links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
35.238.129.105308 Permanent Redirect 0 B URL HTTP/1.1 links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
IP 35.238.129.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7 HTTP/1.1
Host: links.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
content-length: 0
location: https://links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3449
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Tue, 29 Nov 2022 00:20:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5113
Cache-Control: max-age=128145
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:49 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:56:34 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 00:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 76
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Tue, 29 Nov 2022 00:20:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yXOHYI/W0Bad5stsdSV8FkS217Ych6X86AghMMfz4zZnR3wpGmc3sN94OmLUZSeY8N2kisCqbgo=
x-amz-request-id: QP3HHB0W01JNNRE4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 23:42:16 GMT
age: 2313
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f2a7601957cadb4717d7293a9c6b001
16c87507fa43374c1f7bf86aebb308bf53931754
c6c3a9d5f5e2d5092505fd84dbb19cbf85c455a8c780b67b8cba77553cf9677c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6C3A9D5F5E2D5092505FD84DBB19CBF85C455A8C780B67B8CBA77553CF9677C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19968
Expires: Tue, 29 Nov 2022 05:53:38 GMT
Date: Tue, 29 Nov 2022 00:20:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 00:08:55 GMT
cache-control: public,max-age=3600
age: 715
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
35.238.129.105302 Found 201 B URL HTTP/1.1 links.goodlifestylenews.com/a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7
IP 35.238.129.105:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash cc5ed5bb35f84b951bafaf754e60e977
2235103ba4911a1e37b78a11ddd9fc9129daa325
7b06473a7688120817f09cf648ccd452a97c91a517c2f3fb129161ea6b057cae
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /a/1610/click/1024/213914/415dab06bb0170b35892301c85c6d016a688a57b/115b22d122583cdfa87824f574f223d2a80f45f7 HTTP/1.1
Host: links.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _session_id=6152bce616420fb51831622b001e16ca
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
transfer-encoding: chunked
status: 302 Found
cache-control: no-cache
vary: Origin
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: d7e69e3b-b627-4805-83f2-e9f8d4f1885c
location: https://go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989
x-download-options: noopen
x-runtime: 0.024080
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 00:20:50 GMT
set-cookie: _session_id=6152bce616420fb51831622b001e16ca; path=/; expires=Tue, 29 Nov 2022 12:20:50 GMT; HttpOnly
x-powered-by: Phusion Passenger 5.3.7
server: nginx/1.14.0 + Phusion Passenger 5.3.5
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a5348004528368170bb5d4a00f972a7
1b6b2803ad15c8d5d11b6dc3176d2596e7ee917c
a451bc0b5e78cf902f7d4e6563b858955eb27cf689d48a68c5766a603f641e63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112550
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:50 GMT
Etag: "63846508-117"
Expires: Wed, 30 Nov 2022 07:36:40 GMT
Last-Modified: Mon, 28 Nov 2022 07:36:40 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:50 GMT
Last-Modified: Mon, 28 Nov 2022 22:56:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IFPD3Hg66Rng2nXVjV0PNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RjH7DqFMn8JGH4RW0P81Po5XVkg=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a5348004528368170bb5d4a00f972a7
1b6b2803ad15c8d5d11b6dc3176d2596e7ee917c
a451bc0b5e78cf902f7d4e6563b858955eb27cf689d48a68c5766a603f641e63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=112550
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:51 GMT
Etag: "63846508-117"
Expires: Wed, 30 Nov 2022 07:36:41 GMT
Last-Modified: Mon, 28 Nov 2022 07:36:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d1e395dafb656ab3ae5e892cde52344
ba3b5cd59df774ae930c5f2c5962aeb298fbda3d
f22827f7f69ede4afc6f653fbb7c6c38393da5c70796fd96db996b2052accd80
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102127
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:51 GMT
Etag: "63843c52-118"
Expires: Wed, 30 Nov 2022 04:42:58 GMT
Last-Modified: Mon, 28 Nov 2022 04:42:58 GMT
Server: nginx
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3477
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Tue, 29 Nov 2022 00:20:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 74026
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989
172.67.172.49302 Found 8.4 kB URL HTTP/2 go.goodlifestylenews.com/CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989
IP 172.67.172.49:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /CoilCrypto11/129ab4aa1888aea6e033eea54d37b0e1/55/leadsource/1024/1610/0b170c42c43aa402d22694883ece6989 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 29 Nov 2022 00:20:51 GMT
content-type: text/html; charset=UTF-8
location: https://VerifiedSecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]
cache-control: max-age=600
expires: Tue, 29 Nov 2022 00:30:51 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdqeEbedUY1W0efjC5nKTmzLeIrk2eZc2uhmzbhb23p6n8ikSkn57eqIGVxEaQ0XhUTr%2FUUFic2Gxkxx%2Bcgvbm3uqQRjsvy5mzGE3YjEr8SH6qVnpHBWh4Ht%2BUQolwhi0YW7vmkz9aAi5nQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e06fe46b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:16:47 GMT
age: 72245
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 23:18:30 GMT
age: 3742
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e44c46db2ac9917110dc47aa38fdc85
b5b245c90705ad80c31d457c0d7c96709ca31e96
5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:56:22 GMT
age: 33870
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c812ff38eed34e674ee4090ffc602358
3515adf47d25a17eec2a62d045d217cd23a0f985
17847348aa28dce436e4181ec86578e154c3a700b48df9bbdb771abaa3d2ed58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d4df78-04ce-4ad8-b5a5-07c0212d3a16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4901
x-amzn-requestid: a5ad8fee-b892-4485-9975-40e183506a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIsO3HDGIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380272b-5827122433cb8c6d5ab7e300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:23:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MSxsBockYtOQ1vJwadowGgFdFGyqM2R4ax2EQTLoVPu6y0hWy1H1sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 15:12:07 GMT
age: 32925
etag: "3515adf47d25a17eec2a62d045d217cd23a0f985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082
40.113.236.107302 Found 216 B URL HTTP/1.1 470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082
IP 40.113.236.107:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 155e716965ebdde6152a575d954dde7b
0591cc8c04569707858e38f7415a1ee884f0a533
f0aa3e13e2b7bb76458d3849680369caff5852b11cebfa0dc54b6ea5144ac84b
GET /clk.trk?CID=445608&AFID=430135&SID=3414659424126765082 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 29 Nov 2022 00:20:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 216
Connection: keep-alive
Cache-Control: private
Location: https://pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4
P3P: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
X-AspNet-Version: 4.0.30319
Set-Cookie: LTTC6_445608=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4; expires=Tue, 06-Dec-2022 00:20:53 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b32e4f3cb5f48d2044bf6914eb697a5a
7e71e63f888f1b50b95d339a3de35c0080544289
240bce6094fcf537ef1ec7e0552f30a97d9c23b2399b58447b79ebab5fdb738c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "240BCE6094FCF537EF1EC7E0552F30A97D9C23B2399B58447B79EBAB5FDB738C"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 29 Nov 2022 01:12:17 GMT
Date: Tue, 29 Nov 2022 00:20:54 GMT
Connection: keep-alive
pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4
192.135.136.169301 Moved Permanently 11 kB URL HTTP/1.1 pro.paradigm-press.info/m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4
IP 192.135.136.169:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (10616), with CRLF line terminators
Hash 74fe05f2ede3817276484e85f55ffec5
815081da863f35c503a79b9d1cde7c52b1f30f8e
3f1183004e8911f486b7d5f7b1ba3a0ee7896eccdd3fd52d0d3ab6682c0480ea
GET /m/2101473?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Date: Tue, 29 Nov 2022 00:20:53 GMT
Content-Length: 10824
Set-Cookie: 2101473=2482377; expires=Mon, 19-Dec-2022 00:20:54 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!swERCHKISrLG8rxbyhZUbYl6SkaXWgqGqY251fnI8KYy/j94xIU+eTKYmzn6vYd4NanloFg03EnLPTs=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b32e4f3cb5f48d2044bf6914eb697a5a
7e71e63f888f1b50b95d339a3de35c0080544289
240bce6094fcf537ef1ec7e0552f30a97d9c23b2399b58447b79ebab5fdb738c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "240BCE6094FCF537EF1EC7E0552F30A97D9C23B2399B58447B79EBAB5FDB738C"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3083
Expires: Tue, 29 Nov 2022 01:12:17 GMT
Date: Tue, 29 Nov 2022 00:20:54 GMT
Connection: keep-alive
pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
161.129.26.18200 OK 22 kB URL HTTP/1.1 pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
IP 161.129.26.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31333), with CRLF, LF line terminators
Hash c64202fe4feecc436da760a3f7c8e9ce
8c7ef56e561212cdf758c4008d8ef6bec18e1fd7
728fe47d0915160778d16849c6e0ba109dbc5874f22edf5066cd0cc204ec5ba5
GET /p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 22076
Set-Cookie: LALNYA25=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 451795
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pro.paradigmnewsletters.org/p/Scripts/Common.js
161.129.26.18200 OK 1.1 kB URL HTTP/1.1 pro.paradigmnewsletters.org/p/Scripts/Common.js
IP 161.129.26.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 531f759e66179bdfddd96426d458ea14
f3b2ae3c57a5d7a2032c0f7dbfd579a58bd632e7
c98b18c4cc6c2849d549ab55e124bfe800f31148614eddb33c8924bcf54d5e98
GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Connection: keep-alive
Cookie: LALNYA25=; BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 05:43:09 GMT
Accept-Ranges: bytes
ETag: "1be39421f7d61:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 472 B URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1c79d"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:55 GMT
age: 1319
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 13, 27
x-timer: S1669681255.462287,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116637
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
161.129.26.18200 OK 466 B URL HTTP/1.1 pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP 161.129.26.18:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash f12dd6f3f31e259ecc2eca76c902110a
889141478801c49932231713181481ab28448053
589ccfb3b9d9dc8b4b640a699e2f18dad228af487d1b6d0eef255421dc883691
GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/?cake_s1=11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4&h=true
Connection: keep-alive
Cookie: LALNYA25=; BIGipServerIRIS_PROD_HTTPS_POOL=!XTC9M7alpc1TI9NbyhZUbYl6SkaXWpmQ0MCkP5cNFGhAPaPBizn8YZOKUuFJg/9xkSpYsRLz/Z5yNxA=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2018 07:05:29 GMT
Accept-Ranges: bytes
ETag: "9d768e35f49bd31:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Tue, 29 Nov 2022 00:20:55 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10276, version 1.0\012- data
Hash 009c6774d6b870532c82ac2bbdb0563b
feaafb7b23ce676cb96650594127d4caa20433f9
3e32984aefeea2b4a7bcbd0405129391503dcb298fcc0e354794f3baf0ddd26f
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:39:47 GMT
expires: Fri, 24 Nov 2023 21:39:47 GMT
cache-control: public, max-age=31536000
age: 355269
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 468804
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:40:23 GMT
expires: Thu, 23 Nov 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 448833
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap
142.250.74.10200 OK 90 kB URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap
IP 142.250.74.10:0
Hash 11cfe56bcb1cf375fd35ff6ca14d55cf
a59e7570fe56f00730efd8b4579d7ff167047f39
3576874740af5b98c6fd80c568507c30e0b7f44e49bc350075d03452aa16d56a
GET /css2?family=Oswald:wght@600&family=Roboto:wght@500;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 00:20:55 GMT
date: Tue, 29 Nov 2022 00:20:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/top-bg.png
54.230.245.125200 OK 80 kB URL HTTP/2 d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/top-bg.png
IP 54.230.245.125:0
File type PNG image data, 1000 x 452, 8-bit/color RGBA, non-interlaced\012- data
Hash 437857dd7a4b5a12a58d35db70cf3577
96484cd7f4299f1fbfebb7327e608159d0fe4001
50c8fbd334aeb50d873142e67c2d18938afb004689614b13bb7cea25532abbdd
GET /ALN/aln_coiledcrypto_0822/top-bg.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 79572
server: nginx
date: Tue, 01 Nov 2022 10:23:07 GMT
last-modified: Thu, 04 Aug 2022 15:23:50 GMT
cache-control: max-age=31536000
expires: Wed, 01 Nov 2023 10:23:07 GMT
etag: "62ebe486-136d4"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4zl9YFU6ghCaVELXgweF2nPh4H_oZrutHXq_tRmYLeSPJtOyAviKIA==
age: 2383068
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/bottom-bg.png
54.230.245.125200 OK 127 kB URL HTTP/2 d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/bottom-bg.png
IP 54.230.245.125:0
File type PNG image data, 1000 x 381, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126810 bytes)
Hash d56b565317854b4dede28ed4140f14ad
8702553054a62fcbfb05279e68cd8dc35222f8cb
a08812e6032831f6cc564ee4b38184cacd2b6927d09466f2a52cf31e3d773805
GET /ALN/aln_coiledcrypto_0822/bottom-bg.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 126810
server: nginx
date: Mon, 07 Nov 2022 12:26:00 GMT
last-modified: Thu, 04 Aug 2022 15:23:50 GMT
cache-control: max-age=31536000
expires: Tue, 07 Nov 2023 12:26:00 GMT
etag: "62ebe486-1ef5a"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E72vKHDcZaa3ltUDao4hyZ9PCuryHW2eNiTUbYsGnuSciPYuYlNHqg==
age: 1857296
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.35:0
Hash c63178fb4de35fcdc507ba1c9f476bd5
778979b339d2ab5628f61cb0eb2998c397bcd10e
c42cd86c057a2a56c81fdfdf5763aa2a6d86fef8c604732f7f99cc5fa30249c4
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 66 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (65410)
Hash b3cc89ae11072c9ee7b443faa623e0e9
00a8279e679a5fb97dfc16860a1572094ff33f3b
0ac7e1b0178f6929b5aeb30c820f83a0101c6258415b280044955bad3974148c
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsa83JJzx2FbrIGRhcnmt78xDhzoHdIz7Xw1jMiBEwJTVD1EjnW8eJqkJbQQbgD8-azpOcX2lQWGHQcKHHxH7E9D5NYco6O
x-goog-generation: 1667940125290071
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
x-goog-stored-content-length: 65803
content-encoding: br
x-goog-hash: crc32c=LkMtdQ==, md5=s8yJrhEHLJ7ntEP6piPg6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 65803
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 28 Nov 2022 23:32:35 GMT
expires: Tue, 29 Nov 2022 00:32:35 GMT
cache-control: public, max-age=3600,no-transform
age: 2901
last-modified: Tue, 08 Nov 2022 20:42:05 GMT
etag: "b3cc89ae11072c9ee7b443faa623e0e9"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7oY8-EgWmNE
IP 142.250.74.35:0
Hash c63178fb4de35fcdc507ba1c9f476bd5
778979b339d2ab5628f61cb0eb2998c397bcd10e
c42cd86c057a2a56c81fdfdf5763aa2a6d86fef8c604732f7f99cc5fa30249c4
POST /s/gts1d4/7oY8-EgWmNE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 22:41:08 GMT
expires: Tue, 29 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 5988
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5a1fb3bacd9908905259c73a37c0151
1cb1938aed903d90e46ab470b22b967248f21c21
3c64ea4853c3b7a732f8a5c85305c413ed19d3c2ecf9739abd9fddd1e77c03f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=171669
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Etag: "63853d8c-117"
Expires: Thu, 01 Dec 2022 00:02:05 GMT
Last-Modified: Mon, 28 Nov 2022 23:00:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
54.230.245.209200 OK 23 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
IP 54.230.245.209:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd911bf17b828cc7b163c32407c6b94d
6c3bf4461bec7a3510da9f2e5e415df47a6277e5
1aca435afb2a895d810c6abfdf3e1247ebec22c9ae273bebd97e800cf8c42792
GET /libs/amplitude-4.1.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 23381
date: Tue, 31 May 2022 06:00:54 GMT
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
etag: "dd911bf17b828cc7b163c32407c6b94d"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Ab72F2O7EEayrsY6N3cFncAqh5p3OPFm
accept-ranges: bytes
server: AmazonS3
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IJH3HzVVS5BLBLeNbI5cuoU-rFc7B-4y6lLrruVRIcRbYp1aWqbf3g==
age: 15704403
X-Firefox-Spdy: h2
dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
143.204.42.18200 OK 41 kB URL HTTP/2 dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
IP 143.204.42.18:0
File type ASCII text, with very long lines (40902), with no line terminators
Hash b565565314853b247e94736713e0f5e2
4a217d55d7037d996056f0deff0adaa7267b4245
76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6
GET /js/profiles.compressed.js?v=2.0.0 HTTP/1.1
Host: dizbubza2heg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 40902
server: nginx/1.4.6 (Ubuntu)
date: Mon, 28 Nov 2022 06:59:17 GMT
last-modified: Tue, 14 Jul 2020 15:07:01 GMT
etag: "5f0dca15-9fc6"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kNYDR5GosljJijZ_E_75G-iAThpEPgXGVe5yhtH7wS5-VwTb9RRAsA==
age: 62499
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 29 Nov 2022 00:40:56 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Content-Length: 5269
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75c1ad5630c0ea2201beca865aa00196
668de14dedb0a281738e0a614665797f70dae959
3feee3aa49ce8524ccc13847c65b5399bd7746afa0189178f4bdaf2a915b31de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FEEE3AA49CE8524CCC13847C65B5399BD7746AFA0189178F4BDAF2A915B31DE"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Tue, 29 Nov 2022 03:01:55 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js
104.26.3.22200 OK 23 kB URL HTTP/2 c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js
IP 104.26.3.22:0
File type ASCII text, with very long lines (64432)
Hash d1ee9fb29126bbe593634818dbeb9ebc
cf727de6865d208eb1ef39468ac3a9b0bf45ba5a
02351be8f09c37fe3f08fe3e277ea200627d5aa71d557f8b8023b1799c66d163
GET /api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: application/javascript
access-control-allow-origin: *
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 3568
last-modified: Mon, 28 Nov 2022 23:21:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLtATGCg0YU3rNoJT9btvUjK5Jau4FTshDFzGv9j3nba8AAaw4OGdpSKj5qMib9%2F5bUFs92vcGIwSAZNrGSMwdsrcMTzAtPcylN0v64fcfV3qDZ4QcdmhelfhQxQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77172e2bb9a30b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 098b84200301fda17addaa2b0c2b5aab
06a9aea6064bdb53a7e6fae61768a032c8582baa
b9761aeca616658fe327d9404650fc18b4c88a821e82aa69a8636b7b94a78aed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9761AECA616658FE327D9404650FC18B4C88A821E82AA69A8636B7B94A78AED"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Tue, 29 Nov 2022 01:13:02 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734
142.250.150.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734
IP 142.250.150.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=926334687.1669681256&jid=1873755583&gjid=723306709&_gid=1772852530.1669681256&_u=YGBAiEABBAAAAEAAI~&z=485250734 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://pro.paradigmnewsletters.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 00:20:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1
151.101.86.110200 OK 1.5 kB URL HTTP/2 fast.wistia.com/embed/medias/rckoi5q4ao.json?callback=wistiajson1
IP 151.101.86.110:0
File type ASCII text, with very long lines (4799), with no line terminators
Hash e8e72c81c2f9b3de99aa3d9bb4dea50f
b00c89fa1a1e76074870892d0fcd88c2747f6d1f
253f6ea758381ab654bc70a60cc2a47c45ed4061d8369411caa01e6f93d04ea1
GET /embed/medias/rckoi5q4ao.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: W/"01bd5398f2048df7d9afcc0e30985b47"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 6ef18685be14ce145602985c3f3715b7
x-runtime: 0.054864
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:56 GMT
age: 32984
x-served-by: cache-iad-kcgs7200160-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 101, 1
x-timer: S1669681256.434645,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1492
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/wistia-mux.js
151.101.86.110200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65468)
Hash 8ca4953da62f6c8a05b7f2d7333a83f7
c68e554587e7e3dc6da836b6501e926ae543f933
9d7adbd9c2243a23cf7cb8ab534ce188da6f2b78d75e52ab79fb6af490dc6279
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-7a30"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:56 GMT
age: 1319
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 19
x-timer: S1669681256.437563,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 31280
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10091245.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10091245.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: JV1C2ZQDZDWTRV43
x-amz-id-2: poslNRY4xKDVPWJyN5eUwyAhMX2tXpSMdG5xH9cpYeR0B4harMbZbtSUfFw1Zaw1DbYUmTnIwoE=
content-type: application/json
date: Tue, 29 Nov 2022 00:11:45 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 551
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 00:20:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/config/10125189.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10125189.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KWG6327RMK4EF4
x-amz-id-2: TrvXfoJdt3IU/sS/mBxnYlHvnzeQYCipl+ru259fQGuQRh7fFWX2I525gKzSQKfQnDPlmVJQLJg=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:55 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t
104.26.3.22200 OK 35 B URL HTTP/2 c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t
IP 104.26.3.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1280x1024&_ts=1669681255806&_nmob=t&_device=desktop&url=pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&_v=3.0.29&_uid=6e5b7176-7de6-45b1-889e-84efafee205c&_getid=t HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: seerid=6e5b7176-7de6-45b1-889e-84efafee205c; Path=/; Domain=lytics.io; Max-Age=77760000; Secure; SameSite=None
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOKDFEWAC1xcsbzLpG6DN1kUc2MBhoaMcqDiip%2BaD0oUcf4w6qabp7zmGHQuOXd6B44kpkfaTP%2BH8GxIF04lKD5qQWeMhZHEVanZKPKYcFLgJoUiS1bItwKF4rcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e2d6a920b59-OSL
X-Firefox-Spdy: h2
rs.fullstory.com/rec/page
35.186.194.58200 OK 1.4 kB URL HTTP/2 rs.fullstory.com/rec/page
IP 35.186.194.58:0
File type JSON data\012- , ASCII text, with very long lines (4447)
Hash bff79f4b13266bb5bed2bd25a0a9930c
f488e42919b6b0bb1df64f3832925090d4801f7a
8078b85441a9bfeff8e668db2dfb0f3973aba60fc95dba51020e2f1ee1bed05e
POST /rec/page HTTP/1.1
Host: rs.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 499
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://pro.paradigmnewsletters.org
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 29 Nov 2022 00:20:56 GMT
content-length: 1440
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 098b84200301fda17addaa2b0c2b5aab
06a9aea6064bdb53a7e6fae61768a032c8582baa
b9761aeca616658fe327d9404650fc18b4c88a821e82aa69a8636b7b94a78aed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9761AECA616658FE327D9404650FC18B4C88A821E82AA69A8636B7B94A78AED"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Tue, 29 Nov 2022 01:13:02 GMT
Date: Tue, 29 Nov 2022 00:20:56 GMT
Connection: keep-alive
s.yimg.com/wi/config/10082412.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10082412.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KYVAK1FQKXXTC0
x-amz-id-2: kzBEvCriLYctBjfTczNRRAzZ/iYGVbxIEDtkoWm7LzhnhUYQVhBLE1Pm5Z0iOJbsu4K/Ermc0tw=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:56 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10114794.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10114794.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D0KJ1EF6MHYNBNC2
x-amz-id-2: jYd8U0qKJcMzi4g44aggITy65hQxoyTb8JANmp9mpqKrTFOELsFdop5RGBhvP9RLQYZne9YCSZo=
content-type: application/json
date: Tue, 29 Nov 2022 00:20:56 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000
104.26.3.22200 OK 2.4 kB URL HTTP/2 c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000
IP 104.26.3.22:0
File type ASCII text, with very long lines (10786), with no line terminators
Hash 37e46a7bb50a43e5bbadcb3c9f538d96
486d2998651a91cc7a48076fe04a2cfc5775fe97
e3ddf039a7d4a1594d2e7622923d40be6705c1d9e1f20b725b2cd05e274f6e83
GET /api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6e5b7176-7de6-45b1-889e-84efafee205c?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226e5b7176-7de6-45b1-889e-84efafee205c%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221280x1024%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue%22%2C%22_v%22%3A%223.0.29%22%7D&ts=1669681255825&callback=u_536384550131091000 HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:56 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
access-control-allow-methods: GET
access-control-allow-origin:
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnRj5EzsSbEo8IcNklcmOhN7%2BPX3tW5FbdvKfAFEfLKXLuB%2BxH0KDgFHvc2c8hDo07LqYbKRiSZWcXzeZUsWqfHZ5RBLriJ%2FMrFJCpDnV9vqW9%2FPnyMuO75S0LVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e2d7a930b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/ctp.png
54.230.245.125200 OK 25 kB URL HTTP/2 d1u56hvpilpmef.cloudfront.net/ALN/aln_coiledcrypto_0822/ctp.png
IP 54.230.245.125:0
File type PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Hash 881217abb4ed85b312f67e79c461450a
0b35b9130b388e40ec12e01da31faa9ef07ad91b
c3d4b8fa4e2f322c74e04b657a2d66b8da0ad05373af64c312d29d068beb9d85
GET /ALN/aln_coiledcrypto_0822/ctp.png HTTP/1.1
Host: d1u56hvpilpmef.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 25064
server: nginx
date: Fri, 04 Nov 2022 10:21:27 GMT
last-modified: Wed, 31 Aug 2022 19:09:55 GMT
cache-control: max-age=31536000
expires: Sat, 04 Nov 2023 10:21:27 GMT
etag: "630fb203-61e8"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0Mo-QDrlGtFC4R5zP-7IUAEhAX-K85f67FKO4FNffUMyqfuUgBEMHg==
age: 2123969
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEIh7iDH23xMO_xAmfX_VcKIFEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAqG7sb92yVLt77pplXTypLE; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Tue%2C%2029%20Nov%202022%2000%3A20%3A56%20GMT&n=0&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEBaU9knfNuJ_dMwSVLGDE14FEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAhV_EpOJ-F-IjbHHaC2KaQI; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 6.0 kB IP 188.125.94.206:0
Hash 818a3d192a89206e3deaeca02fef3871
7d1431892574e71513cde99c1df0e610274af60a
8c10eb9a7d54ee9264053c2f084aba25fd842fde2d6e888ed2be3b7f1e279e2d
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X2qwDm1+ZQBB4jdHbh7v60XbdUT54QnIc2VyvnQANHXisk9heCnOWtvL4o7U8OWyA5M4rsJU6wU=
x-amz-request-id: A9JKR7WMFK1SKQFK
date: Mon, 28 Nov 2022 23:33:07 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2870
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=The%20Crypto%20Market%20Has%20Crashed%2080%25&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
expires: Tue, 29 Nov 2022 00:20:57 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBGlQhWMCEBDONYHW_r8eF90OiyaewRUFEgEBAQGhhmOPYwAAAAAA_eMAAA&S=AQAAAqkmvvtr4zw1lYWyEVy9yL8; Expires=Wed, 29 Nov 2023 06:20:57 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
verifiedsecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]
104.26.14.168302 Found 179 B URL HTTP/2 verifiedsecure.org/go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8]
IP 104.26.14.168:0
Hash 25e182ceeca7e9575e7adc7776469379
2daa7273bfd2ebead8a974816aa0ad47441c7f12
c9d1eb3be84c71f445fc86b4b9e99563148048873fe61bfe1ec0ca437eecf6db
GET /go?ehash=129ab4aa1888aea6e033eea54d37b0e1&product=3029&ar=55&cid=1024&lid=1610&slhash=0b170c42c43aa402d22694883ece6989&mtaid=[s7]&cid2=[s8] HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 29 Nov 2022 00:20:53 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=445608&AFID=430135&SID=3414659424126765082
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=541cff29f38e41c95687ff930742f04f; path=/
pixel_session_hash_3029=3414659424126765082; expires=Thu, 29-Dec-2022 00:20:52 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_3029=2fa8405c8f41b5c4fe7373f6eecf20a0a42e2300dde7486c5ec6fed440050516; expires=Thu, 01-Dec-2022 00:20:52 GMT; Max-Age=172800
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXV8FarsRO%2BBY3RAkMiGBf7YfH4Wy1Qj0gYW6gaU88Tq4k2bJChl%2Fmt7S2%2Bmzf9MHauize%2FGzjGPPQNzuS8s0nhVmhCOAyo3iUgWZrYFaVDW4YyPqJ2YrL2BDGqphS3%2BdB1vdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77172e0bdd74b4ed-OSL
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer=
70.42.32.159200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer=
IP 70.42.32.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Faln_para_coiledcrypto_0822%2FLALNYA25%2F%3Fcake_s1%3D11_141943292_d878e6dd-f77f-4764-bb94-f3f48ca482a4%26h%3Dtrue&optOut=false&bust=00044065714944337975&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 00:20:57 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 9e9445dcfdd28ee5fc4dad6560cfa976
content-encoding: gzip
c.lytics.io/static/pathfora.min.js
104.26.3.22200 OK 55 kB URL HTTP/2 c.lytics.io/static/pathfora.min.js
IP 104.26.3.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f4d51e1ba8e891dcf9ab53a123e59ab4
247c9b43ee5bfee81b547b2b0dfc0cc83ba67bed
ba764fa3af9dd8607a0e7820e56b2b1db74809dcad84bcbbad5b3549e36eb7d9
GET /static/pathfora.min.js HTTP/1.1
Host: c.lytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Cookie: seerid=6e5b7176-7de6-45b1-889e-84efafee205c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000;
via: 1.1 google
cache-control: max-age=7200
cf-cache-status: HIT
age: 5760
last-modified: Mon, 28 Nov 2022 22:44:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjvxqaIJKzkKQxUUQ7B%2B03jn9xMJBQf71uR%2FvcPovNoTDGdM4Usd0%2FW98wqN6Ix2KREVWTijtlW08pJx5lHbIXofnzQL%2FXbulvp%2BGn%2BgkeWWjdDi%2Bq6sj6VYu998"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77172e31ec7d0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/engines/hls_video.js
151.101.86.110200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65469)
Size 114 kB (114373 bytes)
Hash ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1bec5"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 1320
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 10
x-timer: S1669681257.417869,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 234341
x-timer: S1669681257.476824,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
paradigmpressgroup.com/favicons/favicon-16x16.png
18.214.111.198200 OK 587 B URL HTTP/2 paradigmpressgroup.com/favicons/favicon-16x16.png
IP 18.214.111.198:0
File type PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6
GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2
paradigmpressgroup.com/favicons/apple-touch-icon.png
18.214.111.198200 OK 3.0 kB URL HTTP/2 paradigmpressgroup.com/favicons/apple-touch-icon.png
IP 18.214.111.198:0
File type PNG image data, 180 x 180, 8-bit grayscale, non-interlaced\012- data
Hash dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4
GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 00:20:57 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6385208b-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 28 Nov 2022 20:56:43 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 12120
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 36, 172
x-timer: S1669681258.640906,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/rckoi5q4ao.m3u8
151.101.86.110200 OK 749 B URL HTTP/2 fast.wistia.com/embed/medias/rckoi5q4ao.m3u8
IP 151.101.86.110:0
Hash 8593043dcd672b459d6c7f4b7f16f775
30b07baac1390b4dac93d186e8cefaeb530903fa
1c841481e0906757d4e4798e1848c5ff319deb36d0ee9dffd9bef5634fe121b7
GET /embed/medias/rckoi5q4ao.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"1c841481e0906757d4e4798e1848c5ff"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 6b45b701df78e93c58c3c04a5f5dabaf
x-runtime: 0.031045
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
age: 0
x-served-by: cache-iad-kjyo7100025-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 508, 1
x-timer: S1669681258.635089,VS0,VE91
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 749
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8
23.36.76.200200 OK 126 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 126 kB (126156 bytes)
Hash 16dad31d058172b901de607f1e851eb8
883d03d57bac1af298e95e4178369cd8e73102c5
96f4bb341364d022e3bd5f0d57746495599e4c6bf9702ad62dfe05cddb467996
GET /deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 126156
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c759e9674cd12ff252e945663560a0a48e8dea01-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=30832349
Expires: Mon, 20 Nov 2023 20:53:26 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 932c8e5de6e8da8cc7b5bed21711833e
f5fb395c941d7a0fbf21203e7e3903a6c2ef28ec
9c776ee3a7c336f2e892e19660d84bd695050203abd315c3d7f97adf247fb19f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122571
Date: Tue, 29 Nov 2022 00:20:57 GMT
Etag: "6384747d-1d7"
Expires: Wed, 30 Nov 2022 10:23:48 GMT
Last-Modified: Mon, 28 Nov 2022 08:42:37 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0edDkN4gL3gwb9hGp9uYYzuU_SC92ryvk_SObKvVFkgZaswh_ysz0A==
Age: 6071
embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 295 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 295 kB (295160 bytes)
Hash cbfd24ce736c6876ce8bfc23ec2b250d
12e5f2677cc4e2b0a440cca17fba346f63f0b014
bf9df1f773d6f41e0dfb8bcc70bdbae2ed3991df9ee4e7bd72c5974a7dec8285
GET /deliveries/c759e9674cd12ff252e945663560a0a48e8dea01.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 295160
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: c759e9674cd12ff252e945663560a0a48e8dea01-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31138155
Expires: Fri, 24 Nov 2023 09:50:12 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
distillery.wistia.com/x
52.207.88.224204 No Content 0 B IP 52.207.88.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1462
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 00:20:57 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8
23.36.76.200200 OK 126 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Size 126 kB (126156 bytes)
Hash 277e0492963b3c32a66440841cfcb468
74de2e41a280602489266a86508dc3e6c261aca8
7e6b124034868a99a601b267cd7214d82d4f1757373ea0dc0bbaceb73281fa2f
GET /deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 126156
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 70e0a56389be0ab73ec3454f0b3e4310145d547b-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31309177
Expires: Sun, 26 Nov 2023 09:20:34 GMT
Date: Tue, 29 Nov 2022 00:20:57 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts
23.36.76.200200 OK 247 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type MPEG transport stream data\012- data
Size 247 kB (247032 bytes)
Hash d0dabc280ce1e11a85e47b6e61c1098e
5a64852046c629d928aeabefe5c5a7219dd38351
5cacb5426e4b2d445056736f00a7904641691d6c7d974e3ad301d2ef887e3a88
GET /deliveries/70e0a56389be0ab73ec3454f0b3e4310145d547b.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 247032
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 70e0a56389be0ab73ec3454f0b3e4310145d547b-hls-segment ab51b76fc394d237632caa3a1319ee3b724983dc
Accept-Ranges: bytes
Cache-Control: max-age=31309176
Expires: Sun, 26 Nov 2023 09:20:34 GMT
Date: Tue, 29 Nov 2022 00:20:58 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=8126&ck=1&ref=https://pro.paradigmnewsletters.org/p/aln_para_coiledcrypto_0822/LALNYA25/&ap=37&be=6540&fe=7990&dc=6567&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669681248691,%22n%22:0,%22f%22:5148,%22dn%22:5149,%22dne%22:5158,%22c%22:5159,%22s%22:5273,%22ce%22:5609,%22rq%22:5609,%22rp%22:5761,%22rpe%22:5872,%22dl%22:5889,%22di%22:6561,%22ds%22:6561,%22de%22:6572,%22dc%22:7983,%22l%22:7988,%22le%22:7992%7D,%22navigation%22:%7B%7D%7D&fcp=6603&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 00:20:58 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77172e363c860b39-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=55d32819c5476ff6; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
fast.wistia.com/assets/external/allIntegrations.js
151.101.86.110200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21637), with no line terminators
Hash 98d8f1350f159ef9d630464f2677623c
ee33382759ec18abebe452fb065599627d729114
0bcc59bc6540d08234fceefb99483c915ced9406d7b30173817cb18553c462b3
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-15f7"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:58 GMT
age: 1321
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 794, 11
x-timer: S1669681258.452992,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 5623
X-Firefox-Spdy: h2
trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d
IP 151.101.85.44:0
GET /sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6e5b7176-7de6-45b1-889e-84efafee205c%26account_id%3D7633a10cce24ede709377546c8e3146d HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
cache-control: no-cache, no-store
pragma: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
date: Tue, 29 Nov 2022 00:20:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669681257.069722,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2