Overview

URLparadigmtc.tech/
IP 151.101.130.159 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-04 22:37:48 UTC
StatusLoading report..
IDS alerts0
Blocklist alert7
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-04 05:51:42 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.83.187
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
fonts.gstatic.com (7) 0 2014-09-09 00:40:21 UTC 2022-11-04 19:23:08 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-04 10:50:22 UTC 142.250.74.164
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
img-getpocket.cdn.mozilla.net (8) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-04 11:20:42 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
paradigmtc.tech (30) 0 2019-08-05 05:06:42 UTC 2022-10-04 10:01:55 UTC 151.101.130.159 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-04 2 paradigmtc.tech/ Phishing
2022-11-04 2 paradigmtc.tech/ Phishing
2022-11-04 2 paradigmtc.tech/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 Phishing
2022-11-04 2 paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.j (...) Phishing
2022-11-04 2 paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ve (...) Phishing
2022-11-04 2 paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-11-04 2 paradigmtc.tech/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 151.101.130.159
Date UQ / IDS / BL URL IP
2023-02-01 11:59:19 +0000 0 - 6 - 0 www.benningtongreen.co.uk/ 151.101.130.159
2023-01-28 20:01:01 +0000 0 - 2 - 0 www.doktor.se/ 151.101.130.159
2023-01-26 21:20:46 +0000 0 - 3 - 0 toronto.iabc.to/wp-login.php 151.101.130.159
2023-01-22 05:06:45 +0000 0 - 0 - 13 franosbarbershop.com/wp-content/verif.accs.se (...) 151.101.130.159
2023-01-14 22:19:11 +0000 0 - 0 - 2 infusetheplanet.com/wp-content/themes/twentys (...) 151.101.130.159


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-02-02 02:04:19 +0000 0 - 0 - 6 sneha8898.github.io/fbclone/ 185.199.108.153
2023-02-02 02:02:54 +0000 3 - 0 - 4 required-form.firebaseapp.com/next/posts/1005 (...) 199.36.158.100
2023-02-02 02:01:17 +0000 0 - 0 - 2 meghabhatt0529.github.io/NetflixClone/ 185.199.110.153
2023-02-02 01:54:56 +0000 3 - 0 - 3 zikoooooo3.firebaseapp.com/ 199.36.158.100
2023-02-02 01:54:36 +0000 3 - 0 - 3 zikoooooo3.web.app/ 199.36.158.100


Last 1 reports on domain: paradigmtc.tech
Date UQ / IDS / BL URL IP
2022-11-04 22:37:48 +0000 0 - 0 - 7 paradigmtc.tech/ 151.101.130.159


No other reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (5)
#1 JavaScript::Eval (size: 15598) - SHA256: 5e98214e0abbdd815117694f4ba8fa352052ada859b5f327e5d5f65a3166d9a4
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var T = this || self,
        n = function(D, A) {
            if ((A = (D = null, T.trustedTypes), !A) || !A.createPolicy) return D;
            try {
                D = A.createPolicy("bg", {
                    createHTML: e,
                    createScript: e,
                    createScriptURL: e
                })
            } catch (I) {
                T.console && T.console.error(I.message)
            }
            return D
        },
        e = function(D) {
            return D
        };
    (0, eval)(function(D, A) {
        return (A = n()) && 1 === D.eval(A.createScript("1")) ? function(I) {
            return A.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(T)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var u=function(A,I,D,n,M,T,e,g,h){if((D.J+=(((g=(M=(e=(h=(A||D.v++,0<D.R&&D.W&&D.FY&&1>=D.O&&!D.D&&!D.T&&(!A||1<D.Y-I))&&0==document.hidden,T=4==D.v)||h?D.H():D.u,e-D.u),M)>>14,D).I&&(D.I^=g*(M<<2)),D).h=g||D.h,g),T)||h)D.u=e,D.v=0;if(!h||e-D.C<D.R-(n?255:A?5:2))return false;return(d(D,411,(n=B(D,(D.Y=I,A?415:411)),D.A)),D.G).push([DG,n,A?I+1:I]),D.T=p,true},X,j0=function(A,I){return A[I]<<24|A[(I|0)+1]<<16|A[(I|0)+2]<<8|A[(I|0)+3]},B=function(A,I){if(A=A.U[I],void 0===A)throw[w,30,I];if(A.value)return A.create();return A.create(5*I*I+-98*I+-22),A.prototype},I3=function(A,I){if((I=q.trustedTypes,A=null,!I)||!I.createPolicy)return A;try{A=I.createPolicy("bg",{createHTML:Au,createScript:Au,createScriptURL:Au})}catch(D){q.console&&q.console.error(D.message)}return A},U=function(A,I,D){D[d(A,I,D),TH]=2796},gn=function(A,I,D,n){return B((d(D,((n=B(D,411),D.s)&&n<D.A?(d(D,411,D.A),e0(D,A)):d(D,411,A),ng(D,I),411),n),D),141)},hu=function(A,I,D,n,M,T){for(M=((D=(n=A[sL]||{},c(A)),n.qK=c(A),n).g=[],A).h==A?(P(A)|0)-1:1,I=c(A),T=0;T<M;T++)n.g.push(c(A));for(n.P=B(A,D);M--;)n.g[M]=B(A,n.g[M]);return n.UH=B(A,I),n},MO=function(A,I){(I.push(A[0]<<24|A[1]<<16|A[2]<<8|A[3]),I).push(A[4]<<24|A[5]<<16|A[6]<<8|A[7]),I.push(A[8]<<24|A[9]<<16|A[10]<<8|A[11])},Bh=function(A,I,D,n){function M(){}return n=a3(A,(D=void 0,function(T){M&&(I&&p(I),D=T,M(),M=void 0)}),!!I)[0],{invoke:function(T,e,g,h){function a(){D(function(Y){p(function(){T(Y)})},g)}if(!e)return e=n(g),T&&T(e),e;D?a():(h=M,M=function(){p((h(),a))})}}},Y0=function(A,I,D){if(3==A.length){for(D=0;3>D;D++)I[D]+=A[D];for(D=(A=[13,8,13,12,16,5,3,10,15],0);9>D;D++)I[3](I,D%3,A[D])}},e0=function(A,I){d(((A.fe.push(A.U.slice()),A).U[411]=void 0,A),411,I)},pg=function(A,I){return x[A](x.prototype,{floor:I,call:I,pop:I,propertyIsEnumerable:I,console:I,parent:I,length:I,document:I,prototype:I,replace:I,splice:I,stack:I})},E=function(A,I,D){D=this;try{ul(A,I,this)}catch(n){k(this,n),I(function(M){M(D.F)})}},q=this||self,o3=function(A,I){return(I=I.create().shift(),A.D).create().length||A.j.create().length||(A.D=void 0,A.j=void 0),I},a3=function(A,I,D,n){return(n=l[A.substring(0,3)+"_"])?n(A.substring(3),I,D):y1(A,I)},GH=function(A,I,D){if((D=typeof A,"object")==D)if(A){if(A instanceof Array)return"array";if(A instanceof Object)return D;if(I=Object.prototype.toString.call(A),"[object Window]"==I)return"object";if("[object Array]"==I||"number"==typeof A.length&&"undefined"!=typeof A.splice&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("splice"))return"array";if("[object Function]"==I||"undefined"!=typeof A.call&&"undefined"!=typeof A.propertyIsEnumerable&&!A.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==D&&"undefined"==typeof A.call)return"object";return D},mt=function(A,I){return I=P(A),I&128&&(I=I&127|P(A)<<7),I},Wh=function(A,I,D,n,M,T){function e(){if(D.h==D){if(D.U){var g=[r,n,A,void 0,M,T,arguments];if(2==I)var h=C(D,false,(F(D,g),false));else if(1==I){var a=!D.G.length;F(D,g),a&&C(D,false,false)}else h=Xy(g,D);return h}M&&T&&M.removeEventListener(T,e,O)}}return e},c=function(A,I){if(A.D)return o3(A,A.j);return(I=z(A,8,true),I)&128&&(I^=128,A=z(A,2,true),I=(I<<2)+(A|0)),I},Xy=function(A,I,D,n,M){if((D=A[0],D)==J)I.X=25,I.i(A);else if(D==v){M=A[1];try{n=I.F||I.i(A)}catch(T){k(I,T),n=I.F}M(n)}else if(D==DG)I.i(A);else if(D==K)I.i(A);else if(D==Q1){try{for(n=0;n<I.N.length;n++)try{M=I.N[n],M[0][M[1]](M[2])}catch(T){}}catch(T){}(0,A[1])(function(T,e){I.o(T,true,e)},(I.N=[],function(T){F(I,(T=!I.G.length,[wn])),T&&C(I,false,true)}))}else{if(D==r)return n=A[2],d(I,103,A[6]),d(I,141,n),I.i(A);D==wn?(I.U=null,I.K=[],I.s=[]):D==TH&&"loading"===q.document.readyState&&(I.T=function(T,e){function g(){e||(e=true,T())}q.document.addEventListener("DOMContentLoaded",g,(e=false,O)),q.addEventListener("load",g,O)})}},P=function(A){return A.D?o3(A,A.j):z(A,8,true)},ng=function(A,I,D,n,M,T){if(!A.F){A.O++;try{for(T=void 0,D=0,M=A.A;--I;)try{if(n=void 0,A.D)T=o3(A,A.D);else{if(D=B(A,411),D>=M)break;T=B(A,(n=c((d(A,415,D),A)),n))}u(false,(T&&T[wn]&2048?T(A,I):V(A,[w,21,n],0),I),A,false)}catch(e){B(A,27)?V(A,e,22):d(A,27,e)}if(!I){if(A.Da){ng(A,(A.O--,342722082906));return}V(A,[w,33],0)}}catch(e){try{V(A,e,22)}catch(g){k(A,g)}}A.O--}},k=function(A,I){A.F=((A.F?A.F+"~":"E:")+I.message+":"+I.stack).slice(0,2048)},il=function(A,I,D,n,M){for(M=I=(A=A.replace(/\\r\\n/g,"\\n"),0),n=[];I<A.length;I++)D=A.charCodeAt(I),128>D?n[M++]=D:(2048>D?n[M++]=D>>6|192:(55296==(D&64512)&&I+1<A.length&&56320==(A.charCodeAt(I+1)&64512)?(D=65536+((D&1023)<<10)+(A.charCodeAt(++I)&1023),n[M++]=D>>18|240,n[M++]=D>>12&63|128):n[M++]=D>>12|224,n[M++]=D>>6&63|128),n[M++]=D&63|128);return n},Au=function(A){return A},qO=function(A,I,D){return(D=x[A.V](A.AG),D)[A.V]=function(){return I},D.concat=function(n){I=n},D},UL=function(A,I,D,n){for(n=(D=c(I),0);0<A;A--)n=n<<8|P(I);d(I,D,n)},ZG=function(A,I,D,n){S(L(A,(n=(D=c(I),c(I)),B(I,D))),I,n)},Hh=function(A,I,D){return I.o(function(n){D=n},false,A),D},L=function(A,I,D,n){for(D=(n=(A|0)-1,[]);0<=n;n--)D[(A|0)-1-(n|0)]=I>>8*n&255;return D},$0=function(A,I,D,n,M){for(n=0,M=A[2]|0,A=A[3]|0;14>n;n++)D=D>>>8|D<<24,D+=I|0,D^=M+2229,A=A>>>8|A<<24,I=I<<3|I>>>29,I^=D,A+=M|0,A^=n+2229,M=M<<3|M>>>29,M^=A;return[I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255,D>>>24&255,D>>>16&255,D>>>8&255,D>>>0&255]},S=function(A,I,D,n,M,T){if(I.h==I)for(T=B(I,D),114==D?(D=function(e,g,h,a){if(T.ne!=(h=(a=T.length,(a|0)-4>>3),h)){g=(h=(T.ne=h,h<<3)-4,[0,0,M[1],M[2]]);try{T.VZ=$0(g,j0(T,h),j0(T,(h|0)+4))}catch(Y){throw Y;}}T.push(T.VZ[a&7]^e)},M=B(I,352)):D=function(e){T.push(e)},n&&D(n&255),I=0,n=A.length;I<n;I++)D(A[I])},f=function(A,I){for(I=[];A--;)I.push(255*Math.random()|0);return I},C=function(A,I,D,n,M,T){if(A.G.length){A.W=!(A.FY=(A.W&&0(),D),0);try{n=A.H(),A.u=n,A.C=n,A.v=0,T=ch(A,D),M=A.H()-A.C,A.Z+=M,M<(I?0:10)||0>=A.X--||(M=Math.floor(M),A.K.push(254>=M?M:254))}finally{A.W=false}return T}},x0=function(A,I,D,n,M,T,e,g){return((T=x[(n=[10,(e=(M=Ph,A&7),-98),54,77,21,-31,n,51,-77,74],I).V](I.hG),T)[I.V]=function(h){e+=(g=h,6+7*A),e&=7},T).concat=function(h){return(h=(g=(h=+e- -5390*(h=D%16+1,D)*g+55*g*g-275*D*D*g- -1210*g+(M()|0)*h+n[e+19&7]*D*h-h*g+5*D*D*h,void 0),n[h]),n)[(e+45&7)+(A&2)]=h,n[e+(A&2)]=-98,h},T},z=function(A,I,D,n,M,T,e,g,h,a,Y,y,Q,m){if((h=B(A,411),h)>=A.A)throw[w,31];for(Q=(m=h,Y=(y=0,I),A.S5.length);0<Y;)n=m%8,e=m>>3,T=8-(n|0),T=T<Y?T:Y,M=A.s[e],D&&(g=A,g.S!=m>>6&&(g.S=m>>6,a=B(g,394),g.L=$0([0,0,a[1],a[2]],g.I,g.S)),M^=A.L[e&Q]),y|=(M>>8-(n|0)-(T|0)&(1<<T)-1)<<(Y|0)-(T|0),Y-=T,m+=T;return d(A,411,(h|(D=y,0))+(I|0)),D},ch=function(A,I,D,n){for(;A.G.length;){D=(A.T=null,A.G.pop());try{n=Xy(D,A)}catch(M){k(A,M)}if(I&&A.T){(I=A.T,I)(function(){C(A,true,true)});break}}return n},p=q.requestIdleCallback?function(A){requestIdleCallback(function(){A()},{timeout:4})}:q.setImmediate?function(A){setImmediate(A)}:function(A){setTimeout(A,0)},l,y1=function(A,I){return[(I(function(D){D(A)}),function(){return A})]},d=function(A,I,D){if(411==I||415==I)A.U[I]?A.U[I].concat(D):A.U[I]=qO(A,D);else{if(A.B&&394!=I)return;161==I||114==I||437==I||261==I||352==I?A.U[I]||(A.U[I]=x0(118,A,I,D)):A.U[I]=x0(121,A,I,D)}394==I&&(A.I=z(A,32,false),A.S=void 0)},F=function(A,I){A.G.splice(0,0,I)},ul=function(A,I,D,n,M){for(n=(M=((D.hG=pg((D.by=k0,D.kb=(D.S5=D[v],bl),D.V),{get:function(){return this.concat()}}),D).AG=x[D.V](D.hG,{value:{value:{}}}),[]),0);289>n;n++)M[n]=String.fromCharCode(n);C(D,(F(D,(F((F(D,(U(D,(d(D,239,(U(D,331,(U(D,(U(D,144,(U(D,(U(D,17,(U(D,(U(D,325,(d(D,161,[160,(d(D,(U(D,(D.sH=(U(D,(U(D,223,(d(D,424,(d(D,143,(U(D,(d(D,434,(d(D,352,(U(D,(U(D,194,(U(D,370,(d(D,437,(U(D,95,((U(D,154,(U((U(D,21,(U(D,(U(D,175,(U(D,129,(U(D,280,(d((d(D,100,(D.iy=(d(D,141,(U((U(D,(D.j5=(d(D,(d(D,(D.T=(D.FY=false,(D.O=0,D.G=[],D.D=(D.zX=function(T){this.h=T},D.B=false,D.C=0,void 0),(D.fe=[],D).j=(D.R=((D.F=void 0,D).J=1,0),n=(D.W=false,D.X=25,window.performance||{}),D.N=[],(D.h=D,D).L=void 0,(D.QZ=0,D.Z=0,D.s=[],D).S=((D.Y=8001,D).v=void 0,void 0),D.U=[],void 0),D.A=(D.u=(D.K=[],0),0),D).I=void 0,D.Hn=n.timeOrigin||(n.timing||{}).navigationStart||0,null),411),0),415),0),0),U(D,483,function(){}),360),function(T,e,g,h){h=(e=B(T,(g=(h=(e=c(T),c(T)),c(T)),e)),B(T,h)),d(T,g,e in h|0)}),D),202,function(T,e,g,h){d(T,(g=B(T,(h=B(T,(e=(h=c((g=c(T),T)),c(T)),h)),g))==h,e),+g)}),{})),0),0)),D),27,438),function(T,e,g,h,a){for(h=c(T),g=mt(T),a=[],e=0;e<g;e++)a.push(P(T));d(T,h,a)})),function(T,e,g,h,a,Y){u(true,e,T,false)||(g=hu(T.h),e=g.qK,h=g.UH,Y=g.g,a=Y.length,g=g.P,h=0==a?new h[g]:1==a?new h[g](Y[0]):2==a?new h[g](Y[0],Y[1]):3==a?new h[g](Y[0],Y[1],Y[2]):4==a?new h[g](Y[0],Y[1],Y[2],Y[3]):2(),d(T,e,h))})),function(T,e,g,h){if(e=T.fe.pop()){for(g=P(T);0<g;g--)h=c(T),e[h]=T.U[h];T.U=(e[424]=(e[261]=T.U[261],T.U)[424],e)}else d(T,411,T.A)})),127),function(T,e,g,h){!u(true,e,T,false)&&(e=hu(T),g=e.P,h=e.UH,T.h==T||g==T.zX&&h==T)&&(d(T,e.qK,g.apply(h,e.g)),T.u=T.H())}),function(T,e,g,h,a,Y,y){for(Y=(h=(g=mt((e=c(T),T)),a="",y=B(T,322),y.length),0);g--;)Y=((Y|0)+(mt(T)|0))%h,a+=M[y[Y]];d(T,e,a)})),D),336,function(T){ll(4,T)}),function(T,e){e0((e=B(T,c(T)),T.h),e)})),U(D,69,function(T){ll(3,T)}),U)(D,6,function(T,e,g){d(T,(g=GH((g=B(T,(g=c(T),e=c(T),g)),g)),e),g)}),function(T,e,g,h,a){d(T,(e=B(T,(h=B((a=B(T,(a=(e=c((h=c((g=c(T),T)),T)),c(T)),a)),T),h),e)),g),Wh(e,a,T,h))})),[])),function(T){ZG(1,T)})),function(T,e,g,h){(h=c((e=(g=c(T),P(T)),T)),d)(T,h,B(T,g)>>>e)})),201),function(T,e,g,h){d(T,(g=B(T,(e=B(T,(e=c(T),h=c(T),e)),h)),h),g+e)}),[0,0,0])),0)),151),function(T,e,g,h){(h=(e=c(T),c)(T),g=c(T),T).h==T&&(g=B(T,g),h=B(T,h),B(T,e)[h]=g,394==e&&(T.S=void 0,2==h&&(T.I=z(T,32,false),T.S=void 0)))}),q)),2048)),function(T,e,g,h){d(T,(e=(h=c((g=c(T),T)),c(T)),e),B(T,g)||B(T,h))})),215),function(T,e,g){u(true,e,T,false)||(e=c(T),g=c(T),d(T,g,function(h){return eval(h)}(EL(B(T.h,e)))))}),0),86),function(T,e,g,h){g=B(T,(e=c((g=c(T),T)),h=c(T),g)),e=B(T,e),d(T,h,g[e])}),261),[]),0),0]),function(T,e){T=B((e=c(T),T).h,e),T[0].removeEventListener(T[1],T[2],O)})),145),function(T){UL(4,T)}),function(T,e,g,h,a,Y){if(!u(true,e,T,true)){if("object"==GH((T=(g=B((Y=(e=(e=(Y=c(T),g=c(T),c(T)),a=c(T),B(T,e)),B(T,Y)),T),g),B(T,a)),Y))){for(h in a=[],Y)a.push(h);Y=a}for(a=(e=0<e?e:1,h=0,Y).length;h<a;h+=e)g(Y.slice(h,(h|0)+(e|0)),T)}})),171),function(T,e,g,h,a,Y,y,Q,m,Z,W,G){function N(H,b){for(;y<H;)m|=P(T)<<y,y+=8;return b=m&(y-=H,(1<<H)-1),m>>=H,b}for(G=(W=(Z=(h=(y=(g=c(T),m=0),(N(3)|0)+1),N)(5),0),Q=[],0);G<Z;G++)Y=N(1),Q.push(Y),W+=Y?0:1;for(G=(e=(W=((W|0)-1).toString(2).length,[]),0);G<Z;G++)Q[G]||(e[G]=N(W));for(W=0;W<Z;W++)Q[W]&&(e[W]=c(T));for(a=[];h--;)a.push(B(T,c(T)));U(T,g,function(H,b,t,R,dn){for(b=(dn=(t=[],[]),0);b<Z;b++){if(!Q[R=e[b],b]){for(;R>=t.length;)t.push(c(H));R=t[R]}dn.push(R)}H.j=qO(H,(H.D=qO(H,a.slice()),dn))})}),function(T,e,g,h,a){(h=(e=B(T,(a=(h=c((g=c(T),T)),e=c(T),c)(T),g=B(T.h,g),a=B(T,a),e)),B(T,h)),0!==g)&&(e=Wh(a,1,T,e,g,h),g.addEventListener(h,e,O),d(T,434,[g,h,e]))})),102),function(T,e,g){(g=B(T,(g=c((e=c(T),T)),g)),0!=B(T,e))&&d(T,411,g)}),d(D,114,f(4)),function(T,e,g){d(T,(e=c((g=c(T),T)),e),""+B(T,g))})),D)),15),function(T){ZG(4,T)}),[TH])),D),[K,A]),[Q1,I])),true),true)},V=function(A,I,D,n,M,T){if(!A.B){if(3<(I=B(A,(D=(M=B((n=void 0,I&&I[0]===w&&(D=I[1],n=I[2],I=void 0),A),261),0==M.length&&(T=B(A,415)>>3,M.push(D,T>>8&255,T&255),void 0!=n&&M.push(n&255)),""),I&&(I.message&&(D+=I.message),I.stack&&(D+=":"+I.stack)),424)),I)){A.h=(n=(D=il((I-=(D=D.slice(0,(I|0)-3),(D.length|0)+3),D)),A).h,A);try{S(L(2,D.length).concat(D),A,114,9)}finally{A.h=n}}d(A,424,I)}},ll=function(A,I,D,n,M){(n=(D=c((M=A&3,A&=4,I)),c(I)),D=B(I,D),A)&&(D=il(""+D)),M&&S(L(2,D.length),I,n),S(D,I,n)},NO=function(A,I,D,n){try{n=A[((I|0)+2)%3],A[I]=(A[I]|0)-(A[((I|0)+1)%3]|0)-(n|0)^(1==I?n<<D:n>>>D)}catch(M){throw M;}},O={passive:true,capture:true},sL=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),K=[],r=[],DG=((E.prototype.uy=void 0,E.prototype).l="toString",[]),J=[],v=[],TH=[],w=(E.prototype.Ce=void 0,{}),Q1=(E.prototype.Da=false,[]),wn=[],Ph=(((((MO,function(){})(f),function(){})(NO),function(){})(Y0),E).prototype.V="create",void 0),x=w.constructor,bl=(((((((X=E.prototype,X.Iz=function(){return Math.floor(this.Z+(this.H()-this.C))},X.yZ=function(A,I,D,n,M,T){for(T=[],D=n=0;n<A.length;n++)for(M=M<<I|A[n],D+=I;7<D;)D-=8,T.push(M>>D&255);return T},X).H=(window.performance||{}).now?function(){return this.Hn+window.performance.now()}:function(){return+new Date},X).gd=function(A,I,D,n,M){for(M=n=0;n<A.length;n++)M+=A.charCodeAt(n),M+=M<<10,M^=M>>6;return n=(A=(M+=M<<3,M^=M>>11,M)+(M<<15)>>>0,new Number(A&(1<<I)-1)),n[0]=(A>>>I)%D,n},X).o=function(A,I,D,n,M){if(D="array"===GH(D)?D:[D],this.F)A(this.F);else try{M=!this.G.length,n=[],F(this,[J,n,D]),F(this,[v,A,n]),I&&!M||C(this,true,I)}catch(T){k(this,T),A(this.F)}},X.TX=function(){return Math.floor(this.H())},X.MK=function(A,I,D){return((I^=I<<13,I^=I>>17,I=(I^I<<5)&D)||(I=1),A)^I},E).prototype.i=function(A,I){return Ph=(A=(I={},{}),function(){return I==A?-22:-12}),function(D,n,M,T,e,g,h,a,Y,y,Q,m,Z,W,G){I=(T=I,A);try{if(a=D[0],a==K){g=D[1];try{for(G=Q=(e=(m=[],atob)(g),0);G<e.length;G++)W=e.charCodeAt(G),255<W&&(m[Q++]=W&255,W>>=8),m[Q++]=W;(this.A=(this.s=m,this).s.length<<3,d)(this,394,[0,0,0])}catch(N){V(this,N,17);return}ng(this,8001)}else if(a==J)D[1].push(B(this,161).length,B(this,437).length,B(this,114).length,B(this,424)),d(this,141,D[2]),this.U[307]&&gn(B(this,307),8001,this);else{if(a==v){M=L(2,((m=D[2],B(this,161).length)|0)+2),y=this.h,this.h=this;try{h=B(this,261),0<h.length&&S(L(2,h.length).concat(h),this,161,10),S(L(1,this.J),this,161,109),S(L(1,this[v].length),this,161),e=0,n=B(this,114),e-=(B(this,161).length|0)+5,e+=B(this,100)&2047,4<n.length&&(e-=(n.length|0)+3),0<e&&S(L(2,e).concat(f(e)),this,161,15),4<n.length&&S(L(2,n.length).concat(n),this,161,156)}finally{this.h=y}if(((G=f(2).concat(B(this,161)),G)[1]=G[0]^6,G)[3]=G[1]^M[0],G[4]=G[1]^M[1],Z=this.GX(G))Z="!"+Z;else for(e=0,Z="";e<G.length;e++)Y=G[e][this.l](16),1==Y.length&&(Y="0"+Y),Z+=Y;return d(this,424,(B(this,(B(((Q=Z,B)(this,161).length=m.shift(),this),437).length=m.shift(),114)).length=m.shift(),m.shift())),Q}if(a==DG)gn(D[1],D[2],this);else if(a==r)return gn(D[1],8001,this)}}finally{I=T}}}(),E.prototype).OH=0,E.prototype.EH=0,E.prototype).GX=function(A,I,D,n){if(D=window.btoa){for(I="",n=0;n<A.length;n+=8192)I+=String.fromCharCode.apply(null,A.slice(n,n+8192));A=D(I).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else A=void 0;return A},/./),k0,rn=K.pop.bind((E.prototype[Q1]=[0,0,1,1,0,1,1],E.prototype[J])),EL=((k0=pg(E.prototype.V,(bl[E.prototype.l]=rn,{get:rn})),E.prototype).e5=void 0,function(A,I){return(I=I3())&&1===A.eval(I.createScript("1"))?function(D){return I.createScript(D)}:function(D){return""+D}})(q);40<(l=q.botguard||(q.botguard={}),l.m)||(l.m=41,l.bg=Bh,l.a=a3),l.yDq_=function(A,I,D){return[(D=new E(A,I),function(n){return Hh(n,D)})]};}).call(this);'));
}).call(this);
#2 JavaScript::Eval (size: 22249) - SHA256: 08b1e77b8a9f85f60ca6ea8d7abdd89b471c24adf553a0216d04a6fb16dbd899
(function() {
    var u = function(A, I, D, n, M, T, e, g, h) {
            if ((D.J += (((g = (M = (e = (h = (A || D.v++, 0 < D.R && D.W && D.FY && 1 >= D.O && !D.D && !D.T && (!A || 1 < D.Y - I)) && 0 == document.hidden, T = 4 == D.v) || h ? D.H() : D.u, e - D.u), M) >> 14, D).I && (D.I ^= g * (M << 2)), D).h = g || D.h, g), T) || h) D.u = e, D.v = 0;
            if (!h || e - D.C < D.R - (n ? 255 : A ? 5 : 2)) return false;
            return (d(D, 411, (n = B(D, (D.Y = I, A ? 415 : 411)), D.A)), D.G).push([DG, n, A ? I + 1 : I]), D.T = p, true
        },
        X, j0 = function(A, I) {
            return A[I] << 24 | A[(I | 0) + 1] << 16 | A[(I | 0) + 2] << 8 | A[(I | 0) + 3]
        },
        B = function(A, I) {
            if (A = A.U[I], void 0 === A) throw [w, 30, I];
            if (A.value) return A.create();
            return A.create(5 * I * I + -98 * I + -22), A.prototype
        },
        I3 = function(A, I) {
            if ((I = q.trustedTypes, A = null, !I) || !I.createPolicy) return A;
            try {
                A = I.createPolicy("bg", {
                    createHTML: Au,
                    createScript: Au,
                    createScriptURL: Au
                })
            } catch (D) {
                q.console && q.console.error(D.message)
            }
            return A
        },
        U = function(A, I, D) {
            D[d(A, I, D), TH] = 2796
        },
        gn = function(A, I, D, n) {
            return B((d(D, ((n = B(D, 411), D.s) && n < D.A ? (d(D, 411, D.A), e0(D, A)) : d(D, 411, A), ng(D, I), 411), n), D), 141)
        },
        hu = function(A, I, D, n, M, T) {
            for (M = ((D = (n = A[sL] || {}, c(A)), n.qK = c(A), n).g = [], A).h == A ? (P(A) | 0) - 1 : 1, I = c(A), T = 0; T < M; T++) n.g.push(c(A));
            for (n.P = B(A, D); M--;) n.g[M] = B(A, n.g[M]);
            return n.UH = B(A, I), n
        },
        MO = function(A, I) {
            (I.push(A[0] << 24 | A[1] << 16 | A[2] << 8 | A[3]), I).push(A[4] << 24 | A[5] << 16 | A[6] << 8 | A[7]), I.push(A[8] << 24 | A[9] << 16 | A[10] << 8 | A[11])
        },
        Bh = function(A, I, D, n) {
            function M() {}
            return n = a3(A, (D = void 0, function(T) {
                M && (I && p(I), D = T, M(), M = void 0)
            }), !!I)[0], {
                invoke: function(T, e, g, h) {
                    function a() {
                        D(function(Y) {
                            p(function() {
                                T(Y)
                            })
                        }, g)
                    }
                    if (!e) return e = n(g), T && T(e), e;
                    D ? a() : (h = M, M = function() {
                        p((h(), a))
                    })
                }
            }
        },
        Y0 = function(A, I, D) {
            if (3 == A.length) {
                for (D = 0; 3 > D; D++) I[D] += A[D];
                for (D = (A = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > D; D++) I[3](I, D % 3, A[D])
            }
        },
        e0 = function(A, I) {
            d(((A.fe.push(A.U.slice()), A).U[411] = void 0, A), 411, I)
        },
        pg = function(A, I) {
            return x[A](x.prototype, {
                floor: I,
                call: I,
                pop: I,
                propertyIsEnumerable: I,
                console: I,
                parent: I,
                length: I,
                document: I,
                prototype: I,
                replace: I,
                splice: I,
                stack: I
            })
        },
        E = function(A, I, D) {
            D = this;
            try {
                ul(A, I, this)
            } catch (n) {
                k(this, n), I(function(M) {
                    M(D.F)
                })
            }
        },
        q = this || self,
        o3 = function(A, I) {
            return (I = I.create().shift(), A.D).create().length || A.j.create().length || (A.D = void 0, A.j = void 0), I
        },
        a3 = function(A, I, D, n) {
            return (n = l[A.substring(0, 3) + "_"]) ? n(A.substring(3), I, D) : y1(A, I)
        },
        GH = function(A, I, D) {
            if ((D = typeof A, "object") == D)
                if (A) {
                    if (A instanceof Array) return "array";
                    if (A instanceof Object) return D;
                    if (I = Object.prototype.toString.call(A), "[object Window]" == I) return "object";
                    if ("[object Array]" == I || "number" == typeof A.length && "undefined" != typeof A.splice && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == I || "undefined" != typeof A.call && "undefined" != typeof A.propertyIsEnumerable && !A.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == D && "undefined" == typeof A.call) return "object";
            return D
        },
        mt = function(A, I) {
            return I = P(A), I & 128 && (I = I & 127 | P(A) << 7), I
        },
        Wh = function(A, I, D, n, M, T) {
            function e() {
                if (D.h == D) {
                    if (D.U) {
                        var g = [r, n, A, void 0, M, T, arguments];
                        if (2 == I) var h = C(D, false, (F(D, g), false));
                        else if (1 == I) {
                            var a = !D.G.length;
                            F(D, g), a && C(D, false, false)
                        } else h = Xy(g, D);
                        return h
                    }
                    M && T && M.removeEventListener(T, e, O)
                }
            }
            return e
        },
        c = function(A, I) {
            if (A.D) return o3(A, A.j);
            return (I = z(A, 8, true), I) & 128 && (I ^= 128, A = z(A, 2, true), I = (I << 2) + (A | 0)), I
        },
        Xy = function(A, I, D, n, M) {
            if ((D = A[0], D) == J) I.X = 25, I.i(A);
            else if (D == v) {
                M = A[1];
                try {
                    n = I.F || I.i(A)
                } catch (T) {
                    k(I, T), n = I.F
                }
                M(n)
            } else if (D == DG) I.i(A);
            else if (D == K) I.i(A);
            else if (D == Q1) {
                try {
                    for (n = 0; n < I.N.length; n++) try {
                        M = I.N[n], M[0][M[1]](M[2])
                    } catch (T) {}
                } catch (T) {}(0, A[1])(function(T, e) {
                    I.o(T, true, e)
                }, (I.N = [], function(T) {
                    F(I, (T = !I.G.length, [wn])), T && C(I, false, true)
                }))
            } else {
                if (D == r) return n = A[2], d(I, 103, A[6]), d(I, 141, n), I.i(A);
                D == wn ? (I.U = null, I.K = [], I.s = []) : D == TH && "loading" === q.document.readyState && (I.T = function(T, e) {
                    function g() {
                        e || (e = true, T())
                    }
                    q.document.addEventListener("DOMContentLoaded", g, (e = false, O)), q.addEventListener("load", g, O)
                })
            }
        },
        P = function(A) {
            return A.D ? o3(A, A.j) : z(A, 8, true)
        },
        ng = function(A, I, D, n, M, T) {
            if (!A.F) {
                A.O++;
                try {
                    for (T = void 0, D = 0, M = A.A; --I;) try {
                        if (n = void 0, A.D) T = o3(A, A.D);
                        else {
                            if (D = B(A, 411), D >= M) break;
                            T = B(A, (n = c((d(A, 415, D), A)), n))
                        }
                        u(false, (T && T[wn] & 2048 ? T(A, I) : V(A, [w, 21, n], 0), I), A, false)
                    } catch (e) {
                        B(A, 27) ? V(A, e, 22) : d(A, 27, e)
                    }
                    if (!I) {
                        if (A.Da) {
                            ng(A, (A.O--, 342722082906));
                            return
                        }
                        V(A, [w, 33], 0)
                    }
                } catch (e) {
                    try {
                        V(A, e, 22)
                    } catch (g) {
                        k(A, g)
                    }
                }
                A.O--
            }
        },
        k = function(A, I) {
            A.F = ((A.F ? A.F + "~" : "E:") + I.message + ":" + I.stack).slice(0, 2048)
        },
        il = function(A, I, D, n, M) {
            for (M = I = (A = A.replace(/\r\n/g, "\n"), 0), n = []; I < A.length; I++) D = A.charCodeAt(I), 128 > D ? n[M++] = D : (2048 > D ? n[M++] = D >> 6 | 192 : (55296 == (D & 64512) && I + 1 < A.length && 56320 == (A.charCodeAt(I + 1) & 64512) ? (D = 65536 + ((D & 1023) << 10) + (A.charCodeAt(++I) & 1023), n[M++] = D >> 18 | 240, n[M++] = D >> 12 & 63 | 128) : n[M++] = D >> 12 | 224, n[M++] = D >> 6 & 63 | 128), n[M++] = D & 63 | 128);
            return n
        },
        Au = function(A) {
            return A
        },
        qO = function(A, I, D) {
            return (D = x[A.V](A.AG), D)[A.V] = function() {
                return I
            }, D.concat = function(n) {
                I = n
            }, D
        },
        UL = function(A, I, D, n) {
            for (n = (D = c(I), 0); 0 < A; A--) n = n << 8 | P(I);
            d(I, D, n)
        },
        ZG = function(A, I, D, n) {
            S(L(A, (n = (D = c(I), c(I)), B(I, D))), I, n)
        },
        Hh = function(A, I, D) {
            return I.o(function(n) {
                D = n
            }, false, A), D
        },
        L = function(A, I, D, n) {
            for (D = (n = (A | 0) - 1, []); 0 <= n; n--) D[(A | 0) - 1 - (n | 0)] = I >> 8 * n & 255;
            return D
        },
        $0 = function(A, I, D, n, M) {
            for (n = 0, M = A[2] | 0, A = A[3] | 0; 14 > n; n++) D = D >>> 8 | D << 24, D += I | 0, D ^= M + 2229, A = A >>> 8 | A << 24, I = I << 3 | I >>> 29, I ^= D, A += M | 0, A ^= n + 2229, M = M << 3 | M >>> 29, M ^= A;
            return [I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255, D >>> 24 & 255, D >>> 16 & 255, D >>> 8 & 255, D >>> 0 & 255]
        },
        S = function(A, I, D, n, M, T) {
            if (I.h == I)
                for (T = B(I, D), 114 == D ? (D = function(e, g, h, a) {
                        if (T.ne != (h = (a = T.length, (a | 0) - 4 >> 3), h)) {
                            g = (h = (T.ne = h, h << 3) - 4, [0, 0, M[1], M[2]]);
                            try {
                                T.VZ = $0(g, j0(T, h), j0(T, (h | 0) + 4))
                            } catch (Y) {
                                throw Y;
                            }
                        }
                        T.push(T.VZ[a & 7] ^ e)
                    }, M = B(I, 352)) : D = function(e) {
                        T.push(e)
                    }, n && D(n & 255), I = 0, n = A.length; I < n; I++) D(A[I])
        },
        f = function(A, I) {
            for (I = []; A--;) I.push(255 * Math.random() | 0);
            return I
        },
        C = function(A, I, D, n, M, T) {
            if (A.G.length) {
                A.W = !(A.FY = (A.W && 0(), D), 0);
                try {
                    n = A.H(), A.u = n, A.C = n, A.v = 0, T = ch(A, D), M = A.H() - A.C, A.Z += M, M < (I ? 0 : 10) || 0 >= A.X-- || (M = Math.floor(M), A.K.push(254 >= M ? M : 254))
                } finally {
                    A.W = false
                }
                return T
            }
        },
        x0 = function(A, I, D, n, M, T, e, g) {
            return ((T = x[(n = [10, (e = (M = Ph, A & 7), -98), 54, 77, 21, -31, n, 51, -77, 74], I).V](I.hG), T)[I.V] = function(h) {
                e += (g = h, 6 + 7 * A), e &= 7
            }, T).concat = function(h) {
                return (h = (g = (h = +e - -5390 * (h = D % 16 + 1, D) * g + 55 * g * g - 275 * D * D * g - -1210 * g + (M() | 0) * h + n[e + 19 & 7] * D * h - h * g + 5 * D * D * h, void 0), n[h]), n)[(e + 45 & 7) + (A & 2)] = h, n[e + (A & 2)] = -98, h
            }, T
        },
        z = function(A, I, D, n, M, T, e, g, h, a, Y, y, Q, m) {
            if ((h = B(A, 411), h) >= A.A) throw [w, 31];
            for (Q = (m = h, Y = (y = 0, I), A.S5.length); 0 < Y;) n = m % 8, e = m >> 3, T = 8 - (n | 0), T = T < Y ? T : Y, M = A.s[e], D && (g = A, g.S != m >> 6 && (g.S = m >> 6, a = B(g, 394), g.L = $0([0, 0, a[1], a[2]], g.I, g.S)), M ^= A.L[e & Q]), y |= (M >> 8 - (n | 0) - (T | 0) & (1 << T) - 1) << (Y | 0) - (T | 0), Y -= T, m += T;
            return d(A, 411, (h | (D = y, 0)) + (I | 0)), D
        },
        ch = function(A, I, D, n) {
            for (; A.G.length;) {
                D = (A.T = null, A.G.pop());
                try {
                    n = Xy(D, A)
                } catch (M) {
                    k(A, M)
                }
                if (I && A.T) {
                    (I = A.T, I)(function() {
                        C(A, true, true)
                    });
                    break
                }
            }
            return n
        },
        p = q.requestIdleCallback ? function(A) {
            requestIdleCallback(function() {
                A()
            }, {
                timeout: 4
            })
        } : q.setImmediate ? function(A) {
            setImmediate(A)
        } : function(A) {
            setTimeout(A, 0)
        },
        l, y1 = function(A, I) {
            return [(I(function(D) {
                D(A)
            }), function() {
                return A
            })]
        },
        d = function(A, I, D) {
            if (411 == I || 415 == I) A.U[I] ? A.U[I].concat(D) : A.U[I] = qO(A, D);
            else {
                if (A.B && 394 != I) return;
                161 == I || 114 == I || 437 == I || 261 == I || 352 == I ? A.U[I] || (A.U[I] = x0(118, A, I, D)) : A.U[I] = x0(121, A, I, D)
            }
            394 == I && (A.I = z(A, 32, false), A.S = void 0)
        },
        F = function(A, I) {
            A.G.splice(0, 0, I)
        },
        ul = function(A, I, D, n, M) {
            for (n = (M = ((D.hG = pg((D.by = k0, D.kb = (D.S5 = D[v], bl), D.V), {get: function() {
                        return this.concat()
                    }
                }), D).AG = x[D.V](D.hG, {
                    value: {
                        value: {}
                    }
                }), []), 0); 289 > n; n++) M[n] = String.fromCharCode(n);
            C(D, (F(D, (F((F(D, (U(D, (d(D, 239, (U(D, 331, (U(D, (U(D, 144, (U(D, (U(D, 17, (U(D, (U(D, 325, (d(D, 161, [160, (d(D, (U(D, (D.sH = (U(D, (U(D, 223, (d(D, 424, (d(D, 143, (U(D, (d(D, 434, (d(D, 352, (U(D, (U(D, 194, (U(D, 370, (d(D, 437, (U(D, 95, ((U(D, 154, (U((U(D, 21, (U(D, (U(D, 175, (U(D, 129, (U(D, 280, (d((d(D, 100, (D.iy = (d(D, 141, (U((U(D, (D.j5 = (d(D, (d(D, (D.T = (D.FY = false, (D.O = 0, D.G = [], D.D = (D.zX = function(T) {
                this.h = T
            }, D.B = false, D.C = 0, void 0), (D.fe = [], D).j = (D.R = ((D.F = void 0, D).J = 1, 0), n = (D.W = false, D.X = 25, window.performance || {}), D.N = [], (D.h = D, D).L = void 0, (D.QZ = 0, D.Z = 0, D.s = [], D).S = ((D.Y = 8001, D).v = void 0, void 0), D.U = [], void 0), D.A = (D.u = (D.K = [], 0), 0), D).I = void 0, D.Hn = n.timeOrigin || (n.timing || {}).navigationStart || 0, null), 411), 0), 415), 0), 0), U(D, 483, function() {}), 360), function(T, e, g, h) {
                h = (e = B(T, (g = (h = (e = c(T), c(T)), c(T)), e)), B(T, h)), d(T, g, e in h | 0)
            }), D), 202, function(T, e, g, h) {
                d(T, (g = B(T, (h = B(T, (e = (h = c((g = c(T), T)), c(T)), h)), g)) == h, e), +g)
            }), {})), 0), 0)), D), 27, 438), function(T, e, g, h, a) {
                for (h = c(T), g = mt(T), a = [], e = 0; e < g; e++) a.push(P(T));
                d(T, h, a)
            })), function(T, e, g, h, a, Y) {
                u(true, e, T, false) || (g = hu(T.h), e = g.qK, h = g.UH, Y = g.g, a = Y.length, g = g.P, h = 0 == a ? new h[g] : 1 == a ? new h[g](Y[0]) : 2 == a ? new h[g](Y[0], Y[1]) : 3 == a ? new h[g](Y[0], Y[1], Y[2]) : 4 == a ? new h[g](Y[0], Y[1], Y[2], Y[3]) : 2(), d(T, e, h))
            })), function(T, e, g, h) {
                if (e = T.fe.pop()) {
                    for (g = P(T); 0 < g; g--) h = c(T), e[h] = T.U[h];
                    T.U = (e[424] = (e[261] = T.U[261], T.U)[424], e)
                } else d(T, 411, T.A)
            })), 127), function(T, e, g, h) {
                !u(true, e, T, false) && (e = hu(T), g = e.P, h = e.UH, T.h == T || g == T.zX && h == T) && (d(T, e.qK, g.apply(h, e.g)), T.u = T.H())
            }), function(T, e, g, h, a, Y, y) {
                for (Y = (h = (g = mt((e = c(T), T)), a = "", y = B(T, 322), y.length), 0); g--;) Y = ((Y | 0) + (mt(T) | 0)) % h, a += M[y[Y]];
                d(T, e, a)
            })), D), 336, function(T) {
                ll(4, T)
            }), function(T, e) {
                e0((e = B(T, c(T)), T.h), e)
            })), U(D, 69, function(T) {
                ll(3, T)
            }), U)(D, 6, function(T, e, g) {
                d(T, (g = GH((g = B(T, (g = c(T), e = c(T), g)), g)), e), g)
            }), function(T, e, g, h, a) {
                d(T, (e = B(T, (h = B((a = B(T, (a = (e = c((h = c((g = c(T), T)), T)), c(T)), a)), T), h), e)), g), Wh(e, a, T, h))
            })), [])), function(T) {
                ZG(1, T)
            })), function(T, e, g, h) {
                (h = c((e = (g = c(T), P(T)), T)), d)(T, h, B(T, g) >>> e)
            })), 201), function(T, e, g, h) {
                d(T, (g = B(T, (e = B(T, (e = c(T), h = c(T), e)), h)), h), g + e)
            }), [0, 0, 0])), 0)), 151), function(T, e, g, h) {
                (h = (e = c(T), c)(T), g = c(T), T).h == T && (g = B(T, g), h = B(T, h), B(T, e)[h] = g, 394 == e && (T.S = void 0, 2 == h && (T.I = z(T, 32, false), T.S = void 0)))
            }), q)), 2048)), function(T, e, g, h) {
                d(T, (e = (h = c((g = c(T), T)), c(T)), e), B(T, g) || B(T, h))
            })), 215), function(T, e, g) {
                u(true, e, T, false) || (e = c(T), g = c(T), d(T, g, function(h) {
                    return eval(h)
                }(EL(B(T.h, e)))))
            }), 0), 86), function(T, e, g, h) {
                g = B(T, (e = c((g = c(T), T)), h = c(T), g)), e = B(T, e), d(T, h, g[e])
            }), 261), []), 0), 0]), function(T, e) {
                T = B((e = c(T), T).h, e), T[0].removeEventListener(T[1], T[2], O)
            })), 145), function(T) {
                UL(4, T)
            }), function(T, e, g, h, a, Y) {
                if (!u(true, e, T, true)) {
                    if ("object" == GH((T = (g = B((Y = (e = (e = (Y = c(T), g = c(T), c(T)), a = c(T), B(T, e)), B(T, Y)), T), g), B(T, a)), Y))) {
                        for (h in a = [], Y) a.push(h);
                        Y = a
                    }
                    for (a = (e = 0 < e ? e : 1, h = 0, Y).length; h < a; h += e) g(Y.slice(h, (h | 0) + (e | 0)), T)
                }
            })), 171), function(T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                function N(H, b) {
                    for (; y < H;) m |= P(T) << y, y += 8;
                    return b = m & (y -= H, (1 << H) - 1), m >>= H, b
                }
                for (G = (W = (Z = (h = (y = (g = c(T), m = 0), (N(3) | 0) + 1), N)(5), 0), Q = [], 0); G < Z; G++) Y = N(1), Q.push(Y), W += Y ? 0 : 1;
                for (G = (e = (W = ((W | 0) - 1).toString(2).length, []), 0); G < Z; G++) Q[G] || (e[G] = N(W));
                for (W = 0; W < Z; W++) Q[W] && (e[W] = c(T));
                for (a = []; h--;) a.push(B(T, c(T)));
                U(T, g, function(H, b, t, R, dn) {
                    for (b = (dn = (t = [], []), 0); b < Z; b++) {
                        if (!Q[R = e[b], b]) {
                            for (; R >= t.length;) t.push(c(H));
                            R = t[R]
                        }
                        dn.push(R)
                    }
                    H.j = qO(H, (H.D = qO(H, a.slice()), dn))
                })
            }), function(T, e, g, h, a) {
                (h = (e = B(T, (a = (h = c((g = c(T), T)), e = c(T), c)(T), g = B(T.h, g), a = B(T, a), e)), B(T, h)), 0 !== g) && (e = Wh(a, 1, T, e, g, h), g.addEventListener(h, e, O), d(T, 434, [g, h, e]))
            })), 102), function(T, e, g) {
                (g = B(T, (g = c((e = c(T), T)), g)), 0 != B(T, e)) && d(T, 411, g)
            }), d(D, 114, f(4)), function(T, e, g) {
                d(T, (e = c((g = c(T), T)), e), "" + B(T, g))
            })), D)), 15), function(T) {
                ZG(4, T)
            }), [TH])), D), [K, A]), [Q1, I])), true), true)
        },
        V = function(A, I, D, n, M, T) {
            if (!A.B) {
                if (3 < (I = B(A, (D = (M = B((n = void 0, I && I[0] === w && (D = I[1], n = I[2], I = void 0), A), 261), 0 == M.length && (T = B(A, 415) >> 3, M.push(D, T >> 8 & 255, T & 255), void 0 != n && M.push(n & 255)), ""), I && (I.message && (D += I.message), I.stack && (D += ":" + I.stack)), 424)), I)) {
                    A.h = (n = (D = il((I -= (D = D.slice(0, (I | 0) - 3), (D.length | 0) + 3), D)), A).h, A);
                    try {
                        S(L(2, D.length).concat(D), A, 114, 9)
                    } finally {
                        A.h = n
                    }
                }
                d(A, 424, I)
            }
        },
        ll = function(A, I, D, n, M) {
            (n = (D = c((M = A & 3, A &= 4, I)), c(I)), D = B(I, D), A) && (D = il("" + D)), M && S(L(2, D.length), I, n), S(D, I, n)
        },
        NO = function(A, I, D, n) {
            try {
                n = A[((I | 0) + 2) % 3], A[I] = (A[I] | 0) - (A[((I | 0) + 1) % 3] | 0) - (n | 0) ^ (1 == I ? n << D : n >>> D)
            } catch (M) {
                throw M;
            }
        },
        O = {
            passive: true,
            capture: true
        },
        sL = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        K = [],
        r = [],
        DG = ((E.prototype.uy = void 0, E.prototype).l = "toString", []),
        J = [],
        v = [],
        TH = [],
        w = (E.prototype.Ce = void 0, {}),
        Q1 = (E.prototype.Da = false, []),
        wn = [],
        Ph = (((((MO, function() {})(f), function() {})(NO), function() {})(Y0), E).prototype.V = "create", void 0),
        x = w.constructor,
        bl = (((((((X = E.prototype, X.Iz = function() {
            return Math.floor(this.Z + (this.H() - this.C))
        }, X.yZ = function(A, I, D, n, M, T) {
            for (T = [], D = n = 0; n < A.length; n++)
                for (M = M << I | A[n], D += I; 7 < D;) D -= 8, T.push(M >> D & 255);
            return T
        }, X).H = (window.performance || {}).now ? function() {
            return this.Hn + window.performance.now()
        } : function() {
            return +new Date
        }, X).gd = function(A, I, D, n, M) {
            for (M = n = 0; n < A.length; n++) M += A.charCodeAt(n), M += M << 10, M ^= M >> 6;
            return n = (A = (M += M << 3, M ^= M >> 11, M) + (M << 15) >>> 0, new Number(A & (1 << I) - 1)), n[0] = (A >>> I) % D, n
        }, X).o = function(A, I, D, n, M) {
            if (D = "array" === GH(D) ? D : [D], this.F) A(this.F);
            else try {
                M = !this.G.length, n = [], F(this, [J, n, D]), F(this, [v, A, n]), I && !M || C(this, true, I)
            } catch (T) {
                k(this, T), A(this.F)
            }
        }, X.TX = function() {
            return Math.floor(this.H())
        }, X.MK = function(A, I, D) {
            return ((I ^= I << 13, I ^= I >> 17, I = (I ^ I << 5) & D) || (I = 1), A) ^ I
        }, E).prototype.i = function(A, I) {
            return Ph = (A = (I = {}, {}), function() {
                    return I == A ? -22 : -12
                }),
                function(D, n, M, T, e, g, h, a, Y, y, Q, m, Z, W, G) {
                    I = (T = I, A);
                    try {
                        if (a = D[0], a == K) {
                            g = D[1];
                            try {
                                for (G = Q = (e = (m = [], atob)(g), 0); G < e.length; G++) W = e.charCodeAt(G), 255 < W && (m[Q++] = W & 255, W >>= 8), m[Q++] = W;
                                (this.A = (this.s = m, this).s.length << 3, d)(this, 394, [0, 0, 0])
                            } catch (N) {
                                V(this, N, 17);
                                return
                            }
                            ng(this, 8001)
                        } else if (a == J) D[1].push(B(this, 161).length, B(this, 437).length, B(this, 114).length, B(this, 424)), d(this, 141, D[2]), this.U[307] && gn(B(this, 307), 8001, this);
                        else {
                            if (a == v) {
                                M = L(2, ((m = D[2], B(this, 161).length) | 0) + 2), y = this.h, this.h = this;
                                try {
                                    h = B(this, 261), 0 < h.length && S(L(2, h.length).concat(h), this, 161, 10), S(L(1, this.J), this, 161, 109), S(L(1, this[v].length), this, 161), e = 0, n = B(this, 114), e -= (B(this, 161).length | 0) + 5, e += B(this, 100) & 2047, 4 < n.length && (e -= (n.length | 0) + 3), 0 < e && S(L(2, e).concat(f(e)), this, 161, 15), 4 < n.length && S(L(2, n.length).concat(n), this, 161, 156)
                                } finally {
                                    this.h = y
                                }
                                if (((G = f(2).concat(B(this, 161)), G)[1] = G[0] ^ 6, G)[3] = G[1] ^ M[0], G[4] = G[1] ^ M[1], Z = this.GX(G)) Z = "!" + Z;
                                else
                                    for (e = 0, Z = ""; e < G.length; e++) Y = G[e][this.l](16), 1 == Y.length && (Y = "0" + Y), Z += Y;
                                return d(this, 424, (B(this, (B(((Q = Z, B)(this, 161).length = m.shift(), this), 437).length = m.shift(), 114)).length = m.shift(), m.shift())), Q
                            }
                            if (a == DG) gn(D[1], D[2], this);
                            else if (a == r) return gn(D[1], 8001, this)
                        }
                    } finally {
                        I = T
                    }
                }
        }(), E.prototype).OH = 0, E.prototype.EH = 0, E.prototype).GX = function(A, I, D, n) {
            if (D = window.btoa) {
                for (I = "", n = 0; n < A.length; n += 8192) I += String.fromCharCode.apply(null, A.slice(n, n + 8192));
                A = D(I).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else A = void 0;
            return A
        }, /./),
        k0, rn = K.pop.bind((E.prototype[Q1] = [0, 0, 1, 1, 0, 1, 1], E.prototype[J])),
        EL = ((k0 = pg(E.prototype.V, (bl[E.prototype.l] = rn, {get: rn
        })), E.prototype).e5 = void 0, function(A, I) {
            return (I = I3()) && 1 === A.eval(I.createScript("1")) ? function(D) {
                return I.createScript(D)
            } : function(D) {
                return "" + D
            }
        })(q);
    40 < (l = q.botguard || (q.botguard = {}), l.m) || (l.m = 41, l.bg = Bh, l.a = a3), l.yDq_ = function(A, I, D) {
        return [(D = new E(A, I), function(n) {
            return Hh(n, D)
        })]
    };
}).call(this);
#3 JavaScript::Eval (size: 60) - SHA256: dcbc8087c9f3488411409f0a3c9069e6a40b27851598c7a72361e97785aa874d
0,
function(T, e, g) {
    d(T, (g = c(T), e = c(T), g = T.U[g] && B(T, g), e), g)
}
#4 JavaScript::Eval (size: 22) - SHA256: 94ad18c1a336e08a4bfce57073e3f008391b324ebf524e0e7069827f300b075d
0,
function(T) {
    UL(2, T)
}
#5 JavaScript::Eval (size: 22) - SHA256: 76fa5194b42930d151e7569cc0b9f77ea02344fef8104bda49d4318b5b438698
0,
function(T) {
    UL(1, T)
}

Executed Writes (0)


HTTP Transactions (66)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8392
Expires: Sat, 05 Nov 2022 00:57:28 GMT
Date: Fri, 04 Nov 2022 22:37:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=129627
Date: Fri, 04 Nov 2022 22:37:36 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:38:03 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=129627
Date: Fri, 04 Nov 2022 22:37:36 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:38:03 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2740
Expires: Fri, 04 Nov 2022 23:23:16 GMT
Date: Fri, 04 Nov 2022 22:37:36 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IakjK7OW1sPWnJIwo5i3DwtW3mWyw/VMmog+e02sw1NyMJgz3qK0mg14UTX15P+/5mpd0f1/pdE=
x-amz-request-id: D7TRYM9VH91HRNZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 21:46:56 GMT
age: 3040
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 04 Nov 2022 22:37:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         151.101.130.159
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: keep-alive
Content-Length: 162
Location: https://paradigmtc.tech/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: lyzqm9wah0
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Fri, 04 Nov 2022 22:37:36 GMT
X-Served-By: cache-bma1645-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1667601456.369514,VS0,VE484
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FFF765D87A981C61DC2DD1464E0D958044770A0F696C5A7408F2A5804F8B98C7"
Last-Modified: Thu, 03 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sat, 05 Nov 2022 04:37:16 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 280
Cache-Control: max-age=120830
Date: Fri, 04 Nov 2022 22:37:37 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 08:11:27 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UTVvlZ0UsY03ii9AaN79uw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.83.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CN67cjLyyU1Xcu21wCtvy68wXac=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4662
x-amzn-requestid: 32199e11-d856-4403-ad55-65076eac83ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: amd5UFJQIAMFf-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd08-1761126e37ed504e46896b4d;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Nu2uC3we8aHv4ERvh7QcmiErm4Ax-NNmdWFovpdU9Or9DguzrIcn5g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:00:38 GMT
age: 2219
etag: "ddb7b18fae0082ce22d8ffa537c7367e1da404a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4662
Md5:    d12961439cd33c86c7b8041ed9d42321
Sha1:   ddb7b18fae0082ce22d8ffa537c7367e1da404a5
Sha256: d2cc0f7735f04a07c681eb2eae7c52e9f4c75b6d475b3ad4de587899089850a7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wf0k3Di2KCCXHIo68FTdztfEbq_A8t7xCE608dP64CVIdFxSEHTijw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:50 GMT
age: 1007
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6909
Md5:    eaf06d0fb99703abfd57b962eb21ce96
Sha1:   ce73b0ad22139bec863ed990e3d3af4bdc3df288
Sha256: a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11421
x-amzn-requestid: 80f2a46c-6682-4160-b896-eeaa366dbab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKNF4SoAMFn5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5a5517d005ec7a7d1507b58e;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gdqoswTMqjrfyzzY-103agxLH8ak-rFsCId29eoLOF6WHgFmd04K7g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 08:24:41 GMT
age: 51176
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11421
Md5:    2ae2b8d827fb2c8bef64febcd36f1645
Sha1:   f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
Sha256: 2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11427
x-amzn-requestid: 0dcc7ef4-d7fa-492e-8ddf-4342b4bc44e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxJGJZoAMFWlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-7c3de2ed509a640f37c52843;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gAHLlJ0JzB6TfEUNw_sCNmrjMK-EX1hZbCY34i99xQok7R-wvcpqug==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 2313
etag: "61dc4e78907f114519ff3fdd3c806b36557ab744"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11427
Md5:    6ee20d59c5ac266f8eb9c47057271a10
Sha1:   61dc4e78907f114519ff3fdd3c806b36557ab744
Sha256: 2cba117cfe96fa5e1b53981f98d42eb3e5f956083c3435a1d44d1d40784614bf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9006
x-amzn-requestid: 1a0ea36b-a610-485c-be62-b6950288afbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGIVGGG7oAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658753-2fc408853092bf61646b7584;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xdg0glkctHhh3-kmb8HhwEnYjcxchpOLF4DrDIkICI7fSiHpIRPKIw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:07 GMT
age: 1050
etag: "1082e5e96362a4960929c59ff1d4d995cb28f40d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9006
Md5:    1fc9b492d6cc0a516998cec9fa5dc2a0
Sha1:   1082e5e96362a4960929c59ff1d4d995cb28f40d
Sha256: 3dc82302d8615c615526cc9a828844d291d775d05ff7174f8d6b82b7172b2908
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F026ddf6a-a4ad-4c8d-9da5-41a184265e24.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4749
x-amzn-requestid: d6545893-af81-4e76-bd31-cd80a0658a28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asg4QH3HoAMFX7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b4834-015a8ad175cc388576dcddc5;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:10:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p3tf0WwkKam_wcY3Ik0IJxu_b11GqHoTWyQ4kxl0mtejIfJD14ji0Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:49:43 GMT
age: 2874
etag: "d223df60a7340cf3745e981f19c1d3fd9c75d44a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4749
Md5:    8fd1a79378f8a426e682c599e64e9bdf
Sha1:   d223df60a7340cf3745e981f19c1d3fd9c75d44a
Sha256: 14e3192a87f45d7ed4f809c528e1631bba69e69fc541637574ae3c3f70540408
                                        
                                            GET / HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
link: <https://paradigmtc.tech/index.php?rest_route=/>; rel="https://api.w.org/", <https://paradigmtc.tech/index.php?rest_route=/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://paradigmtc.tech/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601457.108780,VS0,VE1091
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 37375
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (28417)
Size:   37375
Md5:    2df55fba7cd9ed4530da3dc1932ccdec
Sha1:   5173cbf0c23898b73af9e3e91650665e23d00106
Sha256: f9cd38f1f96b03977312716a9be73815870c3eef5b7c92d825625ec0085c0601

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 00:57:19 GMT
expires: Wed, 01 Nov 2023 00:57:19 GMT
cache-control: public, max-age=31536000
age: 337219
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Size:   21516
Md5:    90135ea44811b2d9610c33e07068fdb0
Sha1:   84ef1a8343877a598f1c7cbae56f35ded54a1787
Sha256: bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
                                        
                                            GET /s/sharetech/v17/7cHtv4Uyi5K0OeZ7bohU8H0JmA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 15:26:41 GMT
expires: Wed, 01 Nov 2023 15:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:07:21 GMT
age: 285057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15048, version 1.0\012- data
Size:   15048
Md5:    063f996268878af20d0bdfdd36a36192
Sha1:   17a5167b520261d8963a2dc95e4c8a930bf33a93
Sha256: 0907d6045312b73d5afdb7c6b7bfff8dd5eaab56dbcf6ba7d72dfc6af118d8ef
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 22:42:01 GMT
expires: Tue, 31 Oct 2023 22:42:01 GMT
cache-control: public, max-age=31536000
age: 345337
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Size:   22084
Md5:    bab4daa6bec06781aa7262eca0be0ed4
Sha1:   b896fcea50433114a0433c9c8117677a875f1116
Sha256: ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 00:57:59 GMT
expires: Wed, 01 Nov 2023 00:57:59 GMT
cache-control: public, max-age=31536000
age: 337179
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Size:   22212
Md5:    e62adebf67147c481b9c00011e2c5d48
Sha1:   3af42ef356fa413fd162c56a7b11b8d34a61cefb
Sha256: 17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 21:46:13 GMT
expires: Tue, 31 Oct 2023 21:46:13 GMT
cache-control: public, max-age=31536000
age: 348685
last-modified: Mon, 15 Aug 2022 18:14:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 27520, version 1.1\012- data
Size:   27520
Md5:    cd247306809a5a4ddcfee4e2681aa03b
Sha1:   1aaa3efe7fc2cf5ccd75d4c67e1bf05e5041af3b
Sha256: 925be42fa3c0ca5ea75cd203804c3f6c717407e44010e1b63ed2c951bacc1849
                                        
                                            GET /recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 04 Nov 2022 22:37:38 GMT
date: Fri, 04 Nov 2022 22:37:38 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    a9f34cc8285f1de599857e04a45e5f51
Sha1:   a4c8c0300f9cb3a108921cb08117551f4a641476
Sha256: 1f319cf67adeb694445ec0546949e7026600f01dcdcaf7e5f35d1024a18adc01
                                        
                                            GET /wp-content/uploads/2022/03/line-icons-76.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-435"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.299674,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1103
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 84 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1103
Md5:    62b857ad906b32ccbba300242df66db7
Sha1:   2ac01f4dbb769d64f0c4c677bd7fed76c92df07f
Sha256: d50a0b1be44b103b12485d62edf5c22d90f0a39be683a20458a88e2bca7ffe32
                                        
                                            GET /wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 31 Aug 2022 20:45:38 GMT
etag: W/"630fc872-6a0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.308904,VS0,VE126
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 741
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   741
Md5:    14a888630ed8d3ef1f4c247914244f0d
Sha1:   07d3b023c36b7bbd6f0a2769f741ca77f7eb9ed4
Sha256: c5535044b82ef2b3996d364d8c857c9decfb4337a5ca5c4cd74368d2684a4125
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2022/03/line-icons-53.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-444"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.296098,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1120
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1120
Md5:    cba23389e53512624d442852f1d7b70a
Sha1:   6e050dc3ea5b6634351222112f85ec2778913821
Sha256: 4b9c5363d34babfb95093aebb5fba1bbd9fa6c6ca3a9850aabc94ece69e3c03d
                                        
                                            GET /wp-content/uploads/2022/03/lifesaver_64px.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-7e9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.296452,VS0,VE362
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2048
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2048
Md5:    6d51f4efc9e29416e1cce6e9bf04b686
Sha1:   7147e62ea3125df2aa9d45062e54618f22258a89
Sha256: 437b6f341eae2790473b30b3f74c6ab9f7de630c04a91e482f92132c42e71320
                                        
                                            GET /wp-content/uploads/2022/03/global_64px.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-808"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.298822,VS0,VE362
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2079
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2079
Md5:    40a6703c6896589c6511772f325d6406
Sha1:   32ec5aada262dd0b73e6a6df6abd2dceef193127
Sha256: 209978024b004567f63bc3a956a05f3ef8e1e68657db311fd263982a6117d5bc
                                        
                                            GET /wp-content/uploads/2022/03/layers_64px.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-4b5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.297168,VS0,VE366
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1233
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   1233
Md5:    aa5326e27ec971690f7263c4b99672fa
Sha1:   34f67fcdccdf780fa9267e4018d2a9452d81d17d
Sha256: ae2894c636a0fe6635d4c7ef0338656705f3f33b30553d26abf80e136634ab3a
                                        
                                            GET /wp-content/uploads/2022/05/unnamed-9.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Wed, 04 May 2022 17:12:07 GMT
etag: W/"6272b3e7-5a06"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.295438,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23074
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 271 x 59, 8-bit/color RGB, non-interlaced\012- data
Size:   23074
Md5:    4c22695f4109f9c3d01b89aedb696121
Sha1:   c59fc4a1f571cf5acf559673e1afd8db06da8830
Sha256: 78f0a7a54c683608a96e5d8c60a0d102ccb7b3eaa251b909c9e9a019999b9e94
                                        
                                            GET /wp-content/et-cache/8/et-divi-dynamic-8.css?ver=1666467430 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 22 Oct 2022 19:37:10 GMT
etag: W/"63544666-1932a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.290784,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9158
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39491)
Size:   9158
Md5:    bf359cacda14e8620d885de307de4f5a
Sha1:   ad25c9937658284811ae3d72386929249729e568
Sha256: b0ea20be510e98be4624dfc7199c18219edb4a5587db5170b867a1dc67d58cf5
                                        
                                            GET /wp-content/uploads/2022/03/line-icons-35.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-328"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.301205,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 831
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 54 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   831
Md5:    76b418cf38b4341c9b7217209550893b
Sha1:   f80215b776cab488d587fd6001e7a661459461b7
Sha256: 2b39c8d642b9c0c79697aa0368a8ad9c82e5bbd068ac2ed529bb71204ba5c154
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307305,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4405
Md5:    24957bc8161f979c6e661f46fdc3974f
Sha1:   fa1237ffe8b3745baa78ac481239038e133fcc17
Sha256: 46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.310716,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   13906
Md5:    1047dd6779111ec73736abd71a40fef9
Sha1:   e08643922ce9a1a488f2a72c0341807f59f7528e
Sha256: d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: W/"630fc871-1aa1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307273,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2814
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6498)
Size:   2814
Md5:    5f04ddae91b4e3988160999051f29845
Sha1:   81326047bddfdf1738d22ba37cb88251094351d5
Sha256: d2249e6da91e7c3a8a52a8a0ce157e5d81dbc8bc2835fd05f671b2c8d5a97bba

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/03/it-services-03.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:22 GMT
etag: W/"623f6bea-1fd1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307346,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8105
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data
Size:   8105
Md5:    0fc0f776a76af4dbf1b95a5733ff7796
Sha1:   21966075315e084e89431e00905c0c0b6acf88dd
Sha256: 43ab913e51c08937c0eb8cdcf9491b3679622032ab852239ed18270d59fe3fad
                                        
                                            GET /wp-content/uploads/2022/03/quote-dark.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:25 GMT
etag: W/"623f6bed-304"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.313296,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 795
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   795
Md5:    f00914f2c36e5d8cb87c2f7be1ffff4c
Sha1:   e608e0d4a5f5a18f058a0aedb4b6a1e2bf369bf9
Sha256: 3129c5ddcfcc125454c8dce7367eb59db4a084a5ff97817177f70c9d8983f270
                                        
                                            GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: W/"630fc871-53f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.309296,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 582
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   582
Md5:    8de6a3b5983f9934d6a8b881305d7d72
Sha1:   37914cb4c9bc34e3291288e7f13d87380ce81436
Sha256: 85fcd0273ca1fe2eae86e389e7cfe68ec42ac0ce4c53092b9083e35f66aae3f0
                                        
                                            GET /wp-content/uploads/2022/03/quote-light.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:25 GMT
etag: W/"623f6bed-382"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.312759,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 921
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   921
Md5:    cd911b7c22e584aa96dc041a6bb1cb0d
Sha1:   c72f099bdad47012b6919f034715c5a289bff420
Sha256: 9c346ee4c294b5992f15bcb47a8e37bde98b7ce14ba4a65fa3a7bdb5a2bb07a1
                                        
                                            GET /wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 22 Oct 2022 19:37:11 GMT
etag: W/"63544667-3cb4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.291354,VS0,VE564
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2454
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15540), with no line terminators
Size:   2454
Md5:    bf99fe93b0c1282e3b9f01ed580a1258
Sha1:   b1e45e95675e2aeb1887488961d1b5ae55e83515
Sha256: 691484ed31c164331c9f83e0bed2390db4d76a45ac4b3d086acde067367d8e25

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307321,VS0,VE611
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   34060
Md5:    22b0253c0ecce70e41e296d176b0d972
Sha1:   a161c363d2092739db21bfeb2cf23c980ec71580
Sha256: 181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0 HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 31 Aug 2022 20:45:43 GMT
etag: W/"630fc877-42e58"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307276,VS0,VE726
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 79388
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65467)
Size:   79388
Md5:    7d6061b3b8527ba1a3ad6005c8c3fb09
Sha1:   b050c15be92ef41042011f5365a5301f5fdd378f
Sha256: 6efe0953674c1e43c8a5823f7a6b2e5ed0d96fbed517d51111e975315e0f536b
                                        
                                            GET /wp-content/uploads/2022/03/it-services-04.jpg HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 26 Mar 2022 19:39:20 GMT
etag: W/"623f6be8-2cbe6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.312205,VS0,VE723
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 181742
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x863, components 3\012- data
Size:   181742
Md5:    ba8eec17d7f5ffe375001d68128b1eac
Sha1:   d1cda3b17e1292c3ae86d00d7d43e684edba339c
Sha256: 8bb39f9b5d9f4c4807499a741be01c0b13ea4aeb25ac4e9168d68a9a850a550e
                                        
                                            GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: application/octet-stream
                                        
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: "630fc871-168f0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.326928,VS0,VE775
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 37490
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size:   37490
Md5:    6125b44a7376346beaeaf665203032a9
Sha1:   de094bb058daeb4c3a4e8f225eae04184fdff782
Sha256: 98d6f644f58353980a534d3bad4358c141bedf3319de17d33fdf404c776dfe87

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/03/img-15.jpg HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-24a4d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.302704,VS0,VE839
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 150000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x641, components 3\012- data
Size:   150000
Md5:    767ac1bec75ed84975f4c06ab1b97600
Sha1:   cf540baba7f18281d61753439639fc1bd58c058e
Sha256: c660c0df1f95f7a2f2fa470faaf7f95701e126169ad8b8d7dc2b31c38038ed10
                                        
                                            GET /wp-content/uploads/2022/03/it-services-02.jpg HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 26 Mar 2022 19:39:16 GMT
etag: W/"623f6be4-1d8ca"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956267,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 118255
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x863, components 3\012- data
Size:   118255
Md5:    48520b201550d608a11ce1c80ce5e1f5
Sha1:   88de870c796c4b58f75079f835e4a8e0e8004cfc
Sha256: b5a54ca3deda366b897bf6eb008b0a816130a14090a11f7753cf2e48f83bf033
                                        
                                            GET /wp-content/uploads/2022/03/img-06.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sat, 26 Mar 2022 19:39:24 GMT
etag: W/"623f6bec-1a63b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956297,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 108144
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 400 x 282, 8-bit/color RGBA, non-interlaced\012- data
Size:   108144
Md5:    b40f580665a5cd91c8f929f8344386ec
Sha1:   ba4be14de2b179abbc95e66c114e41ba9e0b0324
Sha256: c4b5ed3cdd885a8ff6bd5857ef5946231a92102af23c72115993faf85b31da9f
                                        
                                            GET /wp-content/uploads/2022/05/iStock-1230144854.jpg HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Tue, 17 May 2022 18:26:30 GMT
etag: W/"6283e8d6-8d22b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.311821,VS0,VE1093
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 574132
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Cloud computing technology and online data storage for business network concept. Computer connects to internet server service f, manufacturer=SONY, model=ILCE-7RM3, orientation=upper-left, xresolution=346, yresolution=354, resolutionunit=3, software=Adobe Photoshop CC 2018 (Windows), datetime=2019:11:26 13:38:53], baseline, precision 8, 1253x836, components 3\012- data
Size:   574132
Md5:    fc604371a9ceef4c8c194a4444f7f12f
Sha1:   8e7613d3aff425451d45e5a0147fd0d3b59ee165
Sha256: 6a9453f65cb4e24389b069b9bb0b7514001b0c7da050a52fcb3f83b62e53ec4b
                                        
                                            GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:23:25 GMT
expires: Sat, 04 Nov 2023 22:23:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
age: 854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (590)
Size:   162282
Md5:    05e06c50dab6f3d7f8bfde22301888db
Sha1:   64b3c20c788d298a672fabf9627eac914d95ed08
Sha256: 95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6
                                        
                                            GET /wp-content/uploads/2022/03/img-13.jpg HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 26 Mar 2022 19:39:24 GMT
etag: W/"623f6bec-20fdd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956351,VS0,VE840
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 134587
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x641, components 3\012- data
Size:   134587
Md5:    3b6ff9b8ce269fc18a09f3a43fe9ea0d
Sha1:   be8982fd5930893b5f7d51b8b6ff40dd1f2b40b8
Sha256: 863967c22a58f70a2ce13d893c42934f7be1c659c7383c5dc3c2a19413789310
                                        
                                            GET /wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-32x32.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 05 Jun 2022 13:41:25 GMT
etag: W/"629cb285-a79"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601460.716376,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2709
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2709
Md5:    e4193b13c770170cc10495dbec5aa0aa
Sha1:   5522a7b32387afe379ef04736175e4cb38e2f6c6
Sha256: 49d2d99af4278037ba1089d314cca9d46a9d25d3be324b478c665549afbe9c0f
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Oct 2022 12:31:58 GMT
expires: Sun, 29 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 554742
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 89484
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
                                        
                                            GET /wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-192x192.png HTTP/1.1 
Host: paradigmtc.tech
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.130.159
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 05 Jun 2022 13:41:25 GMT
etag: W/"629cb285-b0f2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:40 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601460.715930,VS0,VE719
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 45288
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   45288
Md5:    e532d5dbae830ee57eec8c2dd059ad51
Sha1:   16daa27ee94ccf051efddf8885a20b0c0ee65020
Sha256: 3614cedfcc2c423e9abeefdfcb2fc3f358f5d601446eddf0302795613c21879a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff96da6f9-536c-48c1-bafa-3f133749368c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5626
x-amzn-requestid: 04db4275-3da4-44dd-abca-a388803d9413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxIGfXIAMFqZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-3f8c4f1b5066f090713f79fc;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: g0juFLitefrFCcE3J6c3Y6ku8a03xfLE_Eno50Aw1TMYDpdIo_tZpw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:10:18 GMT
age: 1646
etag: "c904608373d3e938b09a5ed82a51c2e43f13452d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5626
Md5:    a5b4e91e11387354ae4208f1cc27e4dd
Sha1:   c904608373d3e938b09a5ed82a51c2e43f13452d
Sha256: 2b967cacc0433762c074cfa0e032c2694171d221c004ac9465027a8667f9207f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6228
x-amzn-requestid: 788a9f03-5b3f-446c-a02c-844fe2f07221
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ameKPFJAoAMFy1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd74-15bffc073dae60355b484cbb;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:10:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YN9fqqZ0ZqpXcYQZbi5MXAL2e_jd5aW3qdbsqLUGR7Rhj5-QvP1VxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:14 GMT
age: 1051
etag: "ed51b7d2c443aec199c1605b5ebe2e1e25f287a3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6228
Md5:    b1799c94891598120fab550073379516
Sha1:   ed51b7d2c443aec199c1605b5ebe2e1e25f287a3
Sha256: 5f3f2ffdc992d917d8d3b5890c0ad9810b9699c38e932c0d4d32625346eb87a9