384747d-1d7"
Expires: Wed, 30 Nov 2022 10:23:48 GMT
Last-Modified: Mon, 28 Nov 2022 08:42:37 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0edDkN4gL3gwb9hGp9uYYzuU_SC92ryvk_SObKvVFkgZaswh_ysz0A==
Age: 6071

embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts

23.36.76.200

200 OK

295 kB

URL HTTP/1.1
embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
MPEG transport stream data\012- data
Size
295 kB (295160 bytes)
Hash
cbfd24ce736c6876ce8bfc23ec2b250d
12e5f2677cc4e2b0a440cca17fba346f63f0b014
bf9df1f773d6f41e0dfb8bcc70bdbae2ed3991df9ee4e7bd72c5974a7dec8285

HTTP Headers

GET /deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 295160
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c759e9674cd12ff252e945663560a0a48e8dea01-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31138155
Expires: Fri, 24 Nov 2023 09:50:12 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *

distillery.wistia.com/x

52.207.88.224

204 No Content

0 B

URL HTTP/2
distillery.wistia.com/x
IP
52.207.88.224:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1462
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Tue, 29 Nov 2022 00:20:57 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2

embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8

23.36.76.200

200 OK

126 kB

URL HTTP/1.1
embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
M3U playlist, ASCII text
Size
126 kB (126156 bytes)
Hash
277e0492963b3c32a66440841cfcb468
74de2e41a280602489266a86508dc3e6c261aca8
7e6b124034868a99a601b267cd7214d82d4f1757373ea0dc0bbaceb73281fa2f

HTTP Headers

GET /deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 126156
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 70e0a56389be0ab73ec3454f0b3e4310145d547b-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31309177
Expires: Sun, 26 Nov 2023 09:20:34 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *

embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts

23.36.76.200

200 OK

247 kB

URL HTTP/1.1
embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts
IP
23.36.76.200:0
ASN
#20940 Akamai International B.V.

File type
MPEG transport stream data\012- data
Size
247 kB (247032 bytes)
Hash
d0dabc280ce1e11a85e47b6e61c1098e
5a64852046c629d928aeabefe5c5a7219dd38351
5cacb5426e4b2d445056736f00a7904641691d6c7d974e3ad301d2ef887e3a88

HTTP Headers

GET /deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 247032
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 70e0a56389be0ab73ec3454f0b3e4310145d547b-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31309176
Expires: Sun, 26 Nov 2023 09:20:34 GMT
Date: Tue, 29 Nov 2022 00:20:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *

bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 00:20:58 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77172e363c860b39-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=55d32819c5476ff6; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

fast.wistia.com/assets/external/allIntegrations.js

151.101.86.110

200 OK

5.6 kB

URL HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.86.110:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21637), with no line terminators
Size
5.6 kB (5623 bytes)
Hash
98d8f1350f159ef9d630464f2677623c
ee33382759ec18abebe452fb065599627d729114
0bcc59bc6540d08234fceefb99483c915ced9406d7b30173817cb18553c462b3

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-15f7"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:58 GMT
age: 1321
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 794, 11
x-timer: S1669681258.452992,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 5623
X-Firefox-Spdy: h2

trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d

151.101.85.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
cache-control: no-cache, no-store
pragma: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669681257.069722,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP