pro.paradigm-press.info Open in urlscan Pro
192.135.136.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pro.paradigm-press.info/m/2107470?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=...
Effective URL:
https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=...
Submission: On November 07 via manual (November 7th 2022, 8:53:16 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 64 HTTP transactions. The main IP is 192.135.136.169, located in United States and belongs to 14WEST-AS, US. The main domain is pro.paradigm-press.info. The Cisco Umbrella rank of the primary domain is 724946.
TLS certificate: Issued by R3 on October 18th 2022. Valid for: 3 months.

This is the only time pro.paradigm-press.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	192.135.136.169 192.135.136.169	11372 (14WEST-AS) (14WEST-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
9	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
6	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:245... 2600:9000:2453:cc00:13:881b:ed80:21	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.156.204 13.226.156.204	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:a800:9:cfaa:a600:21	16509 (AMAZON-02) (AMAZON-02)
1	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	38.133.127.191 38.133.127.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	3.83.73.235 3.83.73.235	14618 (AMAZON-AES) (AMAZON-AES)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2.16.238.157 2.16.238.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.165.194.153 54.165.194.153	14618 (AMAZON-AES) (AMAZON-AES)
64	23

4 192.135.136.169 (United States) 1 redirects

ASN11372 (14WEST-AS, US)

pro.paradigm-press.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2453:cc00:13:881b:ed80:21 (United States)

ASN16509 (AMAZON-02, US)

d2z65klgtz99km.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-204.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a800:9:cfaa:a600:21 (United States)

ASN16509 (AMAZON-02, US)

dizbubza2heg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.133.127.191 (United States)

ASN22075 (AS-OUTBRAIN, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.83.73.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-73-235.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.238.157 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-157.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.194.153 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-194-153.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	wistia.com fast.wistia.com — Cisco Umbrella Rank: 7987 distillery.wistia.com — Cisco Umbrella Rank: 12247 pipedream.wistia.com — Cisco Umbrella Rank: 12566	284 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	21 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 980 p.typekit.net — Cisco Umbrella Rank: 1212	98 KB
6	lytics.io c.lytics.io — Cisco Umbrella Rank: 8643	65 KB
5	yimg.com s.yimg.com — Cisco Umbrella Rank: 617	7 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1612	1 KB
4	paradigm-press.info 1 redirects pro.paradigm-press.info — Cisco Umbrella Rank: 724946	25 KB
3	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 25578	1 MB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3121 tr.outbrain.com — Cisco Umbrella Rank: 2798	4 KB
3	cloudfront.net d2z65klgtz99km.cloudfront.net dizbubza2heg.cloudfront.net	386 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 404	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 750	18 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 810	376 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	444 B
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4805	23 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	87 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 447	34 KB
64	17

	Domain	Requested by
10	www.google-analytics.com	pro.paradigm-press.info
9	fast.wistia.com	pro.paradigm-press.info
6	c.lytics.io	pro.paradigm-press.info
6	use.typekit.net	pro.paradigm-press.info use.typekit.net
5	s.yimg.com	pro.paradigm-press.info
4	sp.analytics.yahoo.com	pro.paradigm-press.info
4	pro.paradigm-press.info	1 redirects pro.paradigm-press.info
3	embedwistia-a.akamaihd.net	pro.paradigm-press.info
2	bam.nr-data.net	pro.paradigm-press.info
2	tr.outbrain.com	pro.paradigm-press.info
2	d2z65klgtz99km.cloudfront.net	pro.paradigm-press.info
1	pipedream.wistia.com	pro.paradigm-press.info
1	distillery.wistia.com	pro.paradigm-press.info
1	js-agent.newrelic.com	pro.paradigm-press.info
1	trc.taboola.com	pro.paradigm-press.info
1	stats.g.doubleclick.net	pro.paradigm-press.info
1	amplify.outbrain.com	pro.paradigm-press.info
1	dizbubza2heg.cloudfront.net	pro.paradigm-press.info
1	cdn.amplitude.com	pro.paradigm-press.info
1	www.googletagmanager.com	pro.paradigm-press.info
1	p.typekit.net	use.typekit.net
1	ajax.googleapis.com	pro.paradigm-press.info
64	22

This site contains no links.

Subject Issuer	Validity	Valid
ordertracking6.pubsvs.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Frame ID: 58F1DF05459645EE16141A2D4DC5562E
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biden’s Cold Cover-Up

Page URL History Show full URLs

https://pro.paradigm-press.info/m/2107470?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDA... HTTP 301
https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=... Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

55 %
IPv6

17
Domains

22
Subdomains

23
IPs

5
Countries

2112 kB
Transfer

3894 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pro.paradigm-press.info/m/2107470?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339 HTTP 301
https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/
Redirect Chain

https://pro.paradigm-press.info/m/2107470?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339
https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true

50 KB
22 KB

141ms
141ms

Document
text/html

192.135.136.169
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.169 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

4283f16ac7387cf336aa013777e68a454413bdc67bdb2986ba75a39fa3c5022c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 21997
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 08:53:08 GMT
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Cache-Control: private
Content-Length: 10864
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 08:53:08 GMT
Location: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Strict-Transport-Security: max-age=63072000; includeSubDomains

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 03:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 03:57:26 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 628 KB
114 KB 65ms
16ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c514789b19a80cc979083092b96b1cf48a35c3019e98b7ea2caccd0234afb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1506
x-cache: HIT, HIT
content-length: 116670
x-served-by: cache-iad-kiad7000159-IAD, cache-hhn4073-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
x-timer: S1667811189.716585,VS0,VE0
etag: "63652028-1c7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 756, 437

GET
H/1.1 200
OK Common.js Show response
pro.paradigm-press.info/p/Scripts/ 2 KB
1 KB 226ms
117ms Script
application/javascript 192.135.136.169
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigm-press.info/p/Scripts/Common.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.169 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Tue, 31 Mar 2020 05:43:09 GMT
ETag: "1be39421f7d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1140

GET
H/1.1 200
OK HideContent.js Show response
pro.paradigm-press.info/p/Scripts/ 724 B
856 B 342ms
115ms Script
application/javascript 192.135.136.169
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigm-press.info/p/Scripts/HideContent.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.169 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Wed, 08 Nov 2017 21:07:14 GMT
ETag: "0adf48cd558d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 466

GET
H2 200 ydo1lso.css
use.typekit.net/ 4 KB
1 KB 85ms
19ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ydo1lso.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

732f3fdb70bdcd8c4b72691afb1f9023d1152d139a3b1db33a3be4248573d3e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 07 Nov 2022 08:53:08 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 808

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 106ms
22ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ydo1lso&ht=tk&f=28055.27920.27925.39496.39498&a=87035519&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/ydo1lso.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 312 KB
87 KB 96ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c0ed1a9821ec3a409fb6ad331ab5784b34f65d75432b2fc266cfe376d99cdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88706
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Nov 2022 08:53:09 GMT

GET
H2 200 RGF_BCC_BG_1122.jpg
d2z65klgtz99km.cloudfront.net/RGF/RGF_ColdCoverup_1122/img/ 102 KB
103 KB 110ms
25ms Image
image/jpeg 2600:9000:2453:cc00:13:881b:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RGF/RGF_ColdCoverup_1122/img/RGF_BCC_BG_1122.jpg
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:cc00:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a24258601485770a7f7991beb394bf1b990b052923f83c2569fe322780a6cfad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:42:03 GMT
via: 1.1 fce8106dca6331a9ef447b7d400205f8.cloudfront.net (CloudFront)
last-modified: Thu, 03 Nov 2022 18:23:18 GMT
server: nginx
x-amz-cf-pop: HAM50-P1
age: 223866
etag: "63640716-199af"
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 104879
x-amz-cf-id: g3lMatqPcqezRxD-i8_yG_5yBPGVC9K9BRbiKYsu8g5Ge7GHTn_TPQ==
expires: Sat, 04 Nov 2023 18:42:03 GMT

GET
H2 200 l
use.typekit.net/af/75d7a9/00000000000000007735e8da/30/ 17 KB
17 KB 61ms
16ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/75d7a9/00000000000000007735e8da/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1fae6e69f52855c8deb7db0e0adea8d5fb4fc96e8685b815e10d3678a9e76ae1

Request headers

Referer: https://use.typekit.net/ydo1lso.css
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
server: nginx
etag: "6019161dc08351df1c9cb626549cb66711a764db"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16964

GET
H2 200 l
use.typekit.net/af/cd153c/00000000000000007735e8b4/30/ 16 KB
17 KB 74ms
30ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cd153c/00000000000000007735e8b4/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bd5669e67a38241fb41d9b02e66033f7ec1d1aea8b596aa9ea0adc70b5f7169a

Request headers

Referer: https://use.typekit.net/ydo1lso.css
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
server: nginx
etag: "a7f8f02fbacd28b947c939e763b44513f0c56230"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16732

GET
H2 200 l
use.typekit.net/af/1ba16c/00000000000000007735bb5a/30/ 23 KB
23 KB 64ms
21ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ba16c/00000000000000007735bb5a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 945247b37ca459967e61f373daa58a1f65571bf045a9e5d47aa94ab148f72c2a

Request headers

Referer: https://use.typekit.net/ydo1lso.css
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
server: nginx
etag: "11d02edbb0e1552504cdb4512876b33f0c02dcaf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23256

GET
H2 200 l
use.typekit.net/af/153042/00000000000000007735bb62/30/ 24 KB
24 KB 63ms
20ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/153042/00000000000000007735bb62/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2dcac4047f716bc02991807013dff48324f753a0fce153a57e5b6383437ba3fc

Request headers

Referer: https://use.typekit.net/ydo1lso.css
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
server: nginx
etag: "b0d46bd3fb22c6c06785f44e1a131be6878e0485"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24460

GET
H2 200 l
use.typekit.net/af/83f011/00000000000000007735e8d8/30/ 17 KB
17 KB 60ms
18ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/83f011/00000000000000007735e8d8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ydo1lso.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1666ef3025b01a05284ddca2b8faf708ecd3875170c57b91e4032d172445bc30

Request headers

Referer: https://use.typekit.net/ydo1lso.css
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
server: nginx
etag: "787a89b641470ef3ed5e9289a3976c796e9e51f1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16900

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 07:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5835
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 07 Nov 2022 09:15:54 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/ 64 KB
22 KB 80ms
28ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6209ebd0fb944177f19f8b4637424b8f4fff0bc84196b96517f03038549c9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 08:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 308
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QaghPaTBiHIY4lIOMl15ujJxT24iVuAaYbsvMxonTHvQzBf%2FXEK%2B8rB4RJ1ylMxpelnCCcVEcFD17R9GJ8kjk1OUgBEEmS0eXjd2Hk0x9bJyGEhIoPjHHV9Fa2K27Wyim7wOZAo%2BJ3F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 7664d63d685368fd-FRA

GET
H2 200 amplitude-4.1.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
23 KB 74ms
18ms Script
application/javascript 13.226.156.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f2442634034675ac1d813fafe849afbc539d8672ee280127f7b4de691a0649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 08:57:08 GMT
content-encoding: gzip
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
x-amz-version-id: Ab72F2O7EEayrsY6N3cFncAqh5p3OPFm
x-amz-cf-pop: DUS51-C1
age: 690962
x-cache: Hit from cloudfront
content-length: 23381
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "dd911bf17b828cc7b163c32407c6b94d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JtGmG9MIPttNK7pzG6-QXmQvx8RwrZkJ0ZR1H3WZvfdbw9cD4M1RPA==

GET
H2 200 profiles.compressed.js Show response
dizbubza2heg.cloudfront.net/js/ 40 KB
40 KB 68ms
16ms Script
application/x-javascript 2600:9000:211e:a800:9:cfaa:a600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a800:9:cfaa:a600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 02:13:35 GMT
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jul 2020 15:07:01 GMT
server: nginx/1.4.6 (Ubuntu)
x-amz-cf-pop: FRA56-C2
age: 23974
etag: "5f0dca15-9fc6"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 40902
x-amz-cf-id: IIn1g2nYAT8w1TC2HYkjLIdGAH8ZZ4phZQ5-e3Y0qItWjj1R1WBsJg==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 86ms
15ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:09 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Oct 2022 07:50:08 GMT
Server: AkamaiNetStorage
ETag: "0d5508c59e34b5d35cde5aea2aa1c2fd:1665301953.026714"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3471
Expires: Mon, 07 Nov 2022 09:13:09 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 187ms
65ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:51:56 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: QDGN2ZRFQ7JKZPFQ
age: 74
x-amz-server-side-encryption: AES256
x-amz-id-2: MbYoJETR/AK/ocHc8NIVJ0pAxkpl22qwewVkTl5n9FTAoH54ctIcHbglsF0BD4+aSzCJG03iOZs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 khxix7pc3l.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 18ms
17ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/khxix7pc3l.json?callback=wistiajson1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8eef1f4e462cb5e42cef35df95cf279eeeb2bcd440d9a414ac541b96d515e34c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 74161
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 1477
x-request-id: df9c93e1db5c27ab5c224d0485a87a90
x-served-by: cache-iad-kjyo7100071-IAD, cache-hhn4073-HHN
x-runtime: 0.052424
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 107
x-timer: S1667811189.319478,VS0,VE1
etag: W/"8eef1f4e462cb5e42cef35df95cf279e"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 142, 1

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 125 KB
31 KB 15ms
15ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fefbf612de2a11f95bbcb8f4ff7f1ac32fab6496141f7c2b8a577a27f66a1d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1504
x-cache: HIT, HIT
content-length: 31655
x-served-by: cache-iad-kcgs7200128-IAD, cache-hhn4073-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
x-timer: S1667811189.319773,VS0,VE0
etag: "63652028-7ba7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 261

GET
H2 200 RGF_BCC_CTP_1122_01_800px.png
d2z65klgtz99km.cloudfront.net/RGF/RGF_ColdCoverup_1122/img/ 242 KB
242 KB 24ms
23ms Image
image/png 2600:9000:2453:cc00:13:881b:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RGF/RGF_ColdCoverup_1122/img/RGF_BCC_CTP_1122_01_800px.png
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:cc00:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: beffec050614b6c4d6cef146ebe2efbb15ebf830ecde3edf5b277b3a10d89430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 07:50:54 GMT
via: 1.1 fce8106dca6331a9ef447b7d400205f8.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 20:14:35 GMT
server: nginx
x-amz-cf-pop: HAM50-P1
age: 176534
etag: "636572ab-3c70f"
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 247567
x-amz-cf-id: VRB86mlJ9dVtjUx5S51m5S474XUN4KDoxvt1QalSJ3mT2aPfRvYH-g==
expires: Sun, 05 Nov 2023 07:50:54 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138958347-1&cid=1366606017.1667811189&jid=1683770046&gjid=951869300&_gid=1407114964.1667811189&_u=YGBAiEABBAAAAEAAI~&z=24637883

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Nov 2022 08:53:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.paradigm-press.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 15ms
15ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=pageview&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAAAI~&jid=1683770046&gjid=951869300&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=2046443642

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 02:57:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21331
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 737ms
168ms Script
application/javascript 38.133.127.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0008aaf7399985de7f2182c3644185f44d
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
content-encoding: gzip
X-TraceId: 85eba3969d60e3479e4fcedeae870212
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 752ms
169ms Image
image/gif 38.133.127.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0008aaf7399985de7f2182c3644185f44d&obApiVersion=1.1&obtpVersion=1.10.0&name=PAGE_VIEW&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&optOut=false&bust=06941504265634026&referrer=
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: b0f26281aadc880b3b29ac297b29bea4
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 10082412.json Show response
s.yimg.com/wi/config/ 2 B
452 B 50ms
20ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10082412.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:43:23 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: 8CFD0BF7YMF8CVPF
age: 586
content-length: 2
x-amz-id-2: YGCertZJbzSU+5KIaJ59uBA3LTTX5u9vFeaqg++HCwZ5U8/KtS5towXcVs7x+1B7jkPifjaJBOA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10091245.json Show response
s.yimg.com/wi/config/ 2 B
164 B 50ms
21ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10091245.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:24:25 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: 9DYKZDS6A6RV52PK
age: 1724
content-length: 2
x-amz-id-2: D/yQlFJcqgQRKCfeb0xMSuKodh70fv1GPIRQvkaiSpKrfu2xn9BkaR3hg7zaBrdXYF8+IHmkFKg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10114794.json Show response
s.yimg.com/wi/config/ 2 B
164 B 50ms
21ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10114794.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:47:49 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: H13TZHZ8NPHSVZ9H
age: 320
content-length: 2
x-amz-id-2: pFfkzGPAFrZiUY3ZsUgII3wFA4yBHGh+hv5hWEA7Rgfm78ZBOaO6FeJD6ktdxY8HR9IhAq+Pu64=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10125189.json Show response
s.yimg.com/wi/config/ 2 B
163 B 49ms
20ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10125189.json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 07:59:03 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: J5E00440754MS2EH
age: 3246
content-length: 2
x-amz-id-2: ApewQ5CzJE7QqP0KUQ9lfNnjR6GvrFvIMP3XAFrle9P0z4x0AAaVSZV0JHq2CjQt//JjIKIWXD4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 144ms
46ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2007%20Nov%202022%2008%3A53%3A09%20GMT&n=0&b=Biden%E2%80%99s%20Cold%20Cover-Up&.yp=10091245&f=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 08:53:09 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 142ms
44ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20Cold%20Cover-Up&.yp=10082412&f=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 08:53:09 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 141ms
43ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20Cold%20Cover-Up&.yp=10114794&f=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 08:53:09 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 139ms
42ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Biden%E2%80%99s%20Cold%20Cover-Up&.yp=10125189&f=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 08:53:09 GMT

GET
H2 200 6cd5d344-e9b2-4e2d-8e28-8debf14d8c96 Show response
c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/ 11 KB
3 KB 177ms
177ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/7633a10cce24ede709377546c8e3146d/user/_uid/6cd5d344-e9b2-4e2d-8e28-8debf14d8c96?segments=true&fields=first_name,last_name,email,city,country_code,zip,state,address_line_1,customer_number&mergestate=true&state=%7B%22_uid%22%3A%226cd5d344-e9b2-4e2d-8e28-8debf14d8c96%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22pro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue%22%2C%22_v%22%3A%223.0.28%22%7D&ts=1667811189551&callback=u_941510907462163500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bcd203df483fed5181d3dc4bb979ff462872a2571d580c98e91d7819bb0e3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o03o88biyjYqBdI76eSEn8Bev0ykmLpFpTrrqSyZscJHGW1KsDzLj%2BbiZUsl3Vus3kjYzF2DumtrxgRfuMjoXtN5cyosBXAgJzBeh2Xrb0IgmwNB7tpcxWvXnG2JCLcvKrX801L8asaz"}],"group":"cf-nel","max_age":604800}
cf-ray: 7664d63eca9268fd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 7633a10cce24ede709377546c8e3146d
c.lytics.io/c/ 35 B
547 B 146ms
146ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1667811189546&_nmob=t&_device=desktop&url=pro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&_v=3.0.28&_uid=6cd5d344-e9b2-4e2d-8e28-8debf14d8c96&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:09 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkO1yvwpUT%2FYDJqYJ1eXB5a4Wycux3tqnBrFykTHnR5gGELzUiX4mVtaiK84zUPlA9CtMTar%2Bhr2DPZntdonvn5d96ex7ECWMXbZvElingMSDSw5u1yOCkukS5R9W6M2pfI6js8XUZBl"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7664d63eca9468fd-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
376 B 66ms
23ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D6cd5d344-e9b2-4e2d-8e28-8debf14d8c96%26account_id%3D7633a10cce24ede709377546c8e3146d
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 07 Nov 2022 08:53:09 GMT
via: 1.1 varnish
x-served-by: cache-hhn4049-HHN
server: nginx
x-timer: S1667811190.785646,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHBAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&uid=6cd5d344-e9b2-4e2d-8e28-8debf14d8c96&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=24733196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16993
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 59 KB
16 KB 15ms
15ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

378d178a625a612d0acf6c17df60c05a52d60f670f6db1ff90515cacba697a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1506
x-cache: HIT, HIT
content-length: 15960
x-served-by: cache-iad-kcgs7200113-IAD, cache-hhn4073-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
x-timer: S1667811190.214160,VS0,VE0
etag: "63652028-3e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 252

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 56ms
17ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 07 Nov 2022 08:53:10 GMT
x-amz-request-id: 4SGB0Z4WK05E6VDM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: hZzDK8OztGUtU9SwUwhVYetWQI5C0elB56fBz2mr7D0CSMlOrueV29zWycu6nSHFKzVLqpVUhC4=
x-served-by: cache-hhn4073-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1667811190.255217,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10547

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 489 KB
112 KB 15ms
15ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcf014050c9b4092c50ee979d67ae9a7c3bf7edccdb8779140918175c6ee29a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1505
x-cache: HIT, HIT
content-length: 114372
x-served-by: cache-iad-kiad7000086-IAD, cache-hhn4073-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
x-timer: S1667811190.217059,VS0,VE0
etag: "63652028-1bec4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 193

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 327ms
108ms XHR
text/plain 3.83.73.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.83.73.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-235.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 08:53:10 GMT
cache-control: max-age=0, private, must-revalidate

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=0&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=1707475039

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=10&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=1672802821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=25&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=791606357

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=50&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=221860355

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=75&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=67895220

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=90&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=2121025023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1726385763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigm-press.info%2Fp%2Frgf_coldcoverup_1122%2FERGFYB15%2F%3FESP_MAIL_ID%3D5466348%26ESP_ORG%3D400%26ESP_EXP_ID%3D7390760%26ESP_CNTC_ID%3DMDAwMDM3ODM0Mzgy%26ESP_A%3D90339%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Biden%E2%80%99s%20Cold%20Cover-Up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=100&_u=aHDAiEABBAAAAEAAI~&jid=&gjid=&cid=1366606017.1667811189&tid=UA-138958347-1&_gid=1407114964.1667811189&gtm=2wgb20NKRVP76&z=574771140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 04:09:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 32ms
30ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 08:19:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1994
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2FsIoa4b8Zi30eotYe7ql7dc3mplVCYxKMwDVRLZkD8agh6GBTk00qAkKiRMkyqwmUSN7YcxzW3of%2BMBKMvbL6LOHXufCW5qGWSD1VMLdmB0kjAKD4LT8ERSVpHR%2FkrDy8lUE3QOqSH"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 7664d6432a9a68fd-FRA

GET
H2 200 khxix7pc3l.m3u8 Show response
fast.wistia.com/embed/medias/ 752 B
1 KB 50ms
17ms XHR
application/x-mpegurl 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/khxix7pc3l.m3u8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e02edf1a2bb30a07c4147b4afedcbaf90b5b487b8cba71801f20bf741fced487

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 74251
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 752
x-request-id: a5d33f336fcb8716257c77e01e2677fe
x-served-by: cache-iad-kiad7000033-IAD, cache-hhn4075-HHN
x-runtime: 0.023242
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 107
x-timer: S1667811190.352951,VS0,VE3
etag: W/"e02edf1a2bb30a07c4147b4afedcbaf9"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 380, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 39ms
15ms Image
image/gif 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Origin: https://pro.paradigm-press.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits: 11, 11718
date: Mon, 07 Nov 2022 08:53:10 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 213908
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4075-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 21:25:15 GMT
x-timer: S1667811190.353061,VS0,VE0
etag: "6365833b-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 65387c3314 Show response
bam.nr-data.net/1/ 49 B
615 B 200ms
159ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=2582&ck=1&ref=https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/&ap=23&be=1236&fe=2439&dc=1393&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1667811187767,%22n%22:0,%22r%22:0,%22re%22:746,%22f%22:746,%22dn%22:746,%22dne%22:746,%22c%22:746,%22ce%22:746,%22rq%22:746,%22rp%22:887,%22rpe%22:1000,%22dl%22:889,%22di%22:1385,%22ds%22:1385,%22de%22:1394,%22dc%22:2435,%22l%22:2437,%22le%22:2442%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1399&fcp=1399&jsonp=NREUM.setToken
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7664d643f90cbb9e-FRA

GET
H2 200 khxix7pc3l.m3u8 Show response
fast.wistia.com/embed/medias/ 752 B
833 B 16ms
15ms Fetch
application/x-mpegurl 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/khxix7pc3l.m3u8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e02edf1a2bb30a07c4147b4afedcbaf90b5b487b8cba71801f20bf741fced487

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 74251
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 752
x-request-id: a5d33f336fcb8716257c77e01e2677fe
x-served-by: cache-iad-kiad7000033-IAD, cache-hhn4075-HHN
x-runtime: 0.023242
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 107
x-timer: S1667811190.363514,VS0,VE0
etag: W/"e02edf1a2bb30a07c4147b4afedcbaf9"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 380, 2

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 07:23:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5371
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHK1itdiyUPqIcNy0jYicJuK3wFBtlHmiDzU%2FBOqT%2B3WNks9d0I4rOaz%2BwjfIDJLBrrSpP%2BoI7%2Bgj2SXhKI2NQKrJY3J9vxBph4em7%2BehapBiAGgzle%2FTl2NHRK%2FWHApo82XM4Q8vp4v"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 7664d643cc3b68fd-FRA

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/ 88 KB
14 KB 34ms
34ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/config.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91c4a35e3c744f3fea596b05b3cc9a17db0a872292895c59ee056cd6c1b5cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:10 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 07:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4056
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2F5Ypdxb7%2FzFpgn8dcoN2aD0xFSCFmEgSxdeUgmwNjQYoK3IbZ6ePH06T5%2FoKuwVUsPWxrMqxqbgnY6qfNyblwlHtcV3jbEiChNoLVwJ4AQL3wLTv9Mx0UZoDp4%2BkB8yVwvyR75Q%2BevT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 7664d643dc5468fd-FRA

GET
H/1.1 200
OK da15751480e7af9771901e8c1bd0c24e48dca6ab.m3u8 Show response
embedwistia-a.akamaihd.net/deliveries/ 143 KB
143 KB 83ms
17ms XHR
application/vnd.apple.mpegurl 2.16.238.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/da15751480e7af9771901e8c1bd0c24e48dca6ab.m3u8
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.238.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0517839cd5988a6768f638b5eabe6449d6896a790cff92af9e382cc8398ddf02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
Access-Control-Request-Method: *
surrogate-key: da15751480e7af9771901e8c1bd0c24e48dca6ab-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31468579
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 145994
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Mon, 06 Nov 2023 14:09:29 GMT

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/da15751480e7af9771901e8c1bd0c24e48dca6ab.m3u8/ 770 KB
771 KB 17ms
17ms XHR
video/mp2t 2.16.238.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/da15751480e7af9771901e8c1bd0c24e48dca6ab.m3u8/seg-1-v1-a1.ts
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.238.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0ebfa46619d446b8fa15ffd0c56a992b76991f8efe301cba313f9cdfe872bb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
Access-Control-Request-Method: *
surrogate-key: da15751480e7af9771901e8c1bd0c24e48dca6ab-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31511283
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 788472
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Tue, 07 Nov 2023 02:01:13 GMT

GET
BLOB 200
OK cbd15b23-e3c8-40a1-8063-54fbeb70e9af
https://pro.paradigm-press.info/ 91 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pro.paradigm-press.info/cbd15b23-e3c8-40a1-8063-54fbeb70e9af
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79e36de63a9bb0aecdd2eb18a56e75e695655d2be158c2d4f12ddb0223d83cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Length: 93058
Content-Type: text/javascript

GET
H/1.1 200
OK e58cef00bb8e3b389b87e51bcab9437509052521.m3u8 Show response
embedwistia-a.akamaihd.net/deliveries/ 143 KB
143 KB 18ms
18ms XHR
application/vnd.apple.mpegurl 2.16.238.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e58cef00bb8e3b389b87e51bcab9437509052521.m3u8
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.238.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d85c0e19a7ae43a0796d73d53aed262a4d6aec3e5fe9e91e4a1e0f8bc08da0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 08:53:10 GMT
Access-Control-Request-Method: *
surrogate-key: e58cef00bb8e3b389b87e51bcab9437509052521-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31468509
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 145994
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Expires: Mon, 06 Nov 2023 14:08:19 GMT

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 516ms
106ms XHR
text/plain 54.165.194.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.194.153 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-194-153.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 08:53:11 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK 65387c3314 Show response
bam.nr-data.net/events/1/ 24 B
411 B 236ms
236ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/65387c3314?a=46346808,5284047&v=1216.487a282&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=3373&ck=1&ref=https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/
Requested by: Host: pro.paradigm-press.info
URL: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 07 Nov 2022 08:53:11 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://pro.paradigm-press.info
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7664d648aaffbb9e-FRA
Content-Length: 24

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 21 KB
6 KB 17ms
16ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f22394f867711a1c7bc1754ac44271073c2782cfd2d4072fc5a9f5182c105327

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID=5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 08:53:11 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2650
x-cache: HIT, HIT
content-length: 5623
x-served-by: cache-iad-kiad7000146-IAD, cache-hhn4073-HHN
x-browser-version: 107
last-modified: Fri, 04 Nov 2022 14:22:32 GMT
x-timer: S1667811191.217338,VS0,VE0
etag: "63652028-15f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6, 238

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15	1970-01-20 16:02:27	Name: https://pro.paradigm-press.info/p/rgf_coldcoverup_1122/ERGFYB15/?ESP_MAIL_ID Value: 5466348&ESP_ORG=400&ESP_EXP_ID=7390760&ESP_CNTC_ID=MDAwMDM3ODM0Mzgy&ESP_A=90339&h=true=visited
pro.paradigm-press.info/	1970-01-20 07:45:39	Name: 2107470 Value: 2490289
pro.paradigm-press.info/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: !osHXgozXefvBvuVbyhZUbYl6SkaXWokKAP5TUwsZT3Fwuvrn05HY7hfMX1venGP02kk2YcQyC0TOW8c=
pro.paradigm-press.info/	1970-01-20 16:52:51	Name: ERGFYB15 Value:
.paradigm-press.info/	1970-01-20 09:26:27	Name: _gcl_au Value: 1.1.1272104887.1667811189
.paradigm-press.info/	1970-01-20 16:52:51	Name: _ga Value: GA1.2.1366606017.1667811189
.paradigm-press.info/	1970-01-20 07:18:17	Name: _gid Value: GA1.2.1407114964.1667811189
.paradigm-press.info/	1970-01-20 07:16:51	Name: _dc_gtm_UA-138958347-1 Value: 1
.paradigm-press.info/	1970-01-20 16:52:51	Name: amplitude_id_f5f7a5aa4184039fb326339252681a8dparadigm-press.info Value: eyJkZXZpY2VJZCI6IjNjMDE5YTJjLWE3YTctNDAzOC04M2Q2LTE3ZTJiNjRiY2U5ZFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY2NzgxMTE4OTQzNywibGFzdEV2ZW50VGltZSI6MTY2NzgxMTE4OTQzNywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.pro.paradigm-press.info/	1970-01-20 07:16:52	Name: seerses Value: e
.pro.paradigm-press.info/	1970-01-20 16:52:51	Name: seerid Value: 6cd5d344-e9b2-4e2d-8e28-8debf14d8c96
.yahoo.com/	1970-01-20 16:02:48	Name: A3 Value: d=AQABBHXHaGMCEIdehCfL46i2qQLVlVchuaQFEgEBAQEYamNyYwAAAAAA_eMAAA&S=AQAAAtIavu3XIeAgnE7dhoWrCRw
.lytics.io/	1970-01-20 16:52:51	Name: seerid Value: 6cd5d344-e9b2-4e2d-8e28-8debf14d8c96
pro.paradigm-press.info/	1970-01-20 07:16:51	Name: outbrain_cid_fetch Value: true
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3a184841f96f1435

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	info	URL: blob:https://pro.paradigm-press.info/cbd15b23-e3c8-40a1-8063-54fbeb70e9af Message: [log] >

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
bam.nr-data.net
c.lytics.io
cdn.amplitude.com
d2z65klgtz99km.cloudfront.net
distillery.wistia.com
dizbubza2heg.cloudfront.net
embedwistia-a.akamaihd.net
fast.wistia.com
js-agent.newrelic.com
p.typekit.net
pipedream.wistia.com
pro.paradigm-press.info
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
tr.outbrain.com
trc.taboola.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
13.226.156.204
151.101.2.137
162.247.241.14
192.135.136.169
2.16.238.157
212.82.100.181
2600:9000:211e:a800:9:cfaa:a600:21
2600:9000:2453:cc00:13:881b:ed80:21
2606:4700:20::681a:216
2a00:1288:80:807::1
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ee1
2a04:4e42::300
2a04:4e42::622
3.83.73.235
38.133.127.191
54.165.194.153
88.221.169.78
0517839cd5988a6768f638b5eabe6449d6896a790cff92af9e382cc8398ddf02
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ebfa46619d446b8fa15ffd0c56a992b76991f8efe301cba313f9cdfe872bb4a
1666ef3025b01a05284ddca2b8faf708ecd3875170c57b91e4032d172445bc30
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1fae6e69f52855c8deb7db0e0adea8d5fb4fc96e8685b815e10d3678a9e76ae1
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2dcac4047f716bc02991807013dff48324f753a0fce153a57e5b6383437ba3fc
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
378d178a625a612d0acf6c17df60c05a52d60f670f6db1ff90515cacba697a30
3bcd203df483fed5181d3dc4bb979ff462872a2571d580c98e91d7819bb0e3f8
4283f16ac7387cf336aa013777e68a454413bdc67bdb2986ba75a39fa3c5022c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68f2442634034675ac1d813fafe849afbc539d8672ee280127f7b4de691a0649
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
732f3fdb70bdcd8c4b72691afb1f9023d1152d139a3b1db33a3be4248573d3e0
76945b13c2b5b5b60c28867e3078bff4686bed922b545a732b15477986a016f6
79e36de63a9bb0aecdd2eb18a56e75e695655d2be158c2d4f12ddb0223d83cfe
7c514789b19a80cc979083092b96b1cf48a35c3019e98b7ea2caccd0234afb9e
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
8c0ed1a9821ec3a409fb6ad331ab5784b34f65d75432b2fc266cfe376d99cdf8
8eef1f4e462cb5e42cef35df95cf279eeeb2bcd440d9a414ac541b96d515e34c
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413
945247b37ca459967e61f373daa58a1f65571bf045a9e5d47aa94ab148f72c2a
a24258601485770a7f7991beb394bf1b990b052923f83c2569fe322780a6cfad
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd5669e67a38241fb41d9b02e66033f7ec1d1aea8b596aa9ea0adc70b5f7169a
beffec050614b6c4d6cef146ebe2efbb15ebf830ecde3edf5b277b3a10d89430
d85c0e19a7ae43a0796d73d53aed262a4d6aec3e5fe9e91e4a1e0f8bc08da0b0
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcf014050c9b4092c50ee979d67ae9a7c3bf7edccdb8779140918175c6ee29a7
e02edf1a2bb30a07c4147b4afedcbaf90b5b487b8cba71801f20bf741fced487
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91c4a35e3c744f3fea596b05b3cc9a17db0a872292895c59ee056cd6c1b5cc6
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
f22394f867711a1c7bc1754ac44271073c2782cfd2d4072fc5a9f5182c105327
f6209ebd0fb944177f19f8b4637424b8f4fff0bc84196b96517f03038549c9c3
fefbf612de2a11f95bbcb8f4ff7f1ac32fab6496141f7c2b8a577a27f66a1d4a

pro.paradigm-press.info Open in urlscan Pro 192.135.136.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

55 %IPv6

17 Domains

22 Subdomains

23 IPs

5 Countries

2112 kBTransfer

3894 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pro.paradigm-press.info Open in urlscan Pro
192.135.136.169 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

55 %
IPv6

17
Domains

22
Subdomains

23
IPs

5
Countries

2112 kB
Transfer

3894 kB
Size

15
Cookies

64 HTTP transactions
0 data transactions