pro.paradigmnewsletters.org Open in urlscan Pro
161.129.26.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW...
Effective URL:
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Submission: On June 08 via manual (June 8th 2023, 3:54:54 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 51 HTTP transactions. The main IP is 161.129.26.18, located in United States and belongs to 14WEST-AS, US. The main domain is pro.paradigmnewsletters.org. The Cisco Umbrella rank of the primary domain is 306044.
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.

This is the only time pro.paradigmnewsletters.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:cb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	50.97.212.250 50.97.212.250	36351 (SOFTLAYER) (SOFTLAYER)
2 2	52.15.147.241 52.15.147.241	16509 (AMAZON-02) (AMAZON-02)
1 1	192.135.136.169 192.135.136.169	11372 (14WEST-AS) (14WEST-AS)
3	161.129.26.18 161.129.26.18	11372 (14WEST-AS) (14WEST-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a04:4e42:400... 2a04:4e42:400::622	54113 (FASTLY) (FASTLY)
4	2a02:26f0:310... 2a02:26f0:3100::1735:28f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	2a02:26f0:780... 2a02:26f0:780::5f65:3681	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4007:807::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:4a00:13:881b:ed80:21	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2600:9000:21f... 2600:9000:21f3:c800:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.203.87.54 52.203.87.54	14618 (AMAZON-AES) (AMAZON-AES)
2	3.88.95.86 3.88.95.86	14618 (AMAZON-AES) (AMAZON-AES)
51	18

2 2606:4700::6812:cb1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d2dhhn04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clicktracxer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.97.212.250 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.15.147.241 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-147-241.us-east-2.compute.amazonaws.com

470twk1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.135.136.169 (United States) 1 redirects

ASN11372 (14WEST-AS, US)

pro.paradigm-press.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 161.129.26.18 (United States)

ASN11372 (14WEST-AS, US)

pro.paradigmnewsletters.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3100::1735:28f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::5f65:3681 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:4a00:13:881b:ed80:21 (United States)

ASN16509 (AMAZON-02, US)

d2z65klgtz99km.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1147369.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:c800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.87.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-87-54.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.88.95.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-95-86.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	wistia.com fast.wistia.com — Cisco Umbrella Rank: 5278 embed-cloudfront.wistia.com distillery.wistia.com — Cisco Umbrella Rank: 8092 pipedream.wistia.com — Cisco Umbrella Rank: 7733	789 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57 region1.google-analytics.com — Cisco Umbrella Rank: 1892	22 KB
5	yimg.com s.yimg.com — Cisco Umbrella Rank: 540	8 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 579 p.typekit.net — Cisco Umbrella Rank: 731	70 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1155	1 KB
3	paradigmnewsletters.org pro.paradigmnewsletters.org — Cisco Umbrella Rank: 306044	12 KB
2	cloudfront.net d2z65klgtz99km.cloudfront.net	2 MB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	187 KB
2	470twk1.com 2 redirects 470twk1.com	717 B
2	hubspotlinks.com 1 redirects d2dhhn04.na1.hubspotlinks.com — Cisco Umbrella Rank: 371302	3 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121	355 B
1	sentry.io o1147369.ingest.sentry.io	333 B
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4672	25 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422	34 KB
1	paradigm-press.info 1 redirects pro.paradigm-press.info — Cisco Umbrella Rank: 270931	606 B
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 82112	1012 B
1	clicktracxer.com 1 redirects www.clicktracxer.com	1020 B
51	17

	Domain	Requested by
9	www.google-analytics.com	www.googletagmanager.com pro.paradigmnewsletters.org
7	fast.wistia.com	pro.paradigmnewsletters.org browser.sentry-cdn.com fast.wistia.com
5	s.yimg.com	d2dhhn04.na1.hubspotlinks.com browser.sentry-cdn.com
4	sp.analytics.yahoo.com
4	use.typekit.net	pro.paradigmnewsletters.org use.typekit.net
3	embed-cloudfront.wistia.com	browser.sentry-cdn.com
3	region1.google-analytics.com	www.googletagmanager.com
3	pro.paradigmnewsletters.org	d2dhhn04.na1.hubspotlinks.com pro.paradigmnewsletters.org
2	pipedream.wistia.com	browser.sentry-cdn.com
2	d2z65klgtz99km.cloudfront.net	pro.paradigmnewsletters.org
2	www.googletagmanager.com	pro.paradigmnewsletters.org www.googletagmanager.com
2	470twk1.com	2 redirects
2	d2dhhn04.na1.hubspotlinks.com	1 redirects
1	distillery.wistia.com	browser.sentry-cdn.com
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	o1147369.ingest.sentry.io	browser.sentry-cdn.com
1	p.typekit.net	use.typekit.net
1	browser.sentry-cdn.com	pro.paradigmnewsletters.org
1	ajax.googleapis.com	pro.paradigmnewsletters.org
1	pro.paradigm-press.info	1 redirects
1	www.clkmg.com	1 redirects
1	www.clicktracxer.com	1 redirects
51	22

This site contains links to these domains. Also see Links.

Domain
paradigmpressgroup.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
ordertracking6.pubsvs.com R3	`2023-05-05` - `2023-08-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Frame ID: 20A388D1069774545AA45A84C5C4D056
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beware “Biden Bucks”

Page URL History Show full URLs

https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV... Page URL
https://d2dhhn04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW... HTTP 307
https://www.clicktracxer.com/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB45/?utm_medium=ema... HTTP 302
https://www.clkmg.com/DaveMoneyBreacker/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB... HTTP 302
http://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsins... HTTP 301
https://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsins... HTTP 302
https://pro.paradigm-press.info/m/2179950?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d HTTP 301
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-8... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

18
IPs

5
Countries

3462 kB
Transfer

5012 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://paradigmpressgroup.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://paradigmpressgroup.com/terms-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/2f095f1e-de25-443a-890a-319f10136a2c.html?_ga=2.13805047.1123713612.1627612821-85506839.1510063062
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b1bQRXBVglBG_1718BLW6m-RgP8VV7nDW3ZWlhq9kmgq8W2DxKFk8kPMfZW5CTsPz2hPLX8DP1rY-JzwWW3lf8sc3NQbSxW4LPg9V1XRmlFW3lcQxF5rgCKmW8L1H2P9bpfLzM6Pt4WGMlnfW8jnSJX2bG3Z8W16017p61yL2_W7fLtc-5gFzL3W3wlj_02NLmJRW7ZgHlw8TbDWKW2Kb9zS69h0Gd3gxD1 Page URL
https://d2dhhn04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b1bQRXBVglBG_1718BLW6m-RgP8VV7nDW3ZWlhq9kmgq8W2DxKFk8kPMfZW5CTsPz2hPLX8DP1rY-JzwWW3lf8sc3NQbSxW4LPg9V1XRmlFW3lcQxF5rgCKmW8L1H2P9bpfLzM6Pt4WGMlnfW8jnSJX2bG3Z8W16017p61yL2_W7fLtc-5gFzL3W3wlj_02NLmJRW7ZgHlw8TbDWKW2Kb9zS69h0Gd3gxD1?_ud=d64c6b10-0dde-4f37-8f62-0aed61754d74&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://www.clicktracxer.com/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB45/?utm_medium=email&_hsmi=261658536&_hsenc=p2ANqtz-8iteYTiqL4SC0y2rPhkN-5PTVRy92NfX70chE6GlKgZZV5AKXIp35lrqN3IG-XUXhyvS2sd6jNUpdNLpKkg-QuSesTaw&utm_content=261658536&utm_source=hs_email HTTP 302
https://www.clkmg.com/DaveMoneyBreacker/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB45/?utm_medium=email&_hsmi=261658536&_hsenc=p2ANqtz-8iteYTiqL4SC0y2rPhkN-5PTVRy92NfX70chE6GlKgZZV5AKXIp35lrqN3IG-XUXhyvS2sd6jNUpdNLpKkg-QuSesTaw&utm_content=261658536&utm_source=hs_email HTTP 302
http://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsinsider.com&SID3=B&SID4=PABB45 HTTP 301
https://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsinsider.com&SID3=B&SID4=PABB45 HTTP 302
https://pro.paradigm-press.info/m/2179950?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d HTTP 301
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b...
d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/ 8 KB
3 KB 430ms
379ms Document
text/html 2606:4700::6812:cb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b1bQRXBVglBG_1718BLW6m-RgP8VV7nDW3ZWlhq9kmgq8W2DxKFk8kPMfZW5CTsPz2hPLX8DP1rY-JzwWW3lf8sc3NQbSxW4LPg9V1XRmlFW3lcQxF5rgCKmW8L1H2P9bpfLzM6Pt4WGMlnfW8jnSJX2bG3Z8W16017p61yL2_W7fLtc-5gFzL3W3wlj_02NLmJRW7ZgHlw8TbDWKW2Kb9zS69h0Gd3gxD1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7d4250a2bf8291d7-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 08 Jun 2023 15:54:43 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-thm5l
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6048102e-2a31-4047-9e86-4e41dd413dde
x-request-id: 6c9dbaf4-7831-41b8-b94d-f738c34bb45c
x-robots-tag: none

GET
H/1.1

200
OK

Primary Request / Show response
pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/
Redirect Chain

https://d2dhhn04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4c...
https://www.clicktracxer.com/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB45/?utm_medium=email&_hsmi=261658536&_hsenc=p2ANqtz-8iteYTiqL4SC0y2rPhkN-5PTVRy92NfX70chE6GlKgZZV5AKXIp35lrqN3...
https://www.clkmg.com/DaveMoneyBreacker/papbib/cccar@seormc.org/incomeinvestingsinsider.com/B/PABB45/?utm_medium=email&_hsmi=261658536&_hsenc=p2ANqtz-8iteYTiqL4SC0y2rPhkN-5PTVRy92NfX70chE6GlKgZZV5A...
http://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsinsider.com&SID3=B&SID4=PABB45
https://470twk1.com/clk.trk?CID=443820&AFID=496353&SID=cccar@seormc.org&SID2=incomeinvestingsinsider.com&SID3=B&SID4=PABB45
https://pro.paradigm-press.info/m/2179950?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d
https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

19 KB
9 KB

681ms
229ms

Document
text/html

161.129.26.18
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Requested by

Host: d2dhhn04.na1.hubspotlinks.com
URL: https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b1bQRXBVglBG_1718BLW6m-RgP8VV7nDW3ZWlhq9kmgq8W2DxKFk8kPMfZW5CTsPz2hPLX8DP1rY-JzwWW3lf8sc3NQbSxW4LPg9V1XRmlFW3lcQxF5rgCKmW8L1H2P9bpfLzM6Pt4WGMlnfW8jnSJX2bG3Z8W16017p61yL2_W7fLtc-5gFzL3W3wlj_02NLmJRW7ZgHlw8TbDWKW2Kb9zS69h0Gd3gxD1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.129.26.18 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

250c8a83d1935e23ba78acb159705531160a9030c150755f7a050af90d9d6eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://d2dhhn04.na1.hubspotlinks.com/Ctc/RK*113/d2DHHN04/VW8bSY3fshn4W2NqnKN65fFHDW1PHNH54_xVh8N5QLhTJ3lScGV1-WJV7CgJJBW8L2NMZ4n7prhW27qgbQ5jh93QW23RmlR1vdtFKN2GsxP4cT-hcVgzb0T7yvh5RW5FB00g5FwdtwW1l7cTc1KCBfSW445Kyl3_l482W7qX02Y6tVgwNW1vZp3p1n7Yy-W1yjP1b1bQRXBVglBG_1718BLW6m-RgP8VV7nDW3ZWlhq9kmgq8W2DxKFk8kPMfZW5CTsPz2hPLX8DP1rY-JzwWW3lf8sc3NQbSxW4LPg9V1XRmlFW3lcQxF5rgCKmW8L1H2P9bpfLzM6Pt4WGMlnfW8jnSJX2bG3Z8W16017p61yL2_W7fLtc-5gFzL3W3wlj_02NLmJRW7ZgHlw8TbDWKW2Kb9zS69h0Gd3gxD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 8957
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 15:54:46 GMT
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Cache-Control: private
Content-Length: 256
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 15:54:46 GMT
Location: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Strict-Transport-Security: max-age=63072000; includeSubDomains

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 134ms
38ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 07:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 07:58:50 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 650 KB
118 KB 41ms
7ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

14e1ea1dd3abfb0fc25b0d6c4df44b1f9c060a6c02bffb7a4393394c183ca074

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:46 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3497
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 119824
x-served-by: cache-iad-kcgs7200050-IAD, cache-fra-eddf8230042-FRA
x-browser-version: 114
last-modified: Wed, 07 Jun 2023 14:56:52 GMT
server: AmazonS3
x-timer: S1686239687.918726,VS0,VE0
etag: "492d18fed917028f1052be5b1ce130f8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 92bee467df098719072f39e28d186860a699cb4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 327

GET
H/1.1 200
OK Common.js Show response
pro.paradigmnewsletters.org/p/Scripts/ 2 KB
1 KB 101ms
101ms Script
application/javascript 161.129.26.18
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigmnewsletters.org/p/Scripts/Common.js

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.129.26.18 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 15:54:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Tue, 31 Mar 2020 05:43:09 GMT
ETag: "1be39421f7d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1140

GET
H/1.1 200
OK HideContent.js Show response
pro.paradigmnewsletters.org/p/Scripts/ 724 B
856 B 203ms
101ms Script
application/javascript 161.129.26.18
14WEST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pro.paradigmnewsletters.org/p/Scripts/HideContent.js

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.129.26.18 , United States, ASN11372 (14WEST-AS, US),

Reverse DNS

Software

Resource Hash

809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 15:54:47 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Wed, 08 Nov 2017 21:07:14 GMT
ETag: "0adf48cd558d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 466

GET
H2 200 nfp7qni.css
use.typekit.net/ 5 KB
1 KB 108ms
8ms Stylesheet
text/css 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nfp7qni.css

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

eb6f8879a97466e88ca7f596ad294e91107d118f4841cb4584f5499b322a81b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 08 Jun 2023 15:54:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686239686966_389359852_129097154_22_705_5_18_255";dur=1
timing-allow-origin: *
content-length: 806

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/7.14.0/ 74 KB
25 KB 33ms
8ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4848b910fc25c8ee7e9fa21fd42380399adc16075748f9c29b5290b256256e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 28 Sep 2022 12:12:25 GMT
server: Fastly
age: 2600642
etag: "5d7bd7b4bd3e1985565195a6b7303da3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25261
expires: Wed, 08 May 2024 13:30:44 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
238 B 59ms
7ms Stylesheet
text/css 2a02:26f0:780::5f65:3681
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=nfp7qni&ht=tk&f=31225.31226.31229.31230.31231.31232&a=78277183&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nfp7qni.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/nfp7qni.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686239687153_1600468605_126895664_16_614_5_17_255";dur=1
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 361 KB
101 KB 104ms
55ms Script
application/javascript 2a00:1450:4007:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e2eb2ffb35a5b8353a3ce72b10def093280e08fa1ba4d2409dcadc91c4ac92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102715
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 biden_bucks_bg.jpg
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/ 136 KB
136 KB 53ms
11ms Image
image/jpeg 2600:9000:223f:4a00:13:881b:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/biden_bucks_bg.jpg
Requested by: Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4dbf3f1af145adcd2c9c801afb92a60ac2369a5648eeab3717e7ebefaff2a553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 01:16:46 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 18:46:27 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 21566281
etag: "629e4b83-21eba"
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 138938
x-amz-cf-id: vzg0eYyjziV1VFEzWpeIhKYLqB3_OREAXVnesIV6Sx0Os1c1TgjfXQ==
expires: Mon, 02 Oct 2023 01:16:46 GMT

GET
H2 200 l
use.typekit.net/af/5e4a03/00000000000000003b9ae849/27/ 24 KB
24 KB 37ms
17ms Font
application/font-woff2 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5e4a03/00000000000000003b9ae849/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nfp7qni.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dacf953a3cae70714fa310ffaab73671c4bc2a25e305b518a3ed5d3aefc7a7b2

Request headers

Referer: https://use.typekit.net/nfp7qni.css
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
server: nginx
etag: "a2c3528b5b4cc3f31841ad8f1096df17ab1c84b9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686239687191_389359852_129097399_851_810_5_0_255";dur=1
timing-allow-origin: *
content-length: 24084

GET
H2 200 l
use.typekit.net/af/cab4b1/00000000000000003b9ae84e/27/ 21 KB
22 KB 38ms
17ms Font
application/font-woff2 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cab4b1/00000000000000003b9ae84e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nfp7qni.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83f843a435a6d47f1542cf1786d4c884a35fc9b388e8a662d3364cc9a00d7410

Request headers

Referer: https://use.typekit.net/nfp7qni.css
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
server: nginx
etag: "ac678982c364234feba2c43267d251315b824b53"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686239687206_389359852_129097400_964_802_5_14_255";dur=1
timing-allow-origin: *
content-length: 21964

GET
H2 200 l
use.typekit.net/af/7aa05f/00000000000000003b9ae848/27/ 23 KB
23 KB 30ms
9ms Font
application/font-woff2 2a02:26f0:3100::1735:28f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7aa05f/00000000000000003b9ae848/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nfp7qni.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 713b8a587540f0db6ab801b4eab54377795825692d866407bf716f53b5249093

Request headers

Referer: https://use.typekit.net/nfp7qni.css
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
server: nginx
etag: "45a18431cf7ce3769ef4ac797bca7103903737ca"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
server-timing: ak_p; desc="1686239687206_389359852_129097401_127_800_5_0_255";dur=1
timing-allow-origin: *
content-length: 23460

POST
H2 200 / Show response
o1147369.ingest.sentry.io/api/4503902855102464/envelope/ 41 B
333 B 88ms
23ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1147369.ingest.sentry.io/api/4503902855102464/envelope/?sentry_key=39a81e4de95a40d283d30db3dc35a252&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.14.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c604d7ac2ab897a7b1ebe49815a5368fa7e466a16fb6a051c77edfac617ad328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pro.paradigmnewsletters.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 37ms
37ms Script
application/javascript 2a00:1450:4007:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40089405c868ab5fbbfd1de89265829ac78e9b07c97e21ab315edab41ccf18ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 15:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 08 Jun 2023 17:04:48 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 98ms
29ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:46 GMT
x-amz-version-id: pM_8Podf2LG1oYqe3ugSKxJX2zCnEaDh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MM5KBTREF5ACNVRP
age: 2
x-amz-server-side-encryption: AES256
x-amz-id-2: YMcYmkwzC0dtVatQRVZWN9ofWzAA65vFQ5ufRdQjiWEvog06o1Phorf1/2I17J4oTHUAUrNOSv0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 12 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 07 Jun 2023 11:01:50 GMT
server: ATS
etag: "62d9fe1cc1697022ba0fe2a4d038b308-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 55ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3650&_p=1140232525&cid=224961197.1686239687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686239687&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.paradigmnewsletters.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
46 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3650&_p=1140232525&cid=224961197.1686239687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1686239687&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=Click%20Report&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.paradigmnewsletters.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10082412.json Show response
s.yimg.com/wi/config/ 2 B
163 B 86ms
36ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10082412.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:31:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FRJE8SW9NBE6GCZT
age: 1409
content-length: 2
x-amz-id-2: mZ0Un69EboQgBwvj/DQD1SGWTNNZQmNIi8MQ4bR3/WCH5EegQS2TIyftrsAilQqcmMxcNRgPuYo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10091245.json Show response
s.yimg.com/wi/config/ 2 B
451 B 82ms
32ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10091245.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:14:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: D44MAYX0DTYR6PT0
age: 2429
content-length: 2
x-amz-id-2: W7WsBEjzi7dX8iqH1XhvNWhdQ12+I7DXHDx4UeJETyMBFVdAk/RSEXqLpqeyh0CxLT/uNYwubKo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10114794.json Show response
s.yimg.com/wi/config/ 2 B
174 B 83ms
33ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10114794.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:42:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: CVRZYDB9ZC0XE97F
age: 745
content-length: 2
x-amz-id-2: 02KHkMq0cJbZVVotycZrFYaJY4UByslMSLeZiZj/P8WhteTeS2klBlAM3mG/ByKHHIeQXeBGIo+dnhkfY+I3VQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 10125189.json Show response
s.yimg.com/wi/config/ 2 B
137 B 82ms
33ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10125189.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:14:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: D44RXVQZKWR8NN6Z
age: 2429
content-length: 2
x-amz-id-2: VxbQfN8dHTUtVbaHIy4RfhS794P31FxyMzjVBCHZZtX1YL6TmKl0lArtEvrwqh5HxhHlZG3GA78=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
355 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-138958347-1&cid=224961197.1686239687&jid=541944909&gjid=653381767&_gid=1267999791.1686239687&_u=YCDAiEABBAAAAEAAI~&z=2056450807

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Jun 2023 15:54:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.paradigmnewsletters.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 38ms
37ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=pageview&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAAAI~&jid=541944909&gjid=653381767&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1098154970

Requested by

Host: pro.paradigmnewsletters.org
URL: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 40ms
37ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=0&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1802732645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 40ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=10&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1110221948

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 41ms
39ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=25&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=178850200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
39ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=50&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=393262537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=75&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1063952919

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=90&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1565493585

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
40ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1140232525&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Scroll%20Report&el=100&_u=aCDAiEABBAAAAEAAI~&jid=&gjid=&cid=224961197.1686239687&tid=UA-138958347-1&_gid=1267999791.1686239687&gtm=45He3650n81NKRVP76&z=1269013143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 07:06:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 138ms
40ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2008%20Jun%202023%2015%3A54%3A47%20GMT&n=0&b=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&.yp=10091245&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 136ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&.yp=10082412&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
635 B 135ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&.yp=10114794&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 135ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&.yp=10125189&f=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&enc=UTF-8&yv=1.15.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jun 2023 15:54:47 GMT

GET
H2 200 1rufykcqew.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 23ms
8ms Fetch
application/json 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/1rufykcqew.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7dd491a616ec1c6311090dd0582f14b258d37e88baaebc8a5e0f7d1751641490

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 224f09e9c236b40d399a8b2851ac0068.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 76157
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 57
content-length: 1608
x-request-id: 9f857e06-80a3-4c18-8bb7-c52cf271ac34
x-served-by: cache-iad-kjyo7100036-IAD, cache-fra-eddf8230032-FRA
x-runtime: 0.055121
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
server: envoy
x-timer: S1686239688.600031,VS0,VE2
etag: W/"7dd491a616ec1c6311090dd0582f14b2"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hfdKXxnHcm0dQbad8nVFLDNEOGtAKhAe1ngI82-YiSYCXL-lzp3YfA==
x-cache-hits: 38, 1

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 77 KB
21 KB 7ms
7ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a6f05cc47bd620897c6aeb49c3d7c1ef801bf0e3efc8ec56d4b3ee99f97b515

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3429
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20671
x-served-by: cache-iad-kcgs7200119-IAD, cache-fra-eddf8230032-FRA
x-browser-version: 114
last-modified: Wed, 07 Jun 2023 14:56:52 GMT
server: AmazonS3
x-timer: S1686239688.626573,VS0,VE0
etag: "65ce914a0c800a2c1dcc9b7aaaf67ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 92bee467df098719072f39e28d186860a699cb4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34, 130

GET
H2 200 BidenWalkingToPodium_CTP_720px.gif
d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/ 2 MB
2 MB 10ms
10ms Image
image/gif 2600:9000:223f:4a00:13:881b:ed80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/AWN/AWN_bidenbucks_0622/BidenWalkingToPodium_CTP_720px.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 30c514a0e324ba22ffb8662aef7a3bababaff722a22aa63ffaec5a2470651ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 22:54:33 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jun 2022 19:23:08 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 23648413
etag: "62ab831c-21f19e"
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2224542
x-amz-cf-id: MEeL9i7YoUND5bj-3mSUqqHI36cUqSxOLNydxKMeff_jC9wkZHf1Ag==
expires: Thu, 07 Sep 2023 22:54:33 GMT

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 470 KB
115 KB 7ms
7ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a188748d853d2c47f962e56bd67973e0fb5238e0043627761e58b7b0300ed53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3539
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117082
x-served-by: cache-iad-kiad7000081-IAD, cache-fra-eddf8230032-FRA
x-browser-version: 114
last-modified: Wed, 07 Jun 2023 14:56:52 GMT
server: AmazonS3
x-timer: S1686239688.729996,VS0,VE0
etag: "690c610ffba1578498359a756fa80855"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 92bee467df098719072f39e28d186860a699cb4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22, 84

GET
H2 200 1rufykcqew.m3u8 Show response
fast.wistia.com/embed/medias/ 756 B
1 KB 105ms
105ms XHR
application/x-mpegurl 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/1rufykcqew.m3u8

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32e854945a087d465bb4ad5d8b9464a5e9982686be9c82128e2dbdd3becd72b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
content-length: 756
x-request-id: bc348ff188dcaeb82eacc99c7425774d
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-eddf8230032-FRA
x-runtime: 0.030641
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 114
x-timer: S1686239688.792004,VS0,VE99
etag: W/"32e854945a087d465bb4ad5d8b9464a5"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38845, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 7ms
7ms Image
image/gif 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:47 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 390
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230032-FRA
x-browser-version: 114
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1686239688.797023,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 16

GET
H2 200 e4927814fafa377755c224f60b53238d927ce15d.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 71 KB
71 KB 70ms
11ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/e4927814fafa377755c224f60b53238d927ce15d.m3u8
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: f8a8748738d084743695994a71839fa3e4545778fa50a02519566d7e8ab6aff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 18 May 2023 03:03:55 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 1860652
edge-cache-tag: e4927814fafa377755c224f60b53238d927ce15d-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 153
content-length: 72208
surrogate-key: e4927814fafa377755c224f60b53238d927ce15d-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OWnvMDUu34ZqMC2tG0oWihtyWW5ljh9y2fysDpCUpp9sVlmgi9tg3A==
expires: Fri, 17 May 2024 03:03:55 GMT

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/e4927814fafa377755c224f60b53238d927ce15d.m3u8/ 382 KB
383 KB 10ms
10ms XHR
video/mp2t 2600:9000:21f3:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/e4927814fafa377755c224f60b53238d927ce15d.m3u8/seg-1-v1-a1.ts
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b6cf135886a58376f38e332db78e65331a55bf384a325c6c5ba3d8bddd371648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 02:46:07 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 1775320
edge-cache-tag: e4927814fafa377755c224f60b53238d927ce15d-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 147
content-length: 391416
surrogate-key: e4927814fafa377755c224f60b53238d927ce15d-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -qmRKi9XeJPn9L0-jqJo3MddmggMdjYn80ISHxV4xJp1rrQTnSPgaw==
expires: Sat, 18 May 2024 02:46:07 GMT

GET
H2 200 0fc2fba1d0d13bb29b4913b53de8d471b6340fc3.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 71 KB
71 KB 10ms
10ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:c800:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/0fc2fba1d0d13bb29b4913b53de8d471b6340fc3.m3u8
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 828f76c254029fce9bb1a3464c7d6f5594f62486d3d84c3e2e5362d3335358fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 04:54:15 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 1767633
edge-cache-tag: 0fc2fba1d0d13bb29b4913b53de8d471b6340fc3-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 49
content-length: 72208
surrogate-key: 0fc2fba1d0d13bb29b4913b53de8d471b6340fc3-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AT6YIjKk9NMSgKhO0guFRy65EXw-xFHQFuse1c1ArFFE3JrpTmbKOA==
expires: Sat, 18 May 2024 04:54:15 GMT

POST
H2 204 x
distillery.wistia.com/ 0
0 360ms
113ms Fetch 52.203.87.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.87.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-87-54.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 15:54:48 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
137 B 363ms
110ms Fetch
text/plain 3.88.95.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.95.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-95-86.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 15:54:48 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 111ms
110ms Fetch
text/plain 3.88.95.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.14.0/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.95.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-95-86.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 15:54:48 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 22 KB
6 KB 9ms
8ms Script
text/javascript 2a04:4e42:400::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
Origin: https://pro.paradigmnewsletters.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 15:54:48 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 4
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5665
x-served-by: cache-iad-kjyo7100176-IAD, cache-fra-eddf8230032-FRA
x-browser-version: 114
last-modified: Wed, 07 Jun 2023 14:56:52 GMT
server: AmazonS3
x-timer: S1686239689.654553,VS0,VE1
etag: "f54e46db7629001fd15d04d689f324fc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 92bee467df098719072f39e28d186860a699cb4c
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
46 B 20ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BYN6DTYEFQ&gtm=45je3650&_p=1140232525&cid=224961197.1686239687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=3&sid=1686239687&sct=1&seg=0&dl=https%3A%2F%2Fpro.paradigmnewsletters.org%2Fp%2Fawn_bidenbuckstac_1022%2FLAWNZ432%2F%3Fcake_s1%3D06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d%26h%3Dtrue&dt=Beware%20%E2%80%9CBiden%20Bucks%E2%80%9D&en=scroll&epn.percent_scrolled=90&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BYN6DTYEFQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1=06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 15:54:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pro.paradigmnewsletters.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432	1970-01-20 21:09:35	Name: https://pro.paradigmnewsletters.org/p/awn_bidenbuckstac_1022/LAWNZ432/?cake_s1 Value: 06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d&h=true=visited
.clkmg.com/	1970-01-20 21:09:35	Name: vid Value: 857210157
470twk1.com/	1970-01-20 12:34:04	Name: LTTC6_443820 Value: 06_111726536_f8078126-6251-4c8e-89e2-bd3bb73e159d
pro.paradigm-press.info/	1970-01-20 12:52:47	Name: 2179950 Value: 2574183
pro.paradigm-press.info/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: !NlJKADywTxLDLbsOWwzodhrFVebKMJg2/m2BpwVN+IEJjfWzYHGk/nN86mG3uDXKICkxS6tbiUNWEg8=
pro.paradigmnewsletters.org/	1970-01-20 21:59:59	Name: LAWNZ432 Value:
pro.paradigmnewsletters.org/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: !4uALij64LJC7WzsOWwzodhrFVebKMFV19/uA0gnAev/mmlvTUly7SMiK1Ospx6QWP+0aOVQIjxbYc1E=
.paradigmnewsletters.org/	1970-01-20 14:33:35	Name: _gcl_au Value: 1.1.843062091.1686239687
.paradigmnewsletters.org/	1970-01-20 21:59:59	Name: _ga_BYN6DTYEFQ Value: GS1.1.1686239687.1.0.1686239687.0.0.0
.paradigmnewsletters.org/	1970-01-20 21:59:59	Name: _ga Value: GA1.2.224961197.1686239687
.paradigmnewsletters.org/	1970-01-20 12:25:26	Name: _gid Value: GA1.2.1267999791.1686239687
.paradigmnewsletters.org/	1970-01-20 12:23:59	Name: _dc_gtm_UA-138958347-1 Value: 1
.yahoo.com/	1970-01-20 21:09:57	Name: A3 Value: d=AQABBMf5gWQCEAw7hoM6MnZgt9vrq2HbtJQFEgEBAQFLg2SLZOANyiMA_eMAAA&S=AQAAAphaDMD444r7Iq2Xp6LsUBs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

470twk1.com
ajax.googleapis.com
browser.sentry-cdn.com
d2dhhn04.na1.hubspotlinks.com
d2z65klgtz99km.cloudfront.net
distillery.wistia.com
embed-cloudfront.wistia.com
fast.wistia.com
o1147369.ingest.sentry.io
p.typekit.net
pipedream.wistia.com
pro.paradigm-press.info
pro.paradigmnewsletters.org
region1.google-analytics.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
use.typekit.net
www.clicktracxer.com
www.clkmg.com
www.google-analytics.com
www.googletagmanager.com
161.129.26.18
192.135.136.169
2001:4860:4802:34::36
212.82.100.181
2600:9000:21f3:c800:1e:c86:4140:93a1
2600:9000:223f:4a00:13:881b:ed80:21
2606:4700::6812:cb1
2a00:1288:80:807::1
2a00:1450:4001:811::200a
2a00:1450:4001:831::200e
2a00:1450:4007:807::2008
2a00:1450:400c:c00::9a
2a02:26f0:3100::1735:28f0
2a02:26f0:780::5f65:3681
2a04:4e42:400::622
2a04:4e42:400::729
2a06:98c1:3120::3
3.88.95.86
34.120.195.249
50.97.212.250
52.15.147.241
52.203.87.54
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14e1ea1dd3abfb0fc25b0d6c4df44b1f9c060a6c02bffb7a4393394c183ca074
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
250c8a83d1935e23ba78acb159705531160a9030c150755f7a050af90d9d6eeb
29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4
30c514a0e324ba22ffb8662aef7a3bababaff722a22aa63ffaec5a2470651ed3
32e854945a087d465bb4ad5d8b9464a5e9982686be9c82128e2dbdd3becd72b0
40089405c868ab5fbbfd1de89265829ac78e9b07c97e21ab315edab41ccf18ac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4848b910fc25c8ee7e9fa21fd42380399adc16075748f9c29b5290b256256e6c
4a6f05cc47bd620897c6aeb49c3d7c1ef801bf0e3efc8ec56d4b3ee99f97b515
4dbf3f1af145adcd2c9c801afb92a60ac2369a5648eeab3717e7ebefaff2a553
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713b8a587540f0db6ab801b4eab54377795825692d866407bf716f53b5249093
7dd491a616ec1c6311090dd0582f14b258d37e88baaebc8a5e0f7d1751641490
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
828f76c254029fce9bb1a3464c7d6f5594f62486d3d84c3e2e5362d3335358fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f843a435a6d47f1542cf1786d4c884a35fc9b388e8a662d3364cc9a00d7410
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
9e2eb2ffb35a5b8353a3ce72b10def093280e08fa1ba4d2409dcadc91c4ac92b
a188748d853d2c47f962e56bd67973e0fb5238e0043627761e58b7b0300ed53a
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
b6cf135886a58376f38e332db78e65331a55bf384a325c6c5ba3d8bddd371648
c604d7ac2ab897a7b1ebe49815a5368fa7e466a16fb6a051c77edfac617ad328
dacf953a3cae70714fa310ffaab73671c4bc2a25e305b518a3ed5d3aefc7a7b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4164edd6af46ad5e9c02a482bdcd2a9c3e9eb199cee06bcd12cc751ce73de87
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb6f8879a97466e88ca7f596ad294e91107d118f4841cb4584f5499b322a81b7
f8a8748738d084743695994a71839fa3e4545778fa50a02519566d7e8ab6aff7

pro.paradigmnewsletters.org Open in urlscan Pro 161.129.26.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

64 %IPv6

17 Domains

22 Subdomains

18 IPs

5 Countries

3462 kBTransfer

5012 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pro.paradigmnewsletters.org Open in urlscan Pro
161.129.26.18 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

18
IPs

5
Countries

3462 kB
Transfer

5012 kB
Size

13
Cookies

51 HTTP transactions
0 data transactions