orders.paradigm-press.info Open in urlscan Pro
192.135.136.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy5pbmZvL20vMTQyMzI5Mz...
Effective URL:
https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC...
Submission: On December 08 via api (December 8th 2019, 4:01:18 am UTC) from BE

Summary HTTP 76 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 17 domains to perform 76 HTTP transactions. The main IP is 192.135.136.173, located in United States and belongs to AGORA - Monument & Cathedral Holdings, Inc., US. The main domain is orders.paradigm-press.info.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 25th 2019. Valid for: 5 months.

This is the only time orders.paradigm-press.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	199.114.7.34 199.114.7.34	11372 (AGORA) (AGORA - Monument & Cathedral Holdings)
2 2	192.135.136.169 192.135.136.169	11372 (AGORA) (AGORA - Monument & Cathedral Holdings)
8	192.135.136.173 192.135.136.173	11372 (AGORA) (AGORA - Monument & Cathedral Holdings)
8	2600:9000:20e... 2600:9000:20eb:8e00:1:b0bf:f780:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:215... 2600:9000:2156:b400:18:2d84:13c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	2600:9000:20e... 2600:9000:20eb:8400:13:881b:ed80:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:204... 2600:9000:2043:2400:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.34.71.92 52.34.71.92	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.84.33 147.75.84.33	54825 (PACKET) (PACKET - Packet Host)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	52.218.200.184 52.218.200.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN - Outbrain)
1	147.75.85.99 147.75.85.99	54825 (PACKET) (PACKET - Packet Host)
9	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.224.197.75 13.224.197.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:215... 2600:9000:2156:be00:9:cfaa:a600:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.101.43 143.204.101.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.32.75 147.75.32.75	54825 (PACKET) (PACKET - Packet Host)
1	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
76	25

2 199.114.7.34 (Baltimore, United States) 2 redirects

ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US)

click2.banyanhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.135.136.169 (United States) 2 redirects

ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US)

pro.paradigm-press.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.135.136.173 (United States)

ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US)

orders.paradigm-press.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:8e00:1:b0bf:f780:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d13p2xj50zkyqm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:b400:18:2d84:13c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

images.web-purchases.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:8400:13:881b:ed80:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2z65klgtz99km.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2043:2400:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.34.71.92 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-34-71-92.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.33 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.200.184 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-5

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-75.fra2.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:be00:9:cfaa:a600:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

dizbubza2heg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.43 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-43.fra50.r.cloudfront.net

10rnpyiva0.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.75 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-1

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d13p2xj50zkyqm.cloudfront.net d2z65klgtz99km.cloudfront.net dizbubza2heg.cloudfront.net	1 MB
10	lytics.io c.lytics.io api.lytics.io	53 KB
10	paradigm-press.info 2 redirects pro.paradigm-press.info orders.paradigm-press.info	68 KB
4	google-analytics.com 2 redirects www.google-analytics.com	18 KB
4	gstatic.com fonts.gstatic.com	53 KB
3	doubleclick.net stats.g.doubleclick.net	339 B
3	amazonaws.com s3-us-west-2.amazonaws.com 10rnpyiva0.execute-api.us-east-1.amazonaws.com	2 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	75 KB
3	kaptcha.com ssl.kaptcha.com	8 KB
2	yimg.com s.yimg.com	5 KB
2	ywxi.net cdn.ywxi.net	6 KB
2	web-purchases.com images.web-purchases.com	36 KB
2	banyanhill.com 2 redirects click2.banyanhill.com	770 B
1	amplitude.com cdn.amplitude.com	23 KB
1	googletagmanager.com www.googletagmanager.com	43 KB
1	googleapis.com fonts.googleapis.com	841 B
76	17

	Domain	Requested by
19	d2z65klgtz99km.cloudfront.net	orders.paradigm-press.info
9	c.lytics.io	orders.paradigm-press.info c.lytics.io images.web-purchases.com
8	d13p2xj50zkyqm.cloudfront.net	orders.paradigm-press.info
8	orders.paradigm-press.info	orders.paradigm-press.info images.web-purchases.com
4	www.google-analytics.com	2 redirects www.googletagmanager.com orders.paradigm-press.info
4	fonts.gstatic.com	images.web-purchases.com orders.paradigm-press.info
3	stats.g.doubleclick.net	orders.paradigm-press.info
3	ssl.kaptcha.com	orders.paradigm-press.info ssl.kaptcha.com
2	10rnpyiva0.execute-api.us-east-1.amazonaws.com	orders.paradigm-press.info
2	s.yimg.com	orders.paradigm-press.info s.yimg.com
2	cdn.ywxi.net	orders.paradigm-press.info
2	images.web-purchases.com	orders.paradigm-press.info
2	pro.paradigm-press.info	2 redirects
2	click2.banyanhill.com	2 redirects
1	api.lytics.io	c.lytics.io
1	vars.hotjar.com	static.hotjar.com
1	dizbubza2heg.cloudfront.net	orders.paradigm-press.info
1	cdn.amplitude.com	orders.paradigm-press.info
1	script.hotjar.com	static.hotjar.com
1	amplifypixel.outbrain.com	orders.paradigm-press.info
1	tr.outbrain.com	orders.paradigm-press.info
1	s3-us-west-2.amazonaws.com	images.web-purchases.com
1	amplify.outbrain.com	orders.paradigm-press.info
1	static.hotjar.com	orders.paradigm-press.info
1	www.googletagmanager.com	d2z65klgtz99km.cloudfront.net
1	fonts.googleapis.com	orders.paradigm-press.info
76	26

This site contains links to these domains. Also see Links.

Domain
d2z65klgtz99km.cloudfront.net
paradigm.press

Subject Issuer	Validity	Valid
www.web-purchases.com Entrust Certification Authority - L1K	`2019-11-25` - `2020-04-24`	5 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
images.web-purchases.com Go Daddy Secure Certificate Authority - G2	`2019-04-29` - `2021-05-03`	2 years	crt.sh
*.ywxi.net Amazon	`2019-09-30` - `2020-10-30`	a year	crt.sh
ssl.kaptcha.com Thawte TLS RSA CA G1	`2019-10-01` - `2021-11-29`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-03-14`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-23` - `2020-01-07`	a month	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-10` - `2020-10-09`	a year	crt.sh
cdn.amplitude.com Amazon	`2018-12-30` - `2020-01-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2019-10-13` - `2020-11-13`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-12-05` - `2020-03-04`	3 months	crt.sh
*.lytics.io DigiCert ECC Secure Server CA	`2019-10-22` - `2020-10-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Frame ID: 40FB9D6D490270554C270BE87DF994F7
Requests: 75 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: FF4366E479CE5654B7720BAB543BCAFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy... HTTP 302
https://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy... HTTP 302
https://pro.paradigm-press.info/m/1423293?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0 HTTP 301
https://pro.paradigm-press.info/o/RDL_TrumpSLO_0719/MRDLVC17?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2... HTTP 301
https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=30... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

76
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

26
Subdomains

25
IPs

6
Countries

1814 kB
Transfer

3001 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/reference.html?guid=0e4bbca0-49f0-f98e-d9f9-a89a54974ced
Title: Photo Reference

Search URL Search Domain Scan URL

URL: https://paradigm.press/terms-and-conditions/?guid=0e4bbca0-49f0-f98e-d9f9-a89a54974ced
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://paradigm.press/contact-us/?guid=0e4bbca0-49f0-f98e-d9f9-a89a54974ced
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy5pbmZvL20vMTQyMzI5Mz9hPTEwJm89NjYzNzYmcz0xNDQwMDQmdT0zMDExNDU3Jmw9MTI1NDI0NiZyPU1DMiZ2aWQ9SnU2M3BSJmc9MA./AQ/6qsd HTTP 302
https://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy5pbmZvL20vMTQyMzI5Mz9hPTEwJm89NjYzNzYmcz0xNDQwMDQmdT0zMDExNDU3Jmw9MTI1NDI0NiZyPU1DMiZ2aWQ9SnU2M3BSJmc9MA./AQ/6qsd HTTP 302
https://pro.paradigm-press.info/m/1423293?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0 HTTP 301
https://pro.paradigm-press.info/o/RDL_TrumpSLO_0719/MRDLVC17?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0 HTTP 301
https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1127891528&t=event&ni=1&_s=1&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&ul=en-us&de=UTF-8&dt=Secure%20Order%20Form&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Engagement&ea=Scroll%20Report&_u=aHBACEABB~&jid=240771278&gjid=1922284195&cid=1284641719.1575777662&tid=UA-138958347-1&_gid=606418896.1575777662&_r=1&gtm=2wgav9NKRVP76&z=1987231185 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=1284641719.1575777662&jid=240771278&_gid=606418896.1575777662&gjid=1922284195&_v=j79&z=1987231185

Request Chain 74

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1127891528&t=event&ni=0&_s=1&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&ul=en-us&de=UTF-8&dt=Secure%20Order%20Form&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Engagement&ea=Customer%20Journey&el=Aware&_u=aHBACEABB~&jid=386950272&gjid=861849051&cid=277442811.1575777671&tid=UA-138958347-1&_gid=1205393268.1575777671&_r=1&gtm=2wgav9NKRVP76&z=197993123 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=277442811.1575777671&jid=386950272&_gid=1205393268.1575777671&gjid=861849051&_v=j79&z=197993123

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set index.htm Show response
orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/
Redirect Chain

http://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy5pbmZvL20vMTQyMzI5Mz9hPTEwJm89NjYzNzYmcz0xNDQwMDQmdT0zMDExNDU3Jmw9MTI1NDI0NiZyPU1DMiZ2aWQ9Sn...
https://click2.banyanhill.com/t/Cg/AAEDSA/AAIyhA/AC3zgQ/LDY/MTI1NDI0NnxodHRwczovL3Byby5wYXJhZGlnbS1wcmVzcy5pbmZvL20vMTQyMzI5Mz9hPTEwJm89NjYzNzYmcz0xNDQwMDQmdT0zMDExNDU3Jmw9MTI1NDI0NiZyPU1DMiZ2aWQ9S...
https://pro.paradigm-press.info/m/1423293?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
https://pro.paradigm-press.info/o/RDL_TrumpSLO_0719/MRDLVC17?a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

198 KB
39 KB

1098ms
518ms

Document
text/html

192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

3a4110811dcd1d235b3a9ac9b78c41b9d0a5b8cb3213ed3a7cb62dfc55e70563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Host: orders.paradigm-press.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Set-Cookie: JSESSIONID=CAB36A0698A81E1E8D8D5E551B76382F; Path=/; Secure; HttpOnly contactId=3011457; Expires=Fri, 06-Dec-2024 04:01:00 GMT TS01f912c8=018090b843fea1d1fbc68032fb3000184c276c3da7ede6a1a1cb5cbe74ef13527c72dd537cadd5c3e1312d47389ef15d51cf4c06dc; Path=/; Secure; HTTPOnly
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache no-store
Content-Type: text/html;charset=UTF-8
Content-Language: en
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 08 Dec 2019 04:01:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Transfer-Encoding: chunked

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Set-Cookie: orderTrackedMRDLVC17=True; expires=Thu, 08-Dec-2039 04:00:59 GMT; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=16070400;
Date: Sun, 08 Dec 2019 04:00:59 GMT
Content-Length: 7830

GET
H2 200 orderformtest.css
d13p2xj50zkyqm.cloudfront.net/scripts/test/ 42 KB
8 KB 9ms
7ms Stylesheet
text/css 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/test/orderformtest.css
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0117a812077d12b75dde327db3c28b20ee62e210d5f4b62e331803b91bce3934

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 05:37:10 GMT
content-encoding: gzip
last-modified: Fri, 02 Feb 2018 19:19:18 GMT
server: nginx
age: 168
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 6cdeHV9ExB_XfXW9LTOJDZQjK3abPVHl4KOfYCTsbRR8ny33-MMcJg==
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 14 KB
841 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,700i,800,800i,900,900i&display=swap

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

098f2ec79b6926e680388ad5c3ff3cb2b3603e925423916420a6310fa8417cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 08 Dec 2019 04:01:00 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 08 Dec 2019 04:01:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 08 Dec 2019 04:01:00 GMT

GET
H/1.1 200
OK namespace.js Show response
orders.paradigm-press.info/ 15 KB
5 KB 285ms
103ms Script
text/javascript 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/namespace.js

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

9afdde3bdf62bd4761a9a163f5abcac73c5c1d8e1308f4beec2b1f297d1c2921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Dec 2018 18:13:32 GMT
ETag: W/"15350-1543947212000"
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000; includeSubDomains
Accept-Ranges: bytes

GET
H2 200 jquery.min.js Show response
images.web-purchases.com/jQuery/ 90 KB
32 KB 49ms
7ms Script
application/javascript 2600:9000:2156:b400:18:2d84:13c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://images.web-purchases.com/jQuery/jquery.min.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:b400:18:2d84:13c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b714dbfe5b4ff767ea2356a41c1284373b91ce8bc15e46252a2b57bb96a9b85

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 01:39:04 GMT
content-encoding: gzip
age: 15301317
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: FAILED
last-modified: Tue, 17 Jul 2018 13:56:28 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1529596170/ctime:1529596170/gid:1000/gname:opiumcdn/md5:efd1530f0d0cb4eda62a4c0ca158ee9c/mode:33188/mtime:1529004835/uid:1000/uname:opiumcdn
vary: Accept-Encoding
x-amz-version-id: s1DzetcRyrvgo_x09Ty7hN5ziqnN48Ca
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 8L2pHq4DBHUQbKrhwpw-xzJC4Yt_PDF4hoKbltZL6taDujChp_1xgA==

GET
H/1.1 200
OK popUpPasswordLightbox.css
orders.paradigm-press.info/css/ 1 KB
1 KB 182ms
97ms Stylesheet
text/css 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/css/popUpPasswordLightbox.css

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

42f47c0ff03d3c1720d2e45187be72c419bf3e1b81625e57c29dea317f4e5620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:00 GMT
Last-Modified: Tue, 04 Dec 2018 18:13:32 GMT
Accept-Ranges: bytes
ETag: W/"1077-1543947212000"
Content-Length: 1077
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/css

GET
H2 200 pp_gtm.js Show response
d2z65klgtz99km.cloudfront.net/ 347 B
704 B 46ms
6ms Script
application/javascript 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2z65klgtz99km.cloudfront.net/pp_gtm.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9cf1ed31985502e9718adb245a6bad6514cd6407b7f96a7e83bb4ce00a43f4c8

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 10:04:54 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2019 17:56:55 GMT
server: nginx
age: 168
x-powered-by: PleskLin
etag: "15b-5884ff14c5c20"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-accel-version: 0.01
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 347
x-amz-cf-id: KI3MClqnGIU7d9axLEyFBAaWo-HpB1585xHDw2iqBDlJXdqW_bdYGg==

GET
H2 200 order.js Show response
d13p2xj50zkyqm.cloudfront.net/scripts/ 83 KB
20 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/order.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d724506ee6e039c011b25aa2aa158dbc1d535cf95ac53e3562f04a1e5463bca5

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Dec 2019 19:40:47 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 19:18:33 GMT
server: nginx
age: 168
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Mj9iTaMXHi6BWIoODsftpnrZFsk9G2LhascjmikEIgdVESW65PijTA==
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)

GET
H2 200 StarBullet.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 619 B
967 B 46ms
7ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/StarBullet.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4fc05c25998022a9adb7c40d4a5d47aac534ebc0e6d4b5a1d3fb14d1cd135514

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "26b-58e86900b6665"
last-modified: Thu, 25 Jul 2019 19:37:56 GMT
x-accel-version: 0.01
age: 168
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 619
x-amz-cf-id: _Z7Houz-MyIy8bNOdSTlXCvzYcbbngBKUvYJuuVrKjctlycEmXvSFQ==
server: nginx

GET
H2 200 RDL_TrumpSLO_01.jpg
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 21 KB
21 KB 48ms
9ms Image
image/jpeg 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_01.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7e910d873f10badd02391f02b4679bf630966a39175b7c33510283b75cdc5a59

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 28 Oct 2019 06:56:05 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0514-53f4"
last-modified: Thu, 25 Jul 2019 19:37:56 GMT
server: nginx
age: 168
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 21492
x-amz-cf-id: Nn7cckEWGh5j4Ebbao4y7toMe-vkmCDw-Ar3tNl0SWzYkVRmYy3KYg==

GET
H2 200 RDL_20_Stars.png
d13p2xj50zkyqm.cloudfront.net/promos/AF/RDL/RDL_Self_Liquidating_Book_Offer/ 17 KB
18 KB 10ms
9ms Image
image/png 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/AF/RDL/RDL_Self_Liquidating_Book_Offer/RDL_20_Stars.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 999962c1fa506ceefe9d63445cd86785c95a9fa7baa5104cd0a444ae43639894

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 09:46:02 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified: Thu, 08 Nov 2018 14:13:53 GMT
server: nginx
age: 169
x-powered-by: PleskLin
etag: "5be444a1-4554"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 17748
x-amz-cf-id: MV84Yl7aTc2NOAqXgi51TZEO0FdC09i8sU21ykAvRJqAoKPSb-Yl5g==

GET
H2 200 RDL_TrumpSLO_02A.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 92 KB
93 KB 10ms
9ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_02A.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 09dc34300ef5e2990379ef16491c02e4d0e7b2f44c443066d9b070c11c1c44cf

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d4439a0-17187"
last-modified: Fri, 02 Aug 2019 13:24:48 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 94599
x-amz-cf-id: mi8c5tMtIJ3HtNHIDN8RuCSyp21peJOncAhKlByP3-cBJHt-9H7ACQ==

GET
H2 200 RDL_TrumpSLO_03A.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 172 KB
172 KB 17ms
16ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_03A.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6aa868d57e66a07df56bd17d2ffffedb7168c05be936e2729375b23d8416f415

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:32 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d4439a0-2aea6"
last-modified: Fri, 02 Aug 2019 13:24:48 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 175782
x-amz-cf-id: khmSOUbsJ1M3v1UAUeWTPVn0c1LHmKPVdJF6K_i9czHC5O0I-wUSXg==

GET
H2 200 RDL_TrumpSLO_MasterclassA.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 112 KB
113 KB 21ms
20ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_MasterclassA.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bfa11138a69595699a6ce497d9cfdc0f890e375189296934e85acba9457f2108

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d4472ec-1c13f"
last-modified: Fri, 02 Aug 2019 17:29:16 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 115007
x-amz-cf-id: EVvbJMG-iOIIMwQoyZ7gfr5ugvLJs1jwC9qgcwq3zNW63abQFkvhjA==

GET
H2 200 RDL_TrumpSLO_04A.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 150 KB
151 KB 24ms
23ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_04A.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3384d7fe2042e2b3e1fe29ca30f386e60054a727b69f4f55d9429fd7b28cce5e

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d4439a0-2592e"
last-modified: Fri, 02 Aug 2019 13:24:48 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 153902
x-amz-cf-id: vYveZx3OgQBnRlx2HN60IWe_PhEZbKA6qdbM1G2SBM80CfMSu6A1lA==

GET
H2 200 RDL_TrumpSLO_05.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 93 KB
94 KB 26ms
25ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_05.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 29803dec7ee873c2a412533ed413cf2bb3470c1559aab94668f984258072f523

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0514-175ed"
last-modified: Thu, 25 Jul 2019 19:37:56 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 95725
x-amz-cf-id: MCG2-comfAtPvwgVFmgbz9uKS0YNCUSAcwhaQVHWZKcG0jegiAQTbA==

GET
H2 200 RDL_TrumpSLO_NewsletterB.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 113 KB
113 KB 28ms
27ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_NewsletterB.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3187c05c19744baa3ffc886662efe2473e04867cfe8bbad32c1a0221bae03f11

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:32 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d483c79-1c385"
last-modified: Mon, 05 Aug 2019 14:26:01 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 115589
x-amz-cf-id: c2NEMsiDlAwfmGg9RdL8QwitO6NAMPSoHJOEaNQ2rV2pZrhUIIyEZw==

GET
H2 200 RDL_TrumpSLO_Test1.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 43 KB
43 KB 10ms
9ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test1.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2dcce0172aa49aca2e968130bcf3307cf923ab685c2b975c005e0ba86918a60c

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:52 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0be7-aa97"
last-modified: Thu, 25 Jul 2019 20:07:03 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 43671
x-amz-cf-id: 6kgSzgqYdJq2jSJy9q4xzHxfWnf0Yu9HYuN_qqFPUDHfZtfjZhdAuQ==

GET
H2 200 RDL_TrumpSLO_Test2.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 43 KB
43 KB 8ms
8ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test2.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 736d6e0d911a2f887880e3c46e73617acdea6f947ead8b87e4af52fd24b13a37

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:52 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0be7-ab60"
last-modified: Thu, 25 Jul 2019 20:07:03 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 43872
x-amz-cf-id: gMJnTskTsPpRHTsyJwMH903X6j-wHyaam_rmg59j81_G7FBlbEmMrA==

GET
H2 200 RDL_TrumpSLO_Test3.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 43 KB
43 KB 9ms
8ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test3.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cdb99aaf7ed89c49635c471ff2b02a9130532cb044f31ab425cda2279b826c23

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:52 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0be7-ab4d"
last-modified: Thu, 25 Jul 2019 20:07:03 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 43853
x-amz-cf-id: Rg-PnPbmXhw2j-2mV8L-aR9xTleT9VHGgEVjc5Q_Z2l9GwwJsnh7-w==

GET
H2 200 RDL_TrumpSLO_Test4.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 17 KB
18 KB 8ms
7ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test4.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 30c042455cad031021d5b7b33257aa6e97c5ab90adf8c83d90b9a281b9353ade

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:52 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3f4821-45cc"
last-modified: Mon, 29 Jul 2019 19:25:21 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 17868
x-amz-cf-id: 5OFiSxgOn_TJKxCZpXa_M8dMWy3G6I9YgRdQVPBhdaiK45zrOnI-7w==

GET
H2 200 RDL_TrumpSLO_Test5.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 17 KB
18 KB 8ms
7ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test5.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: feda2d1b35b2d41e63f058b13f90a051a21be010ce249bdc06f13efef4449504

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 11:43:49 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3f4821-455f"
last-modified: Mon, 29 Jul 2019 19:25:21 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 17759
x-amz-cf-id: QcsOburTsO3rphnZdrsBrM7soQhOL3FmbBpyBavNYlPyXVF-85xikQ==

GET
H2 200 RDL_TrumpSLO_Test6.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 16 KB
17 KB 8ms
7ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test6.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 745a31c52bd326912c0eda75653601f6cc91532b0e4cc3587d8198a4e75ed65e

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 Nov 2019 15:57:52 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3f4821-4111"
last-modified: Mon, 29 Jul 2019 19:25:21 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16657
x-amz-cf-id: qcPzP2mvGpOgyKFccZlrFHloX3EsLIPtmhjkLb4eo6AVztW_NvrwwQ==

GET
H2 200 RDL_TrumpSLO_Test7.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 18 KB
18 KB 8ms
8ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_Test7.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0620cfd755794c02e1fd26da4218322af5256f9db7742bc326b31e48e8730eca

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 22:02:23 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3f4821-4727"
last-modified: Mon, 29 Jul 2019 19:25:21 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 18215
x-amz-cf-id: uxLtiRB1IP4GECZ0gIkazDsmaBiNkZKwzEyxiifs6kzbPWDTl7N1KA==

GET
H2 200 RobertSig.jpg
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 10 KB
10 KB 7ms
7ms Image
image/jpeg 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RobertSig.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ccf3d5ce0557654ba5ec7fba425d5dcf4730ff36a427ef8327c33805089d87eb

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0df5-2885"
last-modified: Thu, 25 Jul 2019 20:15:49 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10373
x-amz-cf-id: ltW2fZzNbgGH7RQjg73NeCYC2br2QJj08OorTVYrw_owDK9qvilmvw==

GET
H2 200 inline.js Show response
cdn.ywxi.net/js/ 4 KB
2 KB 24ms
7ms Script
text/javascript 2600:9000:2043:2400:14:6bfc:5740:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/inline.js?w=90

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2043:2400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

f6a7ec20cf02a4defc5142579cc297c995ca09ccfae8d0e89944ede6c5fac04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
age: 981
x-cache: Hit from cloudfront
content-type: text/javascript; charset=UTF-8
status: 200
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA54
content-length: 1492
via: 1.1 8d84df16ba20ff1d2ca3914948494e04.cloudfront.net (CloudFront)
x-amz-cf-id: j8DBU93px1Os1f-SUiQCNA-g83BQzbtkM1vekVdYVOHKTl5yIqn9pA==
expires: Sun, 08 Dec 2019 04:40:45 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 707ms
166ms Script
text/javascript 52.34.71.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=171440&s=Rk1yTUi-apQefo
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.71.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-34-71-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e667f97f495df178a4fb647cc7474b3f0eec539d769ba63a3868c36fd2d94d4a

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Dec 2019 04:01:01 GMT
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 ccard_1.jpg
d13p2xj50zkyqm.cloudfront.net/promos/images/ 23 KB
23 KB 9ms
8ms Image
image/jpeg 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/images/ccard_1.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5f79a0f73b38b19997bbf96a977df03737abb564c319a844d6346435e620c83d

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 08:57:03 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2018 18:39:03 GMT
server: nginx
age: 169
x-powered-by: PleskLin
etag: "5b464ec7-5b6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 23407
x-amz-cf-id: 8mxVMQNGxp1Kh6OpIMWKJsW6niQk3865s_CtF7zx3xNuSKfGipQA3g==

GET
H2 200 amex_1.jpg
d13p2xj50zkyqm.cloudfront.net/promos/images/ 31 KB
32 KB 7ms
7ms Image
image/jpeg 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/images/amex_1.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ea472b2e234246f15647dfe08498dcd802f6d55d4359c1161f6731a4bb684d35

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 23 Oct 2019 13:45:13 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2018 18:39:03 GMT
server: nginx
age: 169
x-powered-by: PleskLin
etag: "5b464ec7-7d6c"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 32108
x-amz-cf-id: tg3BDVgQlYsGiF6AhIEejETkED9KSKwX6_5XSQZum9J0vLGm1K8QXw==

GET
H2 200 order-2step_cookies.js Show response
d13p2xj50zkyqm.cloudfront.net/scripts/ 5 KB
2 KB 18ms
17ms Script
application/javascript 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/order-2step_cookies.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bcd62f0950bc76f6ca1e5a9d9c8afe97a47557eb4a10c32d8abec9d0fd20c738

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 18:27:45 GMT
content-encoding: gzip
last-modified: Tue, 30 Jan 2018 22:18:28 GMT
server: nginx
age: 168
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: S9wOteZjMaqKd9jGx9fKd85b_OZDYoXu8ro-4higLvGW5as7NaNDVg==
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)

GET
H/1.1 200
OK knockout.js Show response
orders.paradigm-press.info/knockout/ 39 KB
14 KB 313ms
197ms Script
text/javascript 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/knockout/knockout.js

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

e2cc2bbf0f4928353a89c81df4723ed4578be95d80b411696ee30ae51d7a168b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Dec 2018 18:13:32 GMT
ETag: W/"39914-1543947212000"
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000; includeSubDomains
Accept-Ranges: bytes

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,700i,800,800i,900,900i&display=swap
Origin: https://orders.paradigm-press.info

Response headers

date: Tue, 19 Nov 2019 01:08:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1651941
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:08:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
43 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Requested by

Host: d2z65klgtz99km.cloudfront.net
URL: https://d2z65klgtz99km.cloudfront.net/pp_gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a24a2b18d9e109cb01710c2e5db3878308b91e9328ed8fcd1a28bed9927a6a91

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:01 GMT
content-encoding: br
last-modified: Sun, 08 Dec 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 44414
x-xss-protection: 0
expires: Sun, 08 Dec 2019 04:01:01 GMT

GET
H2 200 RDL_TrumpSLO_HLBG.jpg
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 19 KB
19 KB 8ms
8ms Image
image/jpeg 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_HLBG.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 71473238e2ee43e41cfa946320f5769523aac509490022b104024c4f902869c1

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3a0cba-4c39"
last-modified: Thu, 25 Jul 2019 20:10:34 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19513
x-amz-cf-id: zy-W_xA4Ht3-K6jgIGtkt7EwSgIUh4y2wB-8kzqWd96jSna8p4CKmQ==

GET
H2 200 RDL_TrumpSLO_TrumpQuoteBG.png
d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/ 279 KB
279 KB 10ms
8ms Image
image/png 2600:9000:20eb:8400:13:881b:ed80:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2z65klgtz99km.cloudfront.net/RDL/RDL_TrumpSLO_0719/RDL_TrumpSLO_TrumpQuoteBG.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:13:881b:ed80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6dce9027adcbec15eda8c25d13c77a2fae824a30b8bfc33dcde522a2277bfc7f

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 07:52:23 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
etag: "5d3f51f3-45a08"
last-modified: Mon, 29 Jul 2019 20:07:15 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 285192
x-amz-cf-id: wERlSd9TB7JbKMPqlagTgXFdnA90_H4A3fpPbV6e0Qo53tuAwYiCBw==

GET
H2 200 checkmark.png
d13p2xj50zkyqm.cloudfront.net/promos/AF/af_assets/ 283 B
610 B 7ms
7ms Image
image/png 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/AF/af_assets/checkmark.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 80e444188bb93f295a1f3513c4a30a21d83cdf70f6527dd8edd9a66bb45ae4d2

Request headers

Referer: https://d13p2xj50zkyqm.cloudfront.net/scripts/test/orderformtest.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 06:21:23 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
etag: "5a74b76b-11b"
last-modified: Fri, 02 Feb 2018 19:09:31 GMT
server: nginx
age: 169
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 283
x-amz-cf-id: oUMKd7yN78pCM8kMGapPzXEKtelAUMhBnYMdPJ1P-ueb7ymBJDUvKQ==

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,700i,800,800i,900,900i&display=swap
Origin: https://orders.paradigm-press.info

Response headers

date: Wed, 20 Nov 2019 08:18:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:58 GMT
server: sffe
age: 1539740
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12504
x-xss-protection: 0
expires: Thu, 19 Nov 2020 08:18:41 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,700i,800,800i,900,900i&display=swap
Origin: https://orders.paradigm-press.info

Response headers

date: Tue, 19 Nov 2019 01:26:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1650851
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:26:50 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2
fonts.gstatic.com/s/montserrat/v14/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZwjimrqw.woff2

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,700i,800,800i,900,900i&display=swap
Origin: https://orders.paradigm-press.info

Response headers

date: Thu, 21 Nov 2019 20:35:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:00 GMT
server: sffe
age: 1409145
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14028
x-xss-protection: 0
expires: Fri, 20 Nov 2020 20:35:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRVP76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5244
date: Sun, 08 Dec 2019 02:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 08 Dec 2019 04:33:37 GMT

GET
H2 200 hotjar-841312.js Show response
static.hotjar.com/c/ 36 KB
5 KB 59ms
20ms Script
application/javascript 147.75.84.33
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-841312.js?sv=6

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.33 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

Software

openresty /

Resource Hash

ea7ea022b396c5f84e10c21a331cf2ea4c4634ff4edde276581117f685213327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 115
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 5203
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/6c49111ed4a5cbde94ca491ea2fba0b0
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.070
accept-ranges: bytes
section-io-id: a4a9d36eee76d76c5019247919759a5a

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 22ms
8ms Script
application/x-javascript 2.18.234.190
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: be5238c76400fe2da689c27af8d1827067a5f7d06528e441e3596d7ae236ee1d

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Nov 2019 09:04:08 GMT
Server: Apache
ETag: "4d2d4fd9389c5c77c32c897e944ddd21:1574845448"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2578
Expires: Sun, 08 Dec 2019 04:21:01 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
5 KB 13ms
12ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3336
x-amz-server-side-encryption: AES256
status: 200
content-length: 5150
strict-transport-security: max-age=15552000
x-amz-request-id: 79E268F2E23C68B2
x-amz-id-2: hLLAzSSUzeUGEDyfY67yj0436tCGAZCKJt61jGj7Kx/EhmeWXRcPG308W2xf+2t0a5LqPkIzb/I=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/orders.paradigm-press.info/ 213 B
997 B 775ms
265ms XHR
application/json 52.218.200.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/orders.paradigm-press.info/client.json?source=jsmain
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.200.184 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2017d2c5638dab8e6a4a4227f6ac44d451cd65d66fdce7dcb7c00e3043e75297

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Origin: https://orders.paradigm-press.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:02 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: E464F2281B5A01CD
x-amz-replication-status: COMPLETED
Content-Length: 175
x-amz-id-2: eKQD4VHOKRCrr98088Odo69DrNlPkomxZ87lvZgJHXgHE7MeMuh575Ow882iMcuk/PO0RbuR9b0=
Last-Modified: Tue, 03 Dec 2019 05:27:22 GMT
Server: AmazonS3
ETag: "50eb85e6e8d5f7999d9cf36ffa7a46fe"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: xnZP9Pzywtn_03KB_JR3JECNvFDX4JE7
Access-Control-Allow-Origin: https://orders.paradigm-press.info
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1127891528&t=pageview&_s=1&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&ul=en-us&de=UTF-8&dt=Secure%20Order%20Form&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1437979371&gjid=1991789504&cid=169316702.1575777661&tid=UA-138958347-1&_gid=1836800172.1575777661&gtm=2wgav9NKRVP76&z=574722971

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 04:16:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1381468
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
113 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-138958347-1&cid=169316702.1575777661&jid=1437979371&gjid=1991789504&_gid=1836800172.1575777661&_u=YGBAgEAB~&z=1109242818

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 08 Dec 2019 04:01:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10091245.json Show response
s.yimg.com/wi/config/ 2 B
165 B 45ms
45ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10091245.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Origin: https://orders.paradigm-press.info

Response headers

date: Sun, 08 Dec 2019 03:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 74407CA266250276
x-amz-id-2: 2wleYVQLAY95VDLA9tFD0FNQA8ys+UCpwnTtdwSY1nN13zGc9C0eaEuf/PgfoyCCUAcJD39qImA=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 pixel
tr.outbrain.com/ 43 B
359 B 112ms
97ms Image
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=0008aaf7399985de7f2182c3644185f44d&obApiVersion=1.1&obtpVersion=1.1.7&name=PAGE_VIEW&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&optOut=false&bust=010972779493905027

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-cache: MISS, MISS
status: 200
x-traceid: cb0c5848419646b8a19e97587957fcf9
content-length: 60
x-served-by: cache-jfk8121-JFK, cache-fra19157-FRA
x-timer: S1575777661.314594,VS0,VE90
date: Sun, 08 Dec 2019 04:01:01 GMT
content-type: image/gif;
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 104.156.90.21
accept-ranges: bytes, bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
313 B 380ms
95ms Image
image/gif 64.202.112.95
Outbrain

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=0008aaf7399985de7f2182c3644185f44d&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&bust=044806896643524863

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Cache-Control: no-cache
X-TraceId: 4b1a38d639394b92835ae47ec2d2918
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 modules.1563bfc088652f728ad5.js Show response
script.hotjar.com/ 399 KB
70 KB 54ms
18ms Script
application/javascript 147.75.85.99
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.1563bfc088652f728ad5.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-841312.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.85.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-5
Software: /
Resource Hash: 464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:01 GMT
content-encoding: br
last-modified: Thu, 28 Nov 2019 17:38:37 GMT
access-control-allow-origin: *
etag: "6f4d0398872f50ffe1212d1d3fe37a64"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.026
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 264d0db9af710ebcce282138913b25cf
content-length: 70909

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 659ms
164ms XHR
text/plain 52.34.71.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=171440&s=Rk1yTUi-apQefo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.71.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-34-71-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bb8eaf9273a9a06db0fe3365e5440ca57d2527686414300d4132d9e3750acf5b

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Origin: https://orders.paradigm-press.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 08 Dec 2019 04:01:02 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Content-Length: 1973
Content-Type: text/plain; charset=utf-8

GET
H2 200 creditCards_sprite.jpg
images.web-purchases.com/Library-5/ 3 KB
4 KB 7ms
6ms Image
image/jpeg 2600:9000:2156:b400:18:2d84:13c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.web-purchases.com/Library-5/creditCards_sprite.jpg
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:b400:18:2d84:13c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a804105d4e062962aa15f4cbcc6f5e5dcf44468db177dc48cbc12bf63e90ea

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:31 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 151
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: FAILED
content-length: 3300
last-modified: Thu, 07 Dec 2017 11:55:55 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1512646807/ctime:1512646754/gid:0/gname:root/md5:ec808769e9dc0baee950d0d1449a797d/mode:33252/mtime:1323891228/uid:0/uname:root
etag: "ec808769e9dc0baee950d0d1449a797d"
x-amz-version-id: RsyMwGsZKyikgBA6jpwbtbTD7RuG_K8Q
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: vRIuKcrARhAgh2OH191vp_9UZ7IvMxwqEg32Wp6dyRcz4k2rK6HN8A==

GET
H/1.1 200
OK getCountryISO2Code Show response
orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/ 2 B
2 KB 110ms
110ms XHR
text/plain 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/getCountryISO2Code?countryId=1

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Accept-Charset: big5, big5-hkscs, compound_text, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-solaris, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1381, x-ibm1383, x-ibm33722, x-ibm737, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Content-Length: 2
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/plain;charset=ISO-8859-1

GET
H/1.1 200
OK determineIfCountryHasEuVatEnabled Show response
orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/ 5 B
2 KB 109ms
109ms XHR
text/plain 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/determineIfCountryHasEuVatEnabled?countryId=1

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Accept-Charset: big5, big5-hkscs, compound_text, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-solaris, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1381, x-ibm1383, x-ibm33722, x-ibm737, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Content-Length: 5
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/plain;charset=ISO-8859-1

GET
H/1.1 200
OK getCountryISO2Code Show response
orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/ 2 B
2 KB 110ms
110ms XHR
text/plain 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/getCountryISO2Code?countryId=1

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Accept-Charset: big5, big5-hkscs, compound_text, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-solaris, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1381, x-ibm1383, x-ibm33722, x-ibm737, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Content-Length: 2
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/plain;charset=ISO-8859-1

GET
H/1.1 200
OK determineIfCountryHasEuVatEnabled Show response
orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/ 5 B
2 KB 110ms
108ms XHR
text/plain 192.135.136.173
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.paradigm-press.info/rdl_trumpslo_0719/MRDLVC17/determineIfCountryHasEuVatEnabled?countryId=1

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.135.136.173 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),

Reverse DNS

Software

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 04:01:01 GMT
Accept-Charset: big5, big5-hkscs, compound_text, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-solaris, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1381, x-ibm1383, x-ibm33722, x-ibm737, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Content-Length: 5
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: text/plain;charset=ISO-8859-1

GET
H2 200 logo-from-svg.png
d13p2xj50zkyqm.cloudfront.net/promos/ParadigmPress/ 8 KB
8 KB 8ms
7ms Image
image/png 2600:9000:20eb:8e00:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/ParadigmPress/logo-from-svg.png
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8e00:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5735df14e8c877df2ac8223a658601fe3834cd34e30d27a21a7dde7ba761b15b

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 06:31:57 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
etag: "5c48e394-206c"
last-modified: Wed, 23 Jan 2019 21:58:44 GMT
server: nginx
age: 168
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2628000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 8300
x-amz-cf-id: vP_igdnRAxu5lL7rM0iy0G_igyNwXg4vPpXB1_-4sYWyw9qcqN7Ekg==

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/ 45 KB
11 KB 23ms
23ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 919455327fbd3ffa6fc94e1d6e24be7a762bd990907d97ef0844fbf08bdfce8f

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:01 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 541bd5f33a09cbac-VIE
access-control-allow-origin: *

GET
H2 200 amplitude-4.1.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
23 KB 31ms
11ms Script
application/javascript 13.224.197.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.1.0-min.gz.js
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-197-75.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f2442634034675ac1d813fafe849afbc539d8672ee280127f7b4de691a0649

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 24 Oct 2019 23:51:48 GMT
content-encoding: gzip
age: 3816553
x-cache: Hit from cloudfront
status: 200
content-length: 23381
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "dd911bf17b828cc7b163c32407c6b94d"
x-amz-version-id: Ab72F2O7EEayrsY6N3cFncAqh5p3OPFm
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: f57T5loxAU85q3citvwxLox6hDIh_9npHIo7GJa2XkeShVlxac1xUg==

GET
H2 200 profiles.compressed.js Show response
dizbubza2heg.cloudfront.net/js/ 40 KB
40 KB 8ms
7ms Script
application/x-javascript 2600:9000:2156:be00:9:cfaa:a600:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:be00:9:cfaa:a600:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 489188171a22fc5b02d08c6665a05bb30db112085e39570d3f28c941fc3dd049

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 07 Dec 2019 22:53:29 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 14:31:22 GMT
server: nginx/1.4.6 (Ubuntu)
age: 18452
etag: "5dd69fba-9e06"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-edge-o15-rid: iFZTTDILXrGbTwgvIWnAidHMi8qcAMSt2XIWwur4gOn7RaXGWuouaw==
content-length: 40454
x-amz-cf-id: 4wHgjaxkDXbVy5xPOgDIkLcFpyQTFMC-A-SRzGLOWrk02Np3UOZ72g==

OPTIONS
H2 200 setsession Show response
10rnpyiva0.execute-api.us-east-1.amazonaws.com/stageafttracker/ 0
440 B 122ms
96ms XHR
application/json 143.204.101.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://10rnpyiva0.execute-api.us-east-1.amazonaws.com/stageafttracker/setsession
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-43.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://orders.paradigm-press.info
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: x-api-key

Response headers

date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-apigw-id: EXdLtH6CIAMF2Hw=
x-amzn-requestid: 787e7233-6764-4c50-9ccd-216bf2b43046
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: VIKODCsv68T0Q1lmKSk-FQISYSKK_9qGEsmlgJ7EGwTjqGSoHRV8tQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:01 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 03 Dec 2019 23:11:46 GMT
server: cloudflare
age: 1186
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 541bd5f35a48cbac-VIE

GET
H2 200 box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame FF43 0
0 56ms
17ms Document
text/html 147.75.32.75
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-841312.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.75 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-b736908ce6b0e933fad3a2e45df61b38.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Response headers

status: 200
date: Sun, 08 Dec 2019 04:00:59 GMT
content-type: text/html
content-length: 808
cache-control: max-age=31536000
content-encoding: br
last-modified: Thu, 28 Nov 2019 17:38:31 GMT
etag: "ed7551919779fd07dbfe6d776c643379"
section-io-origin-status: 200
section-io-origin-time-seconds: 0.060
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: ae446a81806259a9d24d80253922b2f1

GET
H2 200 7633a10cce24ede709377546c8e3146d Show response
c.lytics.io/cid/ 75 B
181 B 147ms
147ms Script
text/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/cid/7633a10cce24ede709377546c8e3146d?callback=jQuery1640892281405341294_1575777661170&_=1575777661998
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e56a597c50943870609ca63437a75d3ae31b725af2ab96ea880f3d283183d

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/javascript
status: 200
content-encoding: br
cache-control: no-cache, no-store, must-revalidate
cf-ray: 541bd5f38a89cbac-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 7633a10cce24ede709377546c8e3146d Show response
c.lytics.io/cid/ 75 B
224 B 138ms
138ms Script
text/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/cid/7633a10cce24ede709377546c8e3146d?callback=jQuery1640892281405341294_1575777661171&_=1575777661999
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/jQuery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5401351c64152444e7bda1ca73bf728ea1d7d373dbd8a9a06736ca7c8c093e1

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/javascript
status: 200
content-encoding: br
cache-control: no-cache, no-store, must-revalidate
cf-ray: 541bd5f38a8acbac-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 102.svg
cdn.ywxi.net/meter/orders.paradigm-press.info/ 9 KB
4 KB 14ms
13ms Image
image/svg+xml 2600:9000:2043:2400:14:6bfc:5740:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/orders.paradigm-press.info/102.svg?ts=1575350841892

Requested by

Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2043:2400:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

dbdd089399f6f6ff73194a075c8384f829c772ccad7e59051aa2291d299677e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 03:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-amz-cf-pop: FRA54
x-cache: Hit from cloudfront
content-type: image/svg+xml; charset=UTF-8
status: 200
x-xss-protection: 1; mode=block
cache-control: public
content-length: 4201
via: 1.1 8d84df16ba20ff1d2ca3914948494e04.cloudfront.net (CloudFront)
x-amz-cf-id: 7BwqVD8Lr70eXgTn4C-FRaC-CYVWYPgIt_lDmX3sqsOLTMDZW7zWUw==
expires: Sun, 08 Dec 2019 04:58:13 GMT

POST
H2 200 setsession Show response
10rnpyiva0.execute-api.us-east-1.amazonaws.com/stageafttracker/ 4 B
444 B 174ms
174ms XHR
application/json 143.204.101.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://10rnpyiva0.execute-api.us-east-1.amazonaws.com/stageafttracker/setsession
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-43.fra50.r.cloudfront.net
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Origin: https://orders.paradigm-press.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Api-Key: TIGyY7MUOLB92zVnjObDdPiIJIjY7CkKGNi1v000
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 419fd0c5-e3e9-4eff-9f33-12367ac79699
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5dec757e-06bf83bf9918de27a87556a3;Sampled=0
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: EXdLuFb3IAMFaxQ=
content-length: 4
x-amz-cf-id: e2Wjy1hxb22UUK4IBbdQtLU_UHD65Hnl7g6_h9p4wvVAG663mm1q_w==

GET
H2 200 c45935d77327b9ad7088cdfd33cf126a Show response
api.lytics.io/api/me/7633a10cce24ede709377546c8e3146d/_uid/ 99 B
180 B 128ms
128ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/7633a10cce24ede709377546c8e3146d/_uid/c45935d77327b9ad7088cdfd33cf126a?segments=true&callback=window.lio.segmentscb&ts=1575777662140
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io cacc6ea50e731f908bfce5593634be4f84e6034c /
Resource Hash: e395ed4bbb1e12ddcc64d9d0c493bf19142d00c3d90079080a80b1ee1539515e

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:02 GMT
content-encoding: gzip
alt-svc: clear
server: lytics.io cacc6ea50e731f908bfce5593634be4f84e6034c
access-control-allow-origin
access-control-allow-methods: GET
content-type: application/json
status: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 112
via: 1.1 google

GET
H2 200 default
c.lytics.io/c/7633a10cce24ede709377546c8e3146d/ 35 B
94 B 141ms
140ms Image
image/gif 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d/default?gtm.start=1575777661172&event=gtm.js&gtm.uniqueEventId=0&_ts=1575777662140&_nmob=t&_device=desktop&url=orders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&_uid=c45935d77327b9ad7088cdfd33cf126a&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 541bd5f46be9cbac-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/7633a10cce24ede709377546c8e3146d/ 35 B
94 B 139ms
139ms Image
image/gif 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d/default?event=gtm.click&gtm.element=%5Bobject%20HTMLInputElement%5D&gtm.elementClasses=form-control&gtm.elementId=__billingEmailAddress__&gtm.elementTarget=&gtm.elementUrl=&gtm.uniqueEventId=2&_ts=1575777662140&_nmob=t&_device=desktop&url=orders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&_uid=c45935d77327b9ad7088cdfd33cf126a&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 541bd5f46beacbac-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 7633a10cce24ede709377546c8e3146d
c.lytics.io/c/ 35 B
94 B 143ms
143ms Image
image/gif 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_ts=1575777661996&_nmob=t&_device=desktop&url=orders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10%26o%3D66376%26s%3D144004%26u%3D3011457%26l%3D1254246%26r%3DMC2%26vid%3DJu63pR%26g%3D0&_v=2.0.0&_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_uid=445747813bd8dfc79d8c17abdcc0fbe0&_getid=t&_ca=jstag1
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 541bd5f47bfbcbac-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 100 KB
20 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e659c400c6d55212aaa69a21d2fdc1cd0cab643bdd8af9370e1b935ff64b7b3

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 06 Dec 2019 22:40:59 GMT
server: cloudflare
age: 3342
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 541bd5f53d45cbac-VIE

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
243 B 165ms
164ms XHR
text/plain 52.34.71.92
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: orders.paradigm-press.info
URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.71.92 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-34-71-92.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
Origin: https://orders.paradigm-press.info
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 08 Dec 2019 04:01:02 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 0
Expires: 0

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/ 140 KB
16 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/config.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454fb749ef0b0e144a18cfdb51217557500e8730aebc3798c0dbf1d94d5cc26c

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 04:01:02 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 897
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 541bd5f56da0cbac-VIE
access-control-allow-origin: *

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1127891528&t=event&ni=1&_s=1&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=1284641719.1575777662&jid=240771278&_gid=606418896.1575777662&gjid=1922284195&_v=j79&z=1987231185

35 B
113 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=1284641719.1575777662&jid=240771278&_gid=606418896.1575777662&gjid=1922284195&_v=j79&z=1987231185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 08 Dec 2019 04:01:02 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=1284641719.1575777662&jid=240771278&_gid=606418896.1575777662&gjid=1922284195&_v=j79&z=1987231185
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1127891528&t=event&ni=0&_s=1&dl=https%3A%2F%2Forders.paradigm-press.info%2FRDL_TrumpSLO_0719%2FMRDLVC17%2Findex.htm%3FpageNumber%3D2%26a%3D10...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=277442811.1575777671&jid=386950272&_gid=1205393268.1575777671&gjid=861849051&_v=j79&z=197993123

35 B
113 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=277442811.1575777671&jid=386950272&_gid=1205393268.1575777671&gjid=861849051&_v=j79&z=197993123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 08 Dec 2019 04:01:11 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Dec 2019 04:01:11 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-138958347-1&cid=277442811.1575777671&jid=386950272&_gid=1205393268.1575777671&gjid=861849051&_v=j79&z=197993123
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
orders.paradigm-press.info/	1970-01-19 14:28:33	Name: cdn.14west.171440.ka.ck Value: a97f164196bf8e7ed83e9f03cf89b0ef1a69a5af1fc1d3a258a8b4eae153e1ff6de527c1c124b71a34c96304b44e2b8babc6e66ce1e83607873acc6eae7db0b168e129212ab687ebf5e563c3008ed07691f9f08289a2c83b3a323928507dabe69c3464e343ebf19b350f399c1d4ea746c211a03a0fb8215ec9e6945e5f3b4a1cb5d9198ae4f1f8f4f3fea556e3626b7219ea58ee542688bcc001
.paradigm-press.info/	1970-01-19 07:52:33	Name: seerid Value: 445747813bd8dfc79d8c17abdcc0fbe0
.orders.paradigm-press.info/	1970-01-19 05:42:59	Name: seerses Value: e
.paradigm-press.info/	1970-01-19 05:42:59	Name: seerses Value: e
.paradigm-press.info/	1970-01-19 05:43:04	Name: af_guid Value: 0e4bbca0-49f0-f98e-d9f9-a89a54974ced
orders.paradigm-press.info/	1969-12-31 23:59:59	Name: TS01f912c8 Value: 018090b8431ba383ce0c69fcd22b45b1f1650d2f1db1f8ed6d5c524b12997f0c8ef40dcce8d7cfdef481634d26127711e4e8079d9e
orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17	1969-12-31 23:59:59	Name: Value: cofAdjust
.paradigm-press.info/	1970-01-22 21:18:57	Name: amplitude_id_f5f7a5aa4184039fb326339252681a8dparadigm-press.info Value: eyJkZXZpY2VJZCI6Ijc5NWZmOTQ4LTEwZDItNDE4ZC1hN2U1LWE3NGM0MjI4M2RjNlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU3NTc3NzY2MTk5MywibGFzdEV2ZW50VGltZSI6MTU3NTc3NzY2MTk5MywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
orders.paradigm-press.info/	1970-01-19 05:42:58	Name: ly_segs Value: %7B%22all%22%3A%22all%22%2C%22not_found%22%3A%22not_found%22%7D
.orders.paradigm-press.info/	1970-01-19 07:52:33	Name: seerid Value: 445747813bd8dfc79d8c17abdcc0fbe0
orders.paradigm-press.info/	1969-12-31 23:59:59	Name: JSESSIONID Value: CE4B51D4B522D2B33573D825A387EEEA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/order.js(Line 204) Message: noGTM
console-api	log	URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0(Line 1590) Message: Country Code is now: US Locale is now: en-US
console-api	log	URL: https://orders.paradigm-press.info/RDL_TrumpSLO_0719/MRDLVC17/index.htm?pageNumber=2&a=10&o=66376&s=144004&u=3011457&l=1254246&r=MC2&vid=Ju63pR&g=0(Line 2497) Message: Country Code is now: US Locale is now: en-US
console-api	log	URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/order.js(Line 1586) Message: ar checkbox for onepage

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10rnpyiva0.execute-api.us-east-1.amazonaws.com
amplify.outbrain.com
amplifypixel.outbrain.com
api.lytics.io
c.lytics.io
cdn.amplitude.com
cdn.ywxi.net
click2.banyanhill.com
d13p2xj50zkyqm.cloudfront.net
d2z65klgtz99km.cloudfront.net
dizbubza2heg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
images.web-purchases.com
orders.paradigm-press.info
pro.paradigm-press.info
s.yimg.com
s3-us-west-2.amazonaws.com
script.hotjar.com
ssl.kaptcha.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
13.224.197.75
143.204.101.43
147.75.32.75
147.75.84.33
147.75.85.99
151.101.14.2
192.135.136.169
192.135.136.173
199.114.7.34
2.18.234.190
2600:9000:2043:2400:14:6bfc:5740:93a1
2600:9000:20eb:8400:13:881b:ed80:21
2600:9000:20eb:8e00:1:b0bf:f780:21
2600:9000:2156:b400:18:2d84:13c0:93a1
2600:9000:2156:be00:9:cfaa:a600:21
2606:4700:20::681a:316
2a00:1288:f03d:1fa::2000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:821::2003
2a00:1450:4001:824::200a
2a00:1450:400c:c00::9a
35.227.192.113
52.218.200.184
52.34.71.92
64.202.112.95
0117a812077d12b75dde327db3c28b20ee62e210d5f4b62e331803b91bce3934
058ad65bc23b5e89eede33126fb52fc00466b31434705b8052e5d776e9170a2a
0620cfd755794c02e1fd26da4218322af5256f9db7742bc326b31e48e8730eca
098f2ec79b6926e680388ad5c3ff3cb2b3603e925423916420a6310fa8417cc1
09dc34300ef5e2990379ef16491c02e4d0e7b2f44c443066d9b070c11c1c44cf
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
2017d2c5638dab8e6a4a4227f6ac44d451cd65d66fdce7dcb7c00e3043e75297
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
29803dec7ee873c2a412533ed413cf2bb3470c1559aab94668f984258072f523
2dcce0172aa49aca2e968130bcf3307cf923ab685c2b975c005e0ba86918a60c
30c042455cad031021d5b7b33257aa6e97c5ab90adf8c83d90b9a281b9353ade
3187c05c19744baa3ffc886662efe2473e04867cfe8bbad32c1a0221bae03f11
3384d7fe2042e2b3e1fe29ca30f386e60054a727b69f4f55d9429fd7b28cce5e
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3a4110811dcd1d235b3a9ac9b78c41b9d0a5b8cb3213ed3a7cb62dfc55e70563
42f47c0ff03d3c1720d2e45187be72c419bf3e1b81625e57c29dea317f4e5620
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454fb749ef0b0e144a18cfdb51217557500e8730aebc3798c0dbf1d94d5cc26c
464f98ed0cc4bd0a6f0858a99c60f2e018645009265ed955a0a2eb0f5ca81e00
489188171a22fc5b02d08c6665a05bb30db112085e39570d3f28c941fc3dd049
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4fc05c25998022a9adb7c40d4a5d47aac534ebc0e6d4b5a1d3fb14d1cd135514
5735df14e8c877df2ac8223a658601fe3834cd34e30d27a21a7dde7ba761b15b
5f79a0f73b38b19997bbf96a977df03737abb564c319a844d6346435e620c83d
68f2442634034675ac1d813fafe849afbc539d8672ee280127f7b4de691a0649
6aa868d57e66a07df56bd17d2ffffedb7168c05be936e2729375b23d8416f415
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b714dbfe5b4ff767ea2356a41c1284373b91ce8bc15e46252a2b57bb96a9b85
6dce9027adcbec15eda8c25d13c77a2fae824a30b8bfc33dcde522a2277bfc7f
6e659c400c6d55212aaa69a21d2fdc1cd0cab643bdd8af9370e1b935ff64b7b3
71473238e2ee43e41cfa946320f5769523aac509490022b104024c4f902869c1
736d6e0d911a2f887880e3c46e73617acdea6f947ead8b87e4af52fd24b13a37
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745a31c52bd326912c0eda75653601f6cc91532b0e4cc3587d8198a4e75ed65e
74a804105d4e062962aa15f4cbcc6f5e5dcf44468db177dc48cbc12bf63e90ea
7e910d873f10badd02391f02b4679bf630966a39175b7c33510283b75cdc5a59
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
80e444188bb93f295a1f3513c4a30a21d83cdf70f6527dd8edd9a66bb45ae4d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
919455327fbd3ffa6fc94e1d6e24be7a762bd990907d97ef0844fbf08bdfce8f
999962c1fa506ceefe9d63445cd86785c95a9fa7baa5104cd0a444ae43639894
9afdde3bdf62bd4761a9a163f5abcac73c5c1d8e1308f4beec2b1f297d1c2921
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
9cf1ed31985502e9718adb245a6bad6514cd6407b7f96a7e83bb4ce00a43f4c8
a24a2b18d9e109cb01710c2e5db3878308b91e9328ed8fcd1a28bed9927a6a91
b5401351c64152444e7bda1ca73bf728ea1d7d373dbd8a9a06736ca7c8c093e1
bb8eaf9273a9a06db0fe3365e5440ca57d2527686414300d4132d9e3750acf5b
bcd62f0950bc76f6ca1e5a9d9c8afe97a47557eb4a10c32d8abec9d0fd20c738
be5238c76400fe2da689c27af8d1827067a5f7d06528e441e3596d7ae236ee1d
bfa11138a69595699a6ce497d9cfdc0f890e375189296934e85acba9457f2108
ccf3d5ce0557654ba5ec7fba425d5dcf4730ff36a427ef8327c33805089d87eb
cd1e56a597c50943870609ca63437a75d3ae31b725af2ab96ea880f3d283183d
cdb99aaf7ed89c49635c471ff2b02a9130532cb044f31ab425cda2279b826c23
d724506ee6e039c011b25aa2aa158dbc1d535cf95ac53e3562f04a1e5463bca5
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbdd089399f6f6ff73194a075c8384f829c772ccad7e59051aa2291d299677e9
e2cc2bbf0f4928353a89c81df4723ed4578be95d80b411696ee30ae51d7a168b
e395ed4bbb1e12ddcc64d9d0c493bf19142d00c3d90079080a80b1ee1539515e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e667f97f495df178a4fb647cc7474b3f0eec539d769ba63a3868c36fd2d94d4a
ea472b2e234246f15647dfe08498dcd802f6d55d4359c1161f6731a4bb684d35
ea7ea022b396c5f84e10c21a331cf2ea4c4634ff4edde276581117f685213327
f6a7ec20cf02a4defc5142579cc297c995ca09ccfae8d0e89944ede6c5fac04a
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
feda2d1b35b2d41e63f058b13f90a051a21be010ce249bdc06f13efef4449504

orders.paradigm-press.info Open in urlscan Pro 192.135.136.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

48 %IPv6

17 Domains

26 Subdomains

25 IPs

6 Countries

1814 kBTransfer

3001 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

orders.paradigm-press.info Open in urlscan Pro
192.135.136.173 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

26
Subdomains

25
IPs

6
Countries

1814 kB
Transfer

3001 kB
Size

11
Cookies

76 HTTP transactions
0 data transactions