Report - click.thedailymoneytips.com/sadoomsday6mf1023/a7566b71bd06a20f988d4c16b3edfd33/48/TA_2H23JGI/1990834045/139350/6957ba18feb5c33b553f6ad514ca900e/63293

Report Overview

Visited public
2023-12-09 15:03:59
Tags
URL
click.thedailymoneytips.com/sadoomsday6mf1023/a7566b71bd06a20f988d4c16b3edfd33/48/TA_2H23JGI/1990834045/139350/6957ba18feb5c33b553f6ad514ca900e/63293
Finishing URL
pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
IP / ASN
172.67.166.218
#13335 CLOUDFLARENET
Title
Saudi Arabia Planning A New Attack On America

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.getblueshift.com	9346	2014-03-09	2014-05-10 00:20:22	2023-12-08 19:24:24	736 B	339 B	44.232.199.155
cdn.getblueshift.com	12716	2014-03-09	2016-09-19 05:21:38	2023-12-08 13:18:21	431 B	3.4 kB	54.230.111.60
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-09 10:52:39	455 B	35 kB	142.250.74.106
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-09 07:42:19	503 B	50 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-09 07:44:59	2.3 kB	481 kB	142.250.74.136
paradigmpressgroup.com	unknown	2022-05-20	2022-07-18 18:25:53	2023-12-08 06:28:06	939 B	4.2 kB	18.214.111.198
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-09 08:02:02	5.5 kB	2.6 kB	216.239.34.36
pipedream.wistia.com	6958	2007-03-18	2017-01-30 05:30:40	2023-12-08 17:50:40	1.7 kB	1.4 kB	143.204.55.51
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08 05:17:21	2023-12-09 08:21:53	1.6 kB	1.2 MB	143.204.55.103
470kwc1.com	unknown	2019-05-03	2020-04-29 23:06:05	2023-12-08 05:27:02	532 B	830 B	3.16.61.53
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-09 06:06:20	1.1 kB	63 kB	216.58.207.227
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-09 06:34:48	604 B	578 B	142.250.74.35
distillery.wistia.com	6708	2007-03-18	2012-09-30 04:46:15	2023-12-09 08:21:53	511 B	410 B	54.230.111.55
verifiedwebpage.com	unknown	2022-03-23	2022-03-23 19:03:14	2023-12-08 05:51:23	635 B	1.2 kB	188.114.97.1
click.thedailymoneytips.com	unknown	2019-06-27	2023-03-10 21:57:35	2023-12-09 06:40:09	907 B	1.7 kB	188.114.96.1
pro.paradigmnewsletters.org	unknown	2018-12-12	2019-06-06 21:52:38	2023-12-09 05:33:45	2.8 kB	14 kB	161.129.26.18
fast.wistia.com	5153	2007-03-18	2012-07-04 02:34:57	2023-12-08 19:31:27	3.8 kB	288 kB	151.101.66.132
d2z65klgtz99km.cloudfront.net	unknown	2008-04-25	2021-03-17 02:03:23	2023-12-09 00:57:06	2.5 kB	2.9 MB	54.230.241.180
s.yimg.com	375	1997-05-14	2012-05-21 00:45:00	2023-12-08 18:36:52	3.6 kB	32 kB	87.248.119.251
pro.paradigm-press.info	unknown	2019-02-19	2019-03-28 14:40:12	2023-12-08 06:28:02	557 B	841 B	192.135.136.169

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-09	medium	thedailymoneytips.com	Sinkholed
2023-12-09	medium	thedailymoneytips.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	From	Size	First Seen	Last Seen
	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	39 B	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen3027 Hash af8745eef59c123e59cd4703ea4cc40e 8aab93d5d6e19c3430396e434f734df7699aeda0 419e6fe661d8187589ce9e3f1f2888d3bd1fc5f4af3dc1e6a0321a66c31e1191 Loading...

	s.yimg.com/wi/ytc.js	ScriptElement	18 kB	2023-06-26	2024-08-29
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33 Last Seen2024-08-29 17:29 Times Seen6264 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen887 Hash 525d0b8417e918e828c73233e2e7b437 98cce5ccb75b57d7a47822a88b159d54bdf05fdd 9dc28f8d48c697f48911cc3ce9ae64edfae072127840572164c90548695e82ca Loading...

	www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c	ScriptElement	279 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 16:04 Last Seen2023-12-09 16:04 Times Seen1 Hash 2beecc5014b4d791bd86225fb1678bb5 a0f5c259046d23a398b2851c68acc58dadcc9d59 ac366e7dc283bea4f7786a9bdd0cfd9914c9aee8c9022b0a2f73bd49be8030e1 Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	ScriptElement	484 kB	2023-12-04	2023-12-12
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 21:23 Last Seen2023-12-12 14:56 Times Seen117 Hash 6e1e307293f078c95c07db8660ce607a 2a08bcf1166c9707485e568102f7c96e1f933b36 f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 20:40 Times Seen29049 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	pro.paradigmnewsletters.org/p/Scripts/Common.js	ScriptElement	2.4 kB	2023-03-09	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/Scripts/Common.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash ef9b6f612e89926fa10830ad89a7f3b6 faa8fbf56e4834534455c46ba2753118eb554c2e 86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd Loading...

	pro.paradigmnewsletters.org/p/Scripts/HideContent.js	ScriptElement	721 B	2023-03-09	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/Scripts/HideContent.js IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:56 Last Seen2025-04-26 09:06 Times Seen3875 Hash 624fa8179cc49ca9e80737453a6b3367 226693fb4119bc204e4dd3b8d36da8587fd00bb0 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	341 B	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1430 Hash 285bc9b441da8c1fbab42396acae2df3 833ac60111a789824e40a385d2e225c129751bbd 7849138d30558b224e5ccd5847d7ea5767630e220bf7d4e3496e99c5fa02974f Loading...

	unknown	ScriptElement	1.3 kB	2023-03-10	2025-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1426 Hash 94d29b65bf770b80ca20ff02e2ba5f41 a4c1ab460dbe34b9672c2745f50e0c792a64d932 2d59b45ab2c9e86e411bdd0f5f9d8bb84b383a197faf372ee4e91a0c9a651b87 Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	341 B	2023-09-13	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02 Last Seen2025-04-26 09:06 Times Seen1423 Hash ce1c2dd4d39647e5c7e8a4ded7c7d48a 4f7b2f537cb1a05bd6a7f661fce09d2db271bb38 8a871b5034d221b1a98614580a9a998b0a63ad1bff46c93d65d0ed544c3638fc Loading...

	cdn.getblueshift.com/blueshift.js	ScriptElement	6.6 kB	2023-11-22	2024-08-20
Pretty URL cdn.getblueshift.com/blueshift.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 06:19 Last Seen2024-08-20 18:22 Times Seen312 Hash 859d16b4786a243736a9b219445eae43 e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5 393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7 Loading...

	unknown	ScriptElement	326 B	2023-03-14	2025-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28 Last Seen2025-04-26 09:06 Times Seen1449 Hash aedcaf36e4ad85dbf51037318c8ab10c c6210e518ab8eeb0a496b966241caeb1c464516a 5a0af2eeee3dcb3f4e43e4533947d91a74f63d17a73691aac1ad46367989809f Loading...

	unknown	ScriptElement	1.2 kB	2023-03-14	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:28 Last Seen2024-08-21 06:59 Times Seen257 Hash 596005034249bdf75aca818504b579e8 ff04da238930839575b0b2709aadbdce5785bf12 110cf442650b6702dfbfa992c3537aca60014285e093faa411bb1f3ee45f2d4e Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	836 B	2023-11-08	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 05:21 Last Seen2025-04-26 09:06 Times Seen1401 Hash 4e2e4cbe63ac644606cfa87e76452824 3936c2eb6588579868016076278ccd961760eda0 85c1ef4cc98021ecdbab4fb4016a5a3500c7c47f6a2dd042083947f32ab1fb05 Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	3.1 kB	2023-11-08	2024-08-20
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 07:21 Last Seen2024-08-20 20:26 Times Seen40 Hash f067e00dd3e777b8efb7ac0e1d9da38c b0fd1b594b665e977582ce7fd6eb2c86a173a676 0735bd4c4cc9a6fa4dcc4ac87f50b66493d349dd4e11ecd47f07e20692da079c Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	2.3 kB	2023-09-13	2024-08-21
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 02:02 Last Seen2024-08-21 06:59 Times Seen338 Hash 3d013cb0fd283e7527d6262873f50105 3d9da52452e8a90890f0d9d09ac8d8e6229e9e5b d22ae161cd5b68410950c730064c07aa23aefbb494e3f35770c376cd7858909f Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true	ScriptElement	2.2 kB	2023-03-10	2025-04-26
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true IP 161.129.26.18 ASN #11372 14WEST-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:07 Last Seen2025-04-26 09:06 Times Seen1614 Hash e4f3e2e42bacfb36a7847e627e7e8276 5492c5e58d3c3abd4a40f736078f546b450e8085 5b86639a656d86f430a56426ae9ac2c83fe1a5c11d91739037f8b1146f5677b8 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:04 Times Seen341213 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P95MDDF	ScriptElement	395 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P95MDDF IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 16:04 Last Seen2023-12-09 16:04 Times Seen1 Hash cce67815384aed5bb648781746a2e422 91f90e287be7463c93cbe512f97fbdfc6aa0d439 a2c54dfdf29eb18dcaf79e54b8cdff273f1bc3c9fc3a986fedb9c774de899ac6 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash 6bfa85325d17bdaf99d6c48c4539b496 dcab4590a8eeae34b0e63df480f24c1e901800bc 0d293b59ef3ca7a501f575c64a240bc9dbaad8c1c637806793a4a2d8c334a6b9 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	ScriptElement	81 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen192 Hash 31f0b908fbd5fc16bf6737c637b83178 26f5effe6525ca16ceb9815cb26776a8ac36f81c 863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747 Loading...

	fast.wistia.com/assets/external/googleAnalytics4.js	ScriptElement	17 kB	2023-11-30	2023-12-12
Pretty URL fast.wistia.com/assets/external/googleAnalytics4.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 19:49 Last Seen2023-12-12 14:56 Times Seen77 Hash 9bbbdbdad3d0da00881800f39ed6ad8b 03563b32521b2a04dc6e7ba8b5f1fe21181be7f0 f47b95dbf3f004a7305cfe6c6b107d76dac597a4c50a52e3f33240f76e4598d5 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C	ScriptElement	243 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 16:04 Last Seen2023-12-09 16:04 Times Seen1 Hash 83b00a7611210f85341404d5aa93f97f 544368a58ae81e0ed238ed2927b74e79da7ab7e6 c1bb20b3e4f6278548f7343526b18667341d3a557b5af3af8c422743e48e5ef2 Loading...

	fast.wistia.com/assets/external/allIntegrations.js	ScriptElement	23 kB	2023-11-29	2023-12-12
Pretty URL fast.wistia.com/assets/external/allIntegrations.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 23:01 Last Seen2023-12-12 14:56 Times Seen129 Hash 9a9248fb8178a9640de37511b065850f 086459b7f718251f753b82cee05f51c6ca2d3a84 fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12 Loading...

	fast.wistia.com/assets/external/E-v1.js	ScriptElement	761 kB	2023-12-07	2023-12-11
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.66.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 20:39 Last Seen2023-12-11 15:44 Times Seen73 Hash 126858c9f3376ca1bc419aa2a2d0af28 51e06cde2e8cc415d06c63e144e6c36d2c95270d 78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash 1b942598e5ebe0432ae014b008148c5b 63d79dd6f78b6fa3d330d9f70ed48048f2cb9dd8 f91cdf301758a9d6e20bc3455aa0ad44dd54cf784f593aceb2283318c2117f94 Loading...

	unknown	ScriptElement	469 B	2023-03-10	2024-12-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:07 Last Seen2024-12-11 19:47 Times Seen886 Hash deeaa7c0af6a3a2abc4f6232e0726eaa 82dff020198b4ca13a2e26a4ebc0ad661a66712d e1d46eadd939d65337b58355bbd09d26261a5b2bd05b4802e8d448ee0a937d26 Loading...

	pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 22:04 Times Seen342015 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NKRVP76	ScriptElement	398 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NKRVP76 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 16:04 Last Seen2023-12-09 16:04 Times Seen1 Hash 17a14143d989ac110906dd5e319f0b8d 8cb502d14ee47a20a062aa94b9fa9df2a174f5a5 128d32cc097d9b5752e1d4db7e7757e19f14f87d68eb7d99979aba8e3134166a Loading...

	www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c	ScriptElement	243 kB	2023-12-09	2023-12-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-09 16:04 Last Seen2023-12-09 16:04 Times Seen1 Hash 1909d1d703d9324ff0a12eb6f9f3cd88 140fac4e9d0cd5dba36ac8b237fd9bcc390d4d2a de7fda5fd20528e6e4a9206bd0d69864e51815629b810c1a967051d9afec178d Loading...

HTTP Transactions (57)

URL IP Response Size

verifiedwebpage.com/go?ehash=a7566b71bd06a20f988d4c16b3edfd33&product=32827&ar=48&cid=1990834045&lid=139350&slhash=6957ba18feb5c33b553f6ad514ca900e&mtaid=63293&cid2=[s8]

188.114.97.1

302 Found

134 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=a7566b71bd06a20f988d4c16b3edfd33&product=32827&ar=48&cid=1990834045&lid=139350&slhash=6957ba18feb5c33b553f6ad514ca900e&mtaid=63293&cid2=[s8]
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
Fingerprint0D:F8:EF:F4:23:CD:FB:7E:DE:C7:29:3C:B4:F7:A4:CE:6A:FB:89:AB
ValiditySat, 14 Oct 2023 13:52:56 GMT - Fri, 12 Jan 2024 13:52:55 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /go?ehash=a7566b71bd06a20f988d4c16b3edfd33&product=32827&ar=48&cid=1990834045&lid=139350&slhash=6957ba18feb5c33b553f6ad514ca900e&mtaid=63293&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 15:03:40 GMT
content-type: text/html; charset=UTF-8
location: http://470kwc1.com/clk.trk?CID=465853&AFID=430135&SID=3415259331988406241
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=88fabb05d6bf7d3e6bbfc41cb071f2d1; path=/
pixel_session_hash_32827=3415259331988406241; expires=Mon, 08-Jan-2024 15:03:39 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_32827=0f5b47905c21aa6bd4ad25f62e5036100fe64bc160110175c660ad410cb33d81; expires=Mon, 11-Dec-2023 15:03:39 GMT; Max-Age=172800
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td3b7Qo0upFGCz4kWKEzUSY7xM6ni%2FDWx92lvirPestP5sgKbtvXTgI9F4Oq1DqlDW9XaUAQxpx3H%2FemqRr41MK1vPI4D1Ol2JbbEACZ3IKz5bUjswqLqTgBz6Uoypq0eSPNpYpq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832e22da3ca91c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

470kwc1.com/clk.trk?CID=465853&AFID=430135&SID=3415259331988406241

3.16.61.53

302 Found

216 B

URL User Request GET HTTP/2
470kwc1.com/clk.trk?CID=465853&AFID=430135&SID=3415259331988406241
IP
3.16.61.53:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject470kwc1.com
FingerprintC8:F6:48:19:9F:92:B8:B3:78:6A:46:25:3A:C3:80:8E:21:07:B3:C6
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
5fb75588bb7f0fef78337417bea9321f
8461cf31b1db2335878e6a2959ff9c6da82b98da
333a1fa82eb46498d97ce7f074155f09eb04b2e4d748aa5aadd8f7826c418df3

HTTP Headers

GET /clk.trk?CID=465853&AFID=430135&SID=3415259331988406241 HTTP/1.1
Host: 470kwc1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 15:03:41 GMT
content-type: text/html; charset=utf-8
content-length: 216
location: https://pro.paradigm-press.info/m/2246202?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8
cache-control: private
server: Microsoft-IIS/10.0
p3p: policyref="/p3p/P3P.470kwc1.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
x-aspnet-version: 4.0.30319
set-cookie: LTTC6_465853=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8; expires=Sat, 16-Dec-2023 15:03:41 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2

pro.paradigm-press.info/m/2246202?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8

192.135.136.169

301 Moved Permanently

253 B

URL User Request GET HTTP/1.1
pro.paradigm-press.info/m/2246202?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8
IP
192.135.136.169:443
ASN
#11372 14WEST-AS

Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
253 B (253 bytes)
Hash
614c688d523ce8c36b7a2a35f44353f9
82a55d5bb498f53a6873765b1b5b9e39cac73e6e
a76a2eb36612962faad3cb3e1b28ff814f906dd31b0d661f527ff68220f51ba1

HTTP Headers

GET /m/2246202?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8 HTTP/1.1
Host: pro.paradigm-press.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Date: Sat, 09 Dec 2023 15:03:41 GMT
Content-Length: 253
Set-Cookie: 2246202=2658340; expires=Fri, 29-Dec-2023 15:03:41 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!A4e+9Bq3nCTKxy00QCUGrw3uOK3bWf0uPEsY04yG3O47F7IyAEph0ezsFVRdpkfG6JALuhKIFLthGQs=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

click.thedailymoneytips.com/

188.114.96.1

143 B

URL
click.thedailymoneytips.com/
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 09 Dec 2023 15:03:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTOWfhZKPCWXl9KIJux8dsYwJ8PGzXeKInz3O9x9aQBfdWnaQj6j7APtHQ2UuPka9rqBwNdfPpYtrRbaN7heW%2FawU%2FOm%2BcyeScXM61aOQawf7rhgYeX7nuJRD1NI6l4wGKmKyAQPAjXMUtJzHEE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 832e22e7c88cb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true

161.129.26.18

302 Found

253 B

URL User Request GET HTTP/1.1
pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
IP
161.129.26.18:80
ASN
#11372 14WEST-AS

File type
HTML document, ASCII text, with CRLF line terminators
Size
253 B (253 bytes)
Hash
614c688d523ce8c36b7a2a35f44353f9
82a55d5bb498f53a6873765b1b5b9e39cac73e6e
a76a2eb36612962faad3cb3e1b28ff814f906dd31b0d661f527ff68220f51ba1

HTTP Headers

GET /p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 15:03:42 GMT
Content-Length: 253
Set-Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!EK/hS0IcsrKag2o0QCUGrw3uOK3bWVT3jV5AgAx7tqfOM08JtIqMk9M5Ez0GzhxCGopsP5hb6lBdxY4=; path=/; Httponly

pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true

161.129.26.18

302 Found

10 kB

URL User Request GET HTTP/1.1
pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
IP
161.129.26.18:80
ASN
#11372 14WEST-AS

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1672), with CRLF, LF line terminators
Size
10 kB (10533 bytes)
Hash
2a8e6d6276f50a68fae394b5261e29ce
2386e1937f2eb4c28765885842f47c27fd67f19d
f71d56e6aa83fffe596e1f596339f60b3c74447b19b57e7723e2acbd5fc5dde2

HTTP Headers

GET /p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!EK/hS0IcsrKag2o0QCUGrw3uOK3bWVT3jV5AgAx7tqfOM08JtIqMk9M5Ez0GzhxCGopsP5hb6lBdxY4=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 15:03:42 GMT
Content-Length: 10533
Set-Cookie: LAWNZ985=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
BIGipServerIRIS_PROD_HTTPS_POOL=!5PSkcNQJrJUTnxo0QCUGrw3uOK3bWSO0qRM47FXVpiXuaOs+TO8RZZ7okDqY6/P/DW1CA6fkUY7wOPo=; path=/; Httponly; Secure
Strict-Transport-Security: max-age=63072000; includeSubDomains

fast.wistia.com/assets/external/E-v1.js

151.101.66.132

200 OK

129 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65474)
Size
129 kB (129063 bytes)
Hash
126858c9f3376ca1bc419aa2a2d0af28
51e06cde2e8cc415d06c63e144e6c36d2c95270d
78cf6679aa583fd97b9700d6dafa7e791d7861b72d173df807b5f8f27d246877

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2dfa35fa3c2d63da5bfe8edd5f3cb8df"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:43 GMT
age: 589
x-served-by: cache-iad-kiad7000039-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 75, 9
x-timer: S1702134224.595288,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 129063
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:29 GMT
expires: Fri, 06 Dec 2024 15:44:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 170354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pro.paradigmnewsletters.org/p/Scripts/Common.js

161.129.26.18

200 OK

1.1 kB

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/Common.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.1 kB (1140 bytes)
Hash
2fa1e7a35bfa376eff7f1426fc4a8afa
008b48dbd95a158542969743c18d0bc33e0a9384
857d94bd23b6437baa66255e1d507ad4a23d75ef9a271fb3e1303dc7dd0aced9

HTTP Headers

GET /p/Scripts/Common.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!EK/hS0IcsrKag2o0QCUGrw3uOK3bWVT3jV5AgAx7tqfOM08JtIqMk9M5Ez0GzhxCGopsP5hb6lBdxY4=; LAWNZ985=; BIGipServerIRIS_PROD_HTTPS_POOL=!5PSkcNQJrJUTnxo0QCUGrw3uOK3bWSO0qRM47FXVpiXuaOs+TO8RZZ7okDqY6/P/DW1CA6fkUY7wOPo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "a37f814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 15:03:42 GMT
Content-Length: 1140
Strict-Transport-Security: max-age=63072000; includeSubDomains

pro.paradigmnewsletters.org/p/Scripts/HideContent.js

161.129.26.18

200 OK

466 B

URL GET HTTP/1.1
pro.paradigmnewsletters.org/p/Scripts/HideContent.js
IP
161.129.26.18:443
ASN
#11372 14WEST-AS

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerLet's Encrypt
Subjectordertracking6.pubsvs.com
Fingerprint5D:9B:A2:DC:1F:DA:F9:4F:9E:55:AD:AA:D5:50:57:BB:B7:C3:50:39
ValidityFri, 17 Nov 2023 17:49:52 GMT - Thu, 15 Feb 2024 17:49:51 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
466 B (466 bytes)
Hash
cc54a637e514fddfe0be2e7c2d062e5b
a0f97813508d22d71f015b93cc8dfdcee65acdfd
580942b09dd77a53c0501f35a1d6c61cbcff1d504a6efb0dfa5d77cbdb1af741

HTTP Headers

GET /p/Scripts/HideContent.js HTTP/1.1
Host: pro.paradigmnewsletters.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
DNT: 1
Connection: keep-alive
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=!EK/hS0IcsrKag2o0QCUGrw3uOK3bWVT3jV5AgAx7tqfOM08JtIqMk9M5Ez0GzhxCGopsP5hb6lBdxY4=; LAWNZ985=; BIGipServerIRIS_PROD_HTTPS_POOL=!5PSkcNQJrJUTnxo0QCUGrw3uOK3bWSO0qRM47FXVpiXuaOs+TO8RZZ7okDqY6/P/DW1CA6fkUY7wOPo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 24 Jul 2023 13:39:44 GMT
Accept-Ranges: bytes
ETag: "bbcd814e34bed91:0"
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Date: Sat, 09 Dec 2023 15:03:42 GMT
Content-Length: 466
Strict-Transport-Security: max-age=63072000; includeSubDomains

cdn.getblueshift.com/blueshift.js

54.230.111.60

200 OK

2.8 kB

URL GET HTTP/1.1
cdn.getblueshift.com/blueshift.js
IP
54.230.111.60:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint29:49:01:4C:AB:3A:C5:E4:F6:F2:67:75:BE:5B:FF:4B:F3:5C:EC:47
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 06 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6564), with no line terminators
Size
2.8 kB (2805 bytes)
Hash
859d16b4786a243736a9b219445eae43
e6dd4c8dcac4df40615338f1e7ecfe50c54aa0d5
393483170bc4a2319e51ea073f4e13b85185948301acce471b482094d11af7c7

HTTP Headers

GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 2805
Connection: keep-alive
Last-Modified: Tue, 21 Nov 2023 12:16:06 GMT
x-amz-server-side-encryption: AES256
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 09 Dec 2023 14:33:31 GMT
Cache-Control: max-age=3600
ETag: "e7a548f293fa4dad39c906cae250b1ed"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6AE8Th6soSAmUYgG8mzqPsvffgQ-q9CyHu1f_9qW8dC26ApM_ltthg==
Age: 1813

fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Oswald:wght@700&display=swap

142.250.74.106

200 OK

49 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Oswald:wght@700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
49 kB (49217 bytes)
Hash
cb5d0151f4d4873a11374df551cde73d
29ccd448d9a627668ba8580294a15fbb665a8047
0bdee92f67f7bcc196d6d0875be532fbfb92bb626e12ea2f66e0c7a2df0dfe01

HTTP Headers

GET /css2?family=Open+Sans:wght@400;700&family=Oswald:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 15:03:43 GMT
date: Sat, 09 Dec 2023 15:03:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-P95MDDF

142.250.74.136

200 OK

106 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-P95MDDF
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (58522)
Size
106 kB (106360 bytes)
Hash
cce67815384aed5bb648781746a2e422
91f90e287be7463c93cbe512f97fbdfc6aa0d439
a2c54dfdf29eb18dcaf79e54b8cdff273f1bc3c9fc3a986fedb9c774de899ac6

HTTP Headers

GET /gtm.js?id=GTM-P95MDDF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 15:03:43 GMT
expires: Sat, 09 Dec 2023 15:03:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

142.250.74.136

200 OK

111 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NKRVP76
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (56012)
Size
111 kB (110998 bytes)
Hash
17a14143d989ac110906dd5e319f0b8d
8cb502d14ee47a20a062aa94b9fa9df2a174f5a5
128d32cc097d9b5752e1d4db7e7757e19f14f87d68eb7d99979aba8e3134166a

HTTP Headers

GET /gtm.js?id=GTM-NKRVP76 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 15:03:43 GMT
expires: Sat, 09 Dec 2023 15:03:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:00:58 GMT
expires: Fri, 06 Dec 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 208966
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12648, version 1.0
Size
13 kB (12648 bytes)
Hash
5e79fc3b5fbdec47c02942523ae2bdbd
fdb96db25dc07b7c0573bf5a66966d12dfbb41bd
6ecd2a103a7260474c3239da5f32a2f7cb999765d9ab12161f3e4abe3906316f

HTTP Headers

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 14:46:39 GMT
expires: Sat, 07 Dec 2024 14:46:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
content-type: font/woff2
age: 87425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-warning-icon.png

54.230.241.180

200 OK

1.7 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-warning-icon.png
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 73 x 75, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1716 bytes)
Hash
40a8475cba41b161c3b142acc36b79e5
0da3639ed848b44a4efd71189e742a94b29280d4
186053f58f065437b88bc7ab02d4d48d7f203c61d615f81aa457b5f755d5a061

HTTP Headers

GET /AWN/exit-pop/exitpop-warning-icon.png HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1716
server: nginx
date: Wed, 04 Oct 2023 13:28:12 GMT
last-modified: Fri, 15 Sep 2023 16:23:26 GMT
cache-control: max-age=31536000
expires: Thu, 03 Oct 2024 13:28:12 GMT
etag: "650484fe-6b4"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZJ7HCGpRq2xE6M6tu9HcJrJriX9YRjA9snhURCIc4B0giLjdKnPV0w==
age: 5708132
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/awn_doomsday_0623/awn_doomsday_bg_01.jpg

54.230.241.180

200 OK

62 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/awn_doomsday_0623/awn_doomsday_bg_01.jpg
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
62 kB (61582 bytes)
Hash
1dc38080d6c9b9fd76a40a2c8c3f39fc
074548f7b26d805b2ce1a4806e8797285fee469d
4d48aae29e189eb89524b397fce6b1ae961719ea407b5409f612955baca8e69d

HTTP Headers

GET /AWN/awn_doomsday_0623/awn_doomsday_bg_01.jpg HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 61582
server: nginx
date: Thu, 06 Jul 2023 22:34:12 GMT
last-modified: Mon, 26 Jun 2023 15:02:24 GMT
cache-control: max-age=31536000
expires: Fri, 05 Jul 2024 22:34:12 GMT
etag: "6499a880-f08e"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bMrKL-4G_X9ee9EwKs5iOaXv_ysIScrn7Vm36wtXXsLpGDxk2suHZA==
age: 13451372
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-play-icon.png

54.230.241.180

200 OK

318 B

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-play-icon.png
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 31 x 39, 8-bit/color RGBA, non-interlaced
Size
318 B (318 bytes)
Hash
120ca7c31817e6e137e2a807ddcddbe0
254f6b23b9b2d4c040decf505eac8b6a9296a1c6
dd5f84c4b871b07d787fe2709d47cdc18eee536bb2560c6f889256dd59c61b48

HTTP Headers

GET /AWN/exit-pop/exitpop-play-icon.png HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 318
server: nginx
date: Mon, 18 Sep 2023 18:05:07 GMT
x-frame-options: sameorigin
x-accel-version: 0.01
last-modified: Fri, 15 Sep 2023 16:23:24 GMT
etag: "13e-6056836372650"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Tue, 17 Sep 2024 18:05:07 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: SAMEORIGIN
x-powered-by: PleskLin
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BtKtEzgV7hTvj8mPIXVLomnxXGcAhZRPvIZf-72OQ6tiAVpYHPhFTQ==
age: 7073917
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-transcript-icon.png

54.230.241.180

200 OK

1.5 kB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/exit-pop/exitpop-transcript-icon.png
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 50 x 53, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1484 bytes)
Hash
c94eaaf8ec2941b35a23421f193b8c2e
156681cbd7cf2836598e47d3eec86f7a9772bde8
5fea6317f0aeb6da5271e9a104032ab162521148ec32b93df3c77129fa39fe97

HTTP Headers

GET /AWN/exit-pop/exitpop-transcript-icon.png HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1484
server: nginx
date: Mon, 18 Sep 2023 18:05:07 GMT
last-modified: Fri, 15 Sep 2023 16:23:23 GMT
cache-control: max-age=31536000
expires: Tue, 17 Sep 2024 18:05:07 GMT
etag: "650484fb-5cc"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KZMehGWHUPJ9WA2KuqUYWMU0iZLnnJ-kghDffk0XE9JamMNUgRaHjg==
age: 7073917
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/proaejvpra.json

151.101.66.132

200 OK

1.6 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/proaejvpra.json
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
JSON data
Size
1.6 kB (1648 bytes)
Hash
0644b7c382c45a8887328bfbde6b73bc
a070e171ff3fc2fd2e926f16357776a2becd0789
f29a3a51bfad4a83dafa173a81e120332ef93744f25b10db3f1e7be080242e2e

HTTP Headers

GET /embed/medias/proaejvpra.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"f29a3a51bfad4a83dafa173a81e12033"
x-request-id: 7cccc2ca-2419-44dc-af51-bdff732793f8
x-runtime: 0.065141
content-encoding: br
x-envoy-upstream-service-time: 67
via: 1.1 a075746ea1824aa1c02a5e26a9e968e4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: pAk-WnN7h-53MyjzsnKK2EN4Nb7lKbVV91I0MM6bLPZ8BHz-C5d1EA==
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:44 GMT
age: 60488
x-served-by: cache-iad-kcgs7200105-IAD, cache-bma1678-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 16, 1
x-timer: S1702134224.216388,VS0,VE3
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1648
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c

142.250.74.136

200 OK

93 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (92695 bytes)
Hash
2beecc5014b4d791bd86225fb1678bb5
a0f5c259046d23a398b2851c68acc58dadcc9d59
ac366e7dc283bea4f7786a9bdd0cfd9914c9aee8c9022b0a2f73bd49be8030e1

HTTP Headers

GET /gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 15:03:44 GMT
expires: Sat, 09 Dec 2023 15:03:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 2saQouIp+o6MHgQjDGQ89RO7asyO13qWD+YoTglpWHOXBGNzbaTb02RuMZTCb2xa/Boa+qcDBn0=
x-amz-request-id: 4E2QCTQ71A1TGXSC
date: Sat, 09 Dec 2023 14:39:04 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1481
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 2saQouIp+o6MHgQjDGQ89RO7asyO13qWD+YoTglpWHOXBGNzbaTb02RuMZTCb2xa/Boa+qcDBn0=
x-amz-request-id: 4E2QCTQ71A1TGXSC
date: Sat, 09 Dec 2023 14:39:04 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1481
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 2saQouIp+o6MHgQjDGQ89RO7asyO13qWD+YoTglpWHOXBGNzbaTb02RuMZTCb2xa/Boa+qcDBn0=
x-amz-request-id: 4E2QCTQ71A1TGXSC
date: Sat, 09 Dec 2023 14:39:04 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1481
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

6.3 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
6.3 kB (6262 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 2saQouIp+o6MHgQjDGQ89RO7asyO13qWD+YoTglpWHOXBGNzbaTb02RuMZTCb2xa/Boa+qcDBn0=
x-amz-request-id: 4E2QCTQ71A1TGXSC
date: Sat, 09 Dec 2023 14:39:04 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 1481
content-encoding: gzip
content-length: 6262
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1419250607.1702134231&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=485096193

142.250.74.35

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1419250607.1702134231&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=485096193
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDB:33:6A:DD:DA:72:55:0D:55:09:60:6E:D1:5B:40:D8:2B:9B:4F:3C
ValidityMon, 20 Nov 2023 08:12:16 GMT - Mon, 12 Feb 2024 08:12:15 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BYN6DTYEFQ&cid=1419250607.1702134231&gtm=45je3bt0v9122066590z8811578897&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=485096193 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 15:03:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10082412.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10082412.json
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10082412.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: A848WYNVVXRMC4NV
x-amz-id-2: XVbM1+8EkLUDDAmulRkpRK5mzMJYXDVCexokBeOsKlhwBraO/f/U+pGsFRLoa9N65Sr6Gp7qWHU=
content-type: application/json
date: Sat, 09 Dec 2023 14:53:37 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 607
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10114794.json

87.248.119.251

200 OK

22 B

URL GET HTTP/2
s.yimg.com/wi/config/10114794.json
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
22 B (22 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10114794.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: S7Z9AHH3X2Z9WAF1
x-amz-id-2: 1UTe5AB9LUFbAUDenaanOkQkzlMLbY6sQ3/IvoSH2mkOI8+G8dsiySYnyROtupcLA9FHId9SWuE=
content-type: application/json
date: Sat, 09 Dec 2023 14:27:25 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-encoding: gzip
content-length: 22
age: 2179
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ats-carp-promotion: 1
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10125189.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10125189.json
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10125189.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: AXV6BY0RA12MV5KF
x-amz-id-2: WCDyfAwuwjTdIWETAJepk6S6cEdm8kf9GxMGjBhG8pNS+xLsa9b3hiKTwj7TfqJQcvczUqWjUgU=
content-type: application/json
date: Sat, 09 Dec 2023 14:49:42 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 842
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10091245.json

87.248.119.251

200 OK

2 B

URL GET HTTP/2
s.yimg.com/wi/config/10091245.json
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
JSON data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /wi/config/10091245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: AXVBJ8TJW9XJY7SY
x-amz-id-2: ECk0Oaw+R0gjVzuiUWmyITMDs4CZBGwSk/00hopG+1tsFrubq7Dw7D9o3p6r/mUwjTV4AtJBXXs=
content-type: application/json
date: Sat, 09 Dec 2023 14:49:43 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 841
ats-carp-promotion: 1
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/apple-touch-icon.png

18.214.111.198

200 OK

3.0 kB

URL GET HTTP/2
paradigmpressgroup.com/favicons/apple-touch-icon.png
IP
18.214.111.198:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
FingerprintAE:B7:D7:11:15:BA:76:70:3D:73:D7:75:77:C9:E5:A6:E2:9B:6F:5F
ValidityFri, 10 Nov 2023 14:51:26 GMT - Thu, 08 Feb 2024 14:51:25 GMT

File type
PNG image data, 180 x 180, 8-bit grayscale, non-interlaced
Size
3.0 kB (3017 bytes)
Hash
dd470648114adaceb47d36a18ad41d9d
c93c69021ab4e381b4715938bed3732b132852b3
49dd5241fadc6a69795935a795804ed7206efb39f6dc6b5a0588f92d80775ad4

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 15:03:44 GMT
content-type: image/png
content-length: 3017
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"bc9-1823c06a3cb"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

paradigmpressgroup.com/favicons/favicon-16x16.png

18.214.111.198

200 OK

587 B

URL GET HTTP/2
paradigmpressgroup.com/favicons/favicon-16x16.png
IP
18.214.111.198:443
ASN
#14618 AMAZON-AES

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerLet's Encrypt
Subjectparadigmpressgroup.com
FingerprintAE:B7:D7:11:15:BA:76:70:3D:73:D7:75:77:C9:E5:A6:E2:9B:6F:5F
ValidityFri, 10 Nov 2023 14:51:26 GMT - Thu, 08 Feb 2024 14:51:25 GMT

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced
Size
587 B (587 bytes)
Hash
2bb2efaa073e4987ba1867aff02ab3ac
ea05acee8f408e3f86830b5f2da0616ced013006
6b712b83f2054506208f4243b57e7bd48fa0dcf3a10c0ff609bfc5ea8398ddc6

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: paradigmpressgroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 15:03:44 GMT
content-type: image/png
content-length: 587
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Tue, 26 Jul 2022 19:40:44 GMT
etag: W/"24b-1823c06a3cc"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/googleAnalytics4.js

151.101.66.132

200 OK

4.2 kB

URL GET HTTP/2
fast.wistia.com/assets/external/googleAnalytics4.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (16541)
Size
4.2 kB (4152 bytes)
Hash
9bbbdbdad3d0da00881800f39ed6ad8b
03563b32521b2a04dc6e7ba8b5f1fe21181be7f0
f47b95dbf3f004a7305cfe6c6b107d76dac597a4c50a52e3f33240f76e4598d5

HTTP Headers

GET /assets/external/googleAnalytics4.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "79bd690906b70d00bf740332ef800755"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:44 GMT
age: 3490
x-served-by: cache-iad-kcgs7200086-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 1
x-timer: S1702134225.912262,VS0,VE2
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 4152
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.66.132

200 OK

21 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65455)
Size
21 kB (21129 bytes)
Hash
31f0b908fbd5fc16bf6737c637b83178
26f5effe6525ca16ceb9815cb26776a8ac36f81c
863614886d87b0fbc5b99b2c002a8e382ab9161cacc1290006ea02e428e09747

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "b09d2ef450c9011369afee5fc7a5a161"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:44 GMT
age: 515
x-served-by: cache-iad-kjyo7100036-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 68, 21
x-timer: S1702134225.938371,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 21129
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C

142.250.74.136

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
84 kB (84029 bytes)
Hash
83b00a7611210f85341404d5aa93f97f
544368a58ae81e0ed238ed2927b74e79da7ab7e6
c1bb20b3e4f6278548f7343526b18667341d3a557b5af3af8c422743e48e5ef2

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 15:03:45 GMT
expires: Sat, 09 Dec 2023 15:03:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c

142.250.74.136

200 OK

84 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (7711)
Size
84 kB (84056 bytes)
Hash
1909d1d703d9324ff0a12eb6f9f3cd88
140fac4e9d0cd5dba36ac8b237fd9bcc390d4d2a
de7fda5fd20528e6e4a9206bd0d69864e51815629b810c1a967051d9afec178d

HTTP Headers

GET /gtag/js?id=G-9JTVKL1Z3C&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 15:03:45 GMT
expires: Sat, 09 Dec 2023 15:03:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=1&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2082

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=1&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2082
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=1&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2082 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 62
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 15:03:45 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OivdRadarlWV5O9nYqL-12y-VyLTO5e6gOaeejVEJSwTjYsZ_7HcTA==
X-Firefox-Spdy: h2

d2z65klgtz99km.cloudfront.net/AWN/awn_doomsday_0623/AWN_Doomsday_CTP_Biden_0723.gif

54.230.241.180

200 OK

2.9 MB

URL GET HTTP/2
d2z65klgtz99km.cloudfront.net/AWN/awn_doomsday_0623/AWN_Doomsday_CTP_Biden_0723.gif
IP
54.230.241.180:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 600 x 338
Size
2.9 MB (2862760 bytes)
Hash
560bb02b025c2be2be5e9dcdaa23b5a0
4be02d05ff68bfe008c6e3ad5f78e82df6ab5298
01459ccd649575e13bb099d789b906dede95e3569445e0877ad8ec57243f5449

HTTP Headers

GET /AWN/awn_doomsday_0623/AWN_Doomsday_CTP_Biden_0723.gif HTTP/1.1
Host: d2z65klgtz99km.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 2862760
server: nginx
date: Tue, 08 Aug 2023 13:59:48 GMT
last-modified: Mon, 10 Jul 2023 19:21:21 GMT
cache-control: max-age=31536000
expires: Wed, 07 Aug 2024 13:59:48 GMT
etag: "64ac5a31-2baea8"
x-powered-by: PleskLin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V1eNVbX12c6ZXF_3gg6_v5m4x6poKmtn6Av-FLC73OLYTqHORTOSfw==
age: 10631037
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=2&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2108

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=2&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2108
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z8811578897&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=2&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2108 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=4&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=awn_aware&_c=1&tfd=2118

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=4&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=awn_aware&_c=1&tfd=2118
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=4&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=awn_aware&_c=1&tfd=2118 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=3&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2118

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=3&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2118
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=3&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Click%20Report&tfd=2118 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fast.wistia.com/assets/external/engines/hls_video.js

151.101.66.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (117668 bytes)
Hash
6e1e307293f078c95c07db8660ce607a
2a08bcf1166c9707485e568102f7c96e1f933b36
f0150171f993137d09210b10e0629ea4d57a465046ba791adb4bf4a2da978357

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "5258bd9b9f222d0dd6df0056cd2b7524"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:45 GMT
age: 720
x-served-by: cache-iad-kcgs7200099-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 20
x-timer: S1702134225.390518,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 117668
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 924
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 15:03:45 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: In8czJve7NBv5zTr12BpAV9GjjQgc30-ir9q6WTd3lROJ-YuU8jhqQ==
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/proaejvpra.m3u8

151.101.66.132

200 OK

758 B

URL GET HTTP/2
fast.wistia.com/embed/medias/proaejvpra.m3u8
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
M3U playlist, ASCII text
Size
758 B (758 bytes)
Hash
2a4e4559920c8263242d644b386e01d6
f00611eb21e5ec80125bf94a5232aaa236174810
22c3966347173e619aed810217d2ceb48d595b8ad49f391b3fec84e1400a0590

HTTP Headers

GET /embed/medias/proaejvpra.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"22c3966347173e619aed810217d2ceb4"
x-request-id: 84ffbd28-b1d0-4c64-8dc4-ad2aa7c4ab3d
x-runtime: 0.036313
x-envoy-upstream-service-time: 38
via: 1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: TZjyRT8N69dHN38Zd--VAm6gynfIFk9p3VbjrNPsDS8o3_jljXHmeg==
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:45 GMT
age: 13004
x-served-by: cache-iad-kjyo7100127-IAD, cache-bma1678-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 1754, 1
x-timer: S1702134226.532703,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 758
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.66.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:45 GMT
age: 223
x-served-by: cache-iad-kcgs7200077-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 8
x-timer: S1702134226.541571,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8

143.204.55.103

200 OK

114 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
114 kB (114053 bytes)
Hash
fbad419048953b789daaf102ea77c1f0
45da563a39aefb49dee084da889a3a53ba8c669f
b2802e5f5180830c1fe9a32ad28a872d171466f13f47562d7e275ac3dd556a4d

HTTP Headers

GET /deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 114053
server: envoy
date: Tue, 05 Dec 2023 07:41:57 GMT
expires: Wed, 04 Dec 2024 07:41:57 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: e8b37c064b8df38997baabe74e65450d89db6493-hls-segment
surrogate-key: e8b37c064b8df38997baabe74e65450d89db6493-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 335
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: srIryAqdJvj3ujFY1efE6gF5ZnmieGCVxbwnavW7sbOUW_Blhg7IYQ==
age: 372108
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8/seg-1-v1-a1.ts

143.204.55.103

200 OK

927 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8/seg-1-v1-a1.ts
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
927 kB (926840 bytes)
Hash
e456fd001793139e55bdc0b5ac5d13f0
44708eac468a0d809ee890e27bf732e480d25886
ff62073afa299b289e96fcc74d92a3cfe50bef680f4c700237f3bdc65e823d57

HTTP Headers

GET /deliveries/e8b37c064b8df38997baabe74e65450d89db6493.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 926840
server: envoy
date: Tue, 05 Dec 2023 12:23:49 GMT
expires: Wed, 04 Dec 2024 12:23:49 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: e8b37c064b8df38997baabe74e65450d89db6493-hls-segment
surrogate-key: e8b37c064b8df38997baabe74e65450d89db6493-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 818
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lUyMx5ofhG2YB4Jkx1jAQISckXoLXeFkS5m_WoqdWac05Uq2DtTbyA==
age: 355196
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/d96b0bae11894fc5bf01f51d8f529473a4f00828.m3u8

143.204.55.103

200 OK

114 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/d96b0bae11894fc5bf01f51d8f529473a4f00828.m3u8
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.wistia.com
FingerprintD8:FE:AD:15:AC:4F:2E:60:82:4B:4E:8A:6C:51:6D:3D:60:A2:67:03
ValidityTue, 31 Jan 2023 00:00:00 GMT - Thu, 29 Feb 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
114 kB (114053 bytes)
Hash
e50cb06a3110b4ed76e6c7b787b0f222
3308e3525bcc516eab01e940cd843ec6be44da84
215c947becd470b83177ac24212e467a3e0a4764e46ce3671332b546ae6ccde4

HTTP Headers

GET /deliveries/d96b0bae11894fc5bf01f51d8f529473a4f00828.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 114053
server: envoy
date: Tue, 05 Dec 2023 07:41:23 GMT
expires: Wed, 04 Dec 2024 07:41:23 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: d96b0bae11894fc5bf01f51d8f529473a4f00828-hls-segment
surrogate-key: d96b0bae11894fc5bf01f51d8f529473a4f00828-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 307
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o4lMy_H84EQ8baRDfbMEZeCynKOsLmogiF-gXlRNIMxfEEPGehq9hQ==
age: 372142
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.55

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.55:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1846
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 09 Dec 2023 15:03:45 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UzCA0ZtASTVhYSZ784CfzL3chQi0kzJHvPab7UnA-NSRgu7_dTYvbw==
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/allIntegrations.js

151.101.66.132

200 OK

5.8 kB

URL GET HTTP/2
fast.wistia.com/assets/external/allIntegrations.js
IP
151.101.66.132:443
ASN
#54113 FASTLY

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
FingerprintA8:1E:D4:A3:D2:23:56:16:88:A6:18:10:44:86:85:87:5E:F3:78:46
ValiditySun, 02 Jul 2023 00:48:58 GMT - Fri, 02 Aug 2024 00:48:57 GMT

File type
ASCII text, with very long lines (23371)
Size
5.8 kB (5774 bytes)
Hash
9a9248fb8178a9640de37511b065850f
086459b7f718251f753b82cee05f51c6ca2d3a84
fb7f597f64e9b0c17f7f99fb577f164c36f93f13ffda2ccb736b786e4e705d12

HTTP Headers

GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Thu, 07 Dec 2023 18:55:59 GMT
etag: "2de48c3cd29dd8ca8c43042875b49727"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sat, 09 Dec 2023 15:03:46 GMT
age: 430
x-served-by: cache-iad-kcgs7200101-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 65, 10
x-timer: S1702134226.004047,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: cc9ded0077d16f0d56c3b38f358a76e310b0eefb
content-length: 5774
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subjectpipedream-production-cloudfront-app-cname.wistia.com
Fingerprint82:F4:DC:86:7B:C0:65:B9:72:6A:8C:CA:03:C2:E2:91:00:FE:06:FF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1530
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sat, 09 Dec 2023 15:03:46 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v03RpNeOqfBOFX6eNlDbrlGkh1PzJve4ESwFuCzBo16DAh3eUPTrZA==
X-Firefox-Spdy: h2

api.getblueshift.com/unity.gif?t=1702134233&e=pageload&r=&z=258755&x=59976d352f424c4b27d325518576b9b2&k=952ae41f-4f2a-b92f-b3c1-c58ac826f031&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue

44.232.199.155

200 OK

42 B

URL GET HTTP/2
api.getblueshift.com/unity.gif?t=1702134233&e=pageload&r=&z=258755&x=59976d352f424c4b27d325518576b9b2&k=952ae41f-4f2a-b92f-b3c1-c58ac826f031&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue
IP
44.232.199.155:443
ASN
#16509 AMAZON-02

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerAmazon
Subject*.getblueshift.com
Fingerprint53:0D:6B:AE:94:24:EE:BE:0F:BD:6E:C6:61:2F:FD:37:71:D2:21:0F
ValidityThu, 09 Mar 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /unity.gif?t=1702134233&e=pageload&r=&z=258755&x=59976d352f424c4b27d325518576b9b2&k=952ae41f-4f2a-b92f-b3c1-c58ac826f031&u=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 15:03:46 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://pro.paradigmnewsletters.org
access-control-expose-headers: etag
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&_s=5&tfd=7391

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&_s=5&tfd=7391
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pro.paradigmnewsletters.org/p/awn_doomsday6m_0923/LAWNZ985/?cake_s1=12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8&h=true
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&_s=5&tfd=7391 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=6&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Engagement&tfd=11916

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=6&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Engagement&tfd=11916
IP
216.239.34.36:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3bt0v9122066590z878323495&_p=1702134230769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1419250607.1702134231&ul=en-us&sr=1280x1024&_s=6&sid=1702134231&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_doomsday6m_0923%2FLAWNZ985%2F%3Fcake_s1%3D12_145734255_52519e2f-d999-4c6e-bfa8-d13c3c2c14b8%26h%3Dtrue&dt=Saudi%20Arabia%20Planning%20A%20New%20Attack%20On%20America&en=Engagement&tfd=11916 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pro.paradigmnewsletters.org
DNT: 1
Connection: keep-alive
Referer: https://pro.paradigmnewsletters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://pro.paradigmnewsletters.org
date: Sat, 09 Dec 2023 15:03:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

click.thedailymoneytips.com/sadoomsday6mf1023/a7566b71bd06a20f988d4c16b3edfd33/48/TA_2H23JGI/1990834045/139350/6957ba18feb5c33b553f6ad514ca900e/63293

188.114.97.1

302 Found

0 B

URL User Request GET HTTP/2
click.thedailymoneytips.com/sadoomsday6mf1023/a7566b71bd06a20f988d4c16b3edfd33/48/TA_2H23JGI/1990834045/139350/6957ba18feb5c33b553f6ad514ca900e/63293
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectthedailymoneytips.com
Fingerprint79:EC:85:19:05:49:AD:6B:8A:A1:90:4E:B9:8D:91:79:4B:F6:6C:79
ValidityWed, 25 Oct 2023 16:41:13 GMT - Tue, 23 Jan 2024 16:41:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sadoomsday6mf1023/a7566b71bd06a20f988d4c16b3edfd33/48/TA_2H23JGI/1990834045/139350/6957ba18feb5c33b553f6ad514ca900e/63293 HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 09 Dec 2023 15:03:39 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=a7566b71bd06a20f988d4c16b3edfd33&product=32827&ar=48&cid=1990834045&lid=139350&slhash=6957ba18feb5c33b553f6ad514ca900e&mtaid=63293&cid2=[s8]
cache-control: max-age=600
expires: Sat, 09 Dec 2023 15:13:38 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2McqeqV5a3kvKIpPyPXz90w8jvfOFD7TdTUjDmJxg3BuYgZy%2FX3g1enA%2BOUNNG4Hy2Axiqyr%2Fb8Lo5XUZYUzNytrHqpXmqqXf%2BYbt2FHLHWTMN03SkIjLYKqqF%2BFVMqXcRmFFBQ6yrMBVqq18sE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832e22d55a1fb52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN