Report - paradigmtc.tech/

Report Overview

Submitted URL
paradigmtc.tech/
IP
151.101.130.159
ASN
#54113 FASTLY
Submitted
2022-11-04 22:37:48
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.0 kB	2.4 kB	93.184.220.29
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	4.4 kB	68 kB	34.120.237.76
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	425 B	1.2 kB	142.250.74.164
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-10T12:47:01Z	441 B	163 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
paradigmtc.tech	unknown	2019-08-05T07:06:42Z	2023-03-09T13:52:46Z	13 kB	1.6 MB	151.101.130.159
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.149.83.187
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	3.5 kB	146 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-04	medium	paradigmtc.tech/	Phishing
2022-11-04	medium	paradigmtc.tech/	Phishing
2022-11-04	medium	paradigmtc.tech/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Phishing
2022-11-04	medium	paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0	Phishing
2022-11-04	medium	paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431	Phishing
2022-11-04	medium	paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-11-04	medium	paradigmtc.tech/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	paradigmtc.tech/	180 B	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-05-10 18:23:19 Times Seen3193 Hash 623d6f59f2a5b2ba62b39858ccdd3989 6a97f16eb9c49657c50eb392d761380915ffd423 dd2c61ba8e6b506df9729d254d5c12b3c0f9de99bb7e5dba5f7e58c15d729f89 Loading...

	www.google.com/recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0	884 B	2023-03-10	2023-03-10
Pretty URL www.google.com/recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20:54 Last Seen2023-03-10 20:20:54 Times Seen1 Hash f6074aa38c9fd47b27a85af5c4b6a6bc 53691841342ee7e2c44dcdfb3670d8ace2ed9902 feca6a706e8f1e6fcd9313a9f5ae28d783c98f3d777b04de6cfe6763074ffc21 Loading...

	paradigmtc.tech/	160 B	2023-03-10	2023-03-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20:55 Last Seen2023-03-10 20:20:55 Times Seen1 Hash 729bfe36d18c5539773952f9fea3b665 d233facd31d686803ad461ec71f455f48b6444ca a7d02385f650e0d95b1a2701f1c8ddeb54eb3910fce0dfc33ee8b94dd15beb35 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&co=aHR0cHM6Ly9wYXJhZGlnbXRjLnRlY2g6NDQz&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=pcn2j5ge6qot	35 kB	2023-03-10	2023-03-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&co=aHR0cHM6Ly9wYXJhZGlnbXRjLnRlY2g6NDQz&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=pcn2j5ge6qot IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20:55 Last Seen2023-03-10 20:20:55 Times Seen1 Hash cdb98ad3908bb79712ad067228d7134c 3435d092502ddcdcde2ffc1f1257d1b1522f4c5d ab9f52d2b6adaa3c231de535ac58b7030e2df9d5450a2b67152dc2cb64273e2b Loading...

	paradigmtc.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 20:32:53 Times Seen69207 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0	6.8 kB	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-05-10 12:26:05 Times Seen908 Hash fe613818cd7f3c64b3ec76afe137910f 18d1d3234b216d233bd27b20cbb4d4800ca0d3d9 7b3a7e4265228a39bea0d22ac1aedb86219a7b521a831827f7f4579ca5ae4156 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&co=aHR0cHM6Ly9wYXJhZGlnbXRjLnRlY2g6NDQz&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=pcn2j5ge6qot	69 B	2023-03-07	2024-05-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&co=aHR0cHM6Ly9wYXJhZGlnbXRjLnRlY2g6NDQz&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=pcn2j5ge6qot IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-10 20:51:45 Times Seen101442 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 18:32:48 Times Seen32122 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js	407 kB	2023-03-10	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 19:41:16 Last Seen2023-03-17 20:01:39 Times Seen1 Hash 35e20d99f31d725cd04ae5c18176a4cb 5388866755fc16c244bebd58fdc732a7035e0818 ac5e804e070b663bb35d913da74cb9d61aa24caa2135d0578f6b1b433b975761 Loading...

	paradigmtc.tech/	1.6 kB	2023-03-10	2023-03-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20:55 Last Seen2023-03-10 20:20:55 Times Seen1 Hash ff3bf2c04e53d210188a732546817f47 59c1036598831e1fa2f5386fcbeb9b0b2dd70c49 0f2b65036d6dbb81f7890eed3a791ef4df240cf3098e9d45795628db8731dcce Loading...

	paradigmtc.tech/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0	274 kB	2023-03-07	2024-05-09
Pretty URL paradigmtc.tech/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:30 Last Seen2024-05-09 16:49:31 Times Seen492 Hash 6d6ec1f94d18006912a150da86408fdb 811ef32e700471c682bdc5904087d7868ace35fb 543abcc9b648e8163b776c15632a566251717566a4d724f9939bef59399eefc4 Loading...

	paradigmtc.tech/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0	1.7 kB	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:04 Last Seen2024-05-10 12:26:05 Times Seen931 Hash 92dc42790a6d4f5f3b673548025baa03 dad0f904f6e712b00004203c93e1c421491cf21b 6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f Loading...

	paradigmtc.tech/	739 B	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:06 Last Seen2024-05-10 17:21:36 Times Seen4295 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	paradigmtc.tech/	4.0 kB	2023-03-10	2023-03-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:20:55 Last Seen2023-03-10 20:20:55 Times Seen1 Hash 7e42edddf07db1db4d60728421e0faff 8c41c50e072e723be3809e89b53a6baa545f6289 3b83c9b65eb14f5a1ba41c9459ae2ec6cfb3456b69f45423ae5bfa0c2f9f84be Loading...

	paradigmtc.tech/	47 B	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/ IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-10 19:35:17 Times Seen6758 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	paradigmtc.tech/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0	1.3 kB	2023-03-07	2024-05-10
Pretty URL paradigmtc.tech/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0 IP 151.101.130.159 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-05-10 18:23:19 Times Seen9670 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

		Size	First Seen	Last Seen
	#1 Eval - ff1314331212e4d13fd2b6998861c9d3	16 kB	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 16:30:12 Last Seen2023-03-11 12:21:36 Times Seen1 Hash ff1314331212e4d13fd2b6998861c9d3 6f53571ca424df8af061f25aa9ad186561b4c907 5e98214e0abbdd815117694f4ba8fa352052ada859b5f327e5d5f65a3166d9a4 Loading...

	#2 Eval - c20bd53af622fb3ad87cc330b49ad0f6	22 kB	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 20:20:55 Last Seen2023-03-11 10:09:28 Times Seen1 Hash c20bd53af622fb3ad87cc330b49ad0f6 75fd9587fb92b0e3b9dee2d810a87b8ca39c039e 08b1e77b8a9f85f60ca6ea8d7abdd89b471c24adf553a0216d04a6fb16dbd899 Loading...

	#3 Eval - ee0d6607e57db1ae7c49fddc02510630	60 B	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 16:30:12 Last Seen2023-03-11 12:21:36 Times Seen1 Hash ee0d6607e57db1ae7c49fddc02510630 4f2bf277608308c08f8373601608d9a730f9f491 dcbc8087c9f3488411409f0a3c9069e6a40b27851598c7a72361e97785aa874d Loading...

	#4 Eval - 3878eb1c8342c8af1fc9e22c4941d113	22 B	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 16:30:12 Last Seen2023-03-11 12:21:36 Times Seen1 Hash 3878eb1c8342c8af1fc9e22c4941d113 4870532987d30cd50b86ab3fdad173321dc4a3e2 94ad18c1a336e08a4bfce57073e3f008391b324ebf524e0e7069827f300b075d Loading...

	#5 Eval - 6a1534750f91bba7ab5b08d3f32ba8fe	22 B	2023-03-10	2023-03-11
Pretty Observations First Seen2023-03-10 16:30:12 Last Seen2023-03-11 12:21:36 Times Seen1 Hash 6a1534750f91bba7ab5b08d3f32ba8fe 118b43efc4ab4f491df62fc1fb0df1e9a7ce3268 76fa5194b42930d151e7569cc0b9f77ea02344fef8104bda49d4318b5b438698 Loading...

HTTP Transactions (66)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8392
Expires: Sat, 05 Nov 2022 00:57:28 GMT
Date: Fri, 04 Nov 2022 22:37:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=129627
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:36 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:38:03 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4018
Cache-Control: max-age=129627
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:36 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:38:03 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2740
Expires: Fri, 04 Nov 2022 23:23:16 GMT
Date: Fri, 04 Nov 2022 22:37:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IakjK7OW1sPWnJIwo5i3DwtW3mWyw/VMmog+e02sw1NyMJgz3qK0mg14UTX15P+/5mpd0f1/pdE=
x-amz-request-id: D7TRYM9VH91HRNZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 21:46:56 GMT
age: 3040
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 22:37:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

paradigmtc.tech/

151.101.130.159

301 Moved Permanently

162 B

URL HTTP/1.1
paradigmtc.tech/
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://paradigmtc.tech/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: lyzqm9wah0
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Fri, 04 Nov 2022 22:37:36 GMT
X-Served-By: cache-bma1645-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1667601456.369514,VS0,VE484
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab2cc5daba3ffd1f80223c99861abdcc
1d70a3f6206fd88e6c5f62d5dab68be1c7339d25
fff765d87a981c61dc2dd1464e0d958044770a0f696c5a7408f2a5804f8b98c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FFF765D87A981C61DC2DD1464E0D958044770A0F696C5A7408F2A5804F8B98C7"
Last-Modified: Thu, 03 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sat, 05 Nov 2022 04:37:16 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 280
Cache-Control: max-age=120830
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:37 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 08:11:27 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.149.83.187

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.83.187:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UTVvlZ0UsY03ii9AaN79uw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CN67cjLyyU1Xcu21wCtvy68wXac=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3718
Expires: Fri, 04 Nov 2022 23:39:35 GMT
Date: Fri, 04 Nov 2022 22:37:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4662 bytes)
Hash
d12961439cd33c86c7b8041ed9d42321
ddb7b18fae0082ce22d8ffa537c7367e1da404a5
d2cc0f7735f04a07c681eb2eae7c52e9f4c75b6d475b3ad4de587899089850a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4662
x-amzn-requestid: 32199e11-d856-4403-ad55-65076eac83ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: amd5UFJQIAMFf-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd08-1761126e37ed504e46896b4d;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Nu2uC3we8aHv4ERvh7QcmiErm4Ax-NNmdWFovpdU9Or9DguzrIcn5g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:00:38 GMT
age: 2219
etag: "ddb7b18fae0082ce22d8ffa537c7367e1da404a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6909 bytes)
Hash
eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wf0k3Di2KCCXHIo68FTdztfEbq_A8t7xCE608dP64CVIdFxSEHTijw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:50 GMT
age: 1007
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11421 bytes)
Hash
2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 80f2a46c-6682-4160-b896-eeaa366dbab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKNF4SoAMFn5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5a5517d005ec7a7d1507b58e;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gdqoswTMqjrfyzzY-103agxLH8ak-rFsCId29eoLOF6WHgFmd04K7g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 08:24:41 GMT
age: 51176
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11427 bytes)
Hash
6ee20d59c5ac266f8eb9c47057271a10
61dc4e78907f114519ff3fdd3c806b36557ab744
2cba117cfe96fa5e1b53981f98d42eb3e5f956083c3435a1d44d1d40784614bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11427
x-amzn-requestid: 0dcc7ef4-d7fa-492e-8ddf-4342b4bc44e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxJGJZoAMFWlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-7c3de2ed509a640f37c52843;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gAHLlJ0JzB6TfEUNw_sCNmrjMK-EX1hZbCY34i99xQok7R-wvcpqug==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 2313
etag: "61dc4e78907f114519ff3fdd3c806b36557ab744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9006 bytes)
Hash
1fc9b492d6cc0a516998cec9fa5dc2a0
1082e5e96362a4960929c59ff1d4d995cb28f40d
3dc82302d8615c615526cc9a828844d291d775d05ff7174f8d6b82b7172b2908

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9006
x-amzn-requestid: 1a0ea36b-a610-485c-be62-b6950288afbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGIVGGG7oAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658753-2fc408853092bf61646b7584;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xdg0glkctHhh3-kmb8HhwEnYjcxchpOLF4DrDIkICI7fSiHpIRPKIw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:07 GMT
age: 1050
etag: "1082e5e96362a4960929c59ff1d4d995cb28f40d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F026ddf6a-a4ad-4c8d-9da5-41a184265e24.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4749 bytes)
Hash
8fd1a79378f8a426e682c599e64e9bdf
d223df60a7340cf3745e981f19c1d3fd9c75d44a
14e3192a87f45d7ed4f809c528e1631bba69e69fc541637574ae3c3f70540408

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F026ddf6a-a4ad-4c8d-9da5-41a184265e24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4749
x-amzn-requestid: d6545893-af81-4e76-bd31-cd80a0658a28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asg4QH3HoAMFX7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b4834-015a8ad175cc388576dcddc5;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:10:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p3tf0WwkKam_wcY3Ik0IJxu_b11GqHoTWyQ4kxl0mtejIfJD14ji0Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:49:43 GMT
age: 2874
etag: "d223df60a7340cf3745e981f19c1d3fd9c75d44a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

paradigmtc.tech/

151.101.130.159

200 OK

37 kB

URL HTTP/2
paradigmtc.tech/
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (28417)
Size
37 kB (37375 bytes)
Hash
2df55fba7cd9ed4530da3dc1932ccdec
5173cbf0c23898b73af9e3e91650665e23d00106
f9cd38f1f96b03977312716a9be73815870c3eef5b7c92d825625ec0085c0601

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://paradigmtc.tech/index.php?rest_route=/>; rel="https://api.w.org/", <https://paradigmtc.tech/index.php?rest_route=/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://paradigmtc.tech/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601457.108780,VS0,VE1091
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 37375
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5de5a7ee16d3f3164758282fbecef0a3
82fb2ac7d306e1f9724adc0ba2ef9e549baa9100
ad55f91c5fb1f872310a5f5777a65b79a338138d241a674449da2e0edde1f2ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21516, version 1.0\012- data
Size
22 kB (21516 bytes)
Hash
90135ea44811b2d9610c33e07068fdb0
84ef1a8343877a598f1c7cbae56f35ded54a1787
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 00:57:19 GMT
expires: Wed, 01 Nov 2023 00:57:19 GMT
cache-control: public, max-age=31536000
age: 337219
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sharetech/v17/7cHtv4Uyi5K0OeZ7bohU8H0JmA.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/sharetech/v17/7cHtv4Uyi5K0OeZ7bohU8H0JmA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15048, version 1.0\012- data
Size
15 kB (15048 bytes)
Hash
063f996268878af20d0bdfdd36a36192
17a5167b520261d8963a2dc95e4c8a930bf33a93
0907d6045312b73d5afdb7c6b7bfff8dd5eaab56dbcf6ba7d72dfc6af118d8ef

HTTP Headers

GET /s/sharetech/v17/7cHtv4Uyi5K0OeZ7bohU8H0JmA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 15:26:41 GMT
expires: Wed, 01 Nov 2023 15:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:07:21 GMT
content-type: font/woff2
age: 285057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22084, version 1.0\012- data
Size
22 kB (22084 bytes)
Hash
bab4daa6bec06781aa7262eca0be0ed4
b896fcea50433114a0433c9c8117677a875f1116
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 22:42:01 GMT
expires: Tue, 31 Oct 2023 22:42:01 GMT
cache-control: public, max-age=31536000
age: 345337
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

216.58.207.195

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Size
22 kB (22212 bytes)
Hash
e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 00:57:59 GMT
expires: Wed, 01 Nov 2023 00:57:59 GMT
cache-control: public, max-age=31536000
age: 337179
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff

216.58.207.195

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format, TrueType, length 27520, version 1.1\012- data
Size
28 kB (27520 bytes)
Hash
cd247306809a5a4ddcfee4e2681aa03b
1aaa3efe7fc2cf5ccd75d4c67e1bf05e5041af3b
925be42fa3c0ca5ea75cd203804c3f6c717407e44010e1b63ed2c951bacc1849

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 21:46:13 GMT
expires: Tue, 31 Oct 2023 21:46:13 GMT
cache-control: public, max-age=31536000
age: 348685
last-modified: Mon, 15 Aug 2022 18:14:58 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0

142.250.74.164

200 OK

585 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
585 B (585 bytes)
Hash
a9f34cc8285f1de599857e04a45e5f51
a4c8c0300f9cb3a108921cb08117551f4a641476
1f319cf67adeb694445ec0546949e7026600f01dcdcaf7e5f35d1024a18adc01

HTTP Headers

GET /recaptcha/api.js?render=6LdGuXIgAAAAACJGm32izunc6HaFrsom6ilrmRIS&ver=4.18.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 04 Nov 2022 22:37:38 GMT
date: Fri, 04 Nov 2022 22:37:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/line-icons-76.png

151.101.130.159

200 OK

1.1 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/line-icons-76.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 84 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1103 bytes)
Hash
62b857ad906b32ccbba300242df66db7
2ac01f4dbb769d64f0c4c677bd7fed76c92df07f
d50a0b1be44b103b12485d62edf5c22d90f0a39be683a20458a88e2bca7ffe32

HTTP Headers

GET /wp-content/uploads/2022/03/line-icons-76.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-435"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.299674,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1103
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0

151.101.130.159

200 OK

741 B

URL HTTP/2
paradigmtc.tech/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
741 B (741 bytes)
Hash
14a888630ed8d3ef1f4c247914244f0d
07d3b023c36b7bbd6f0a2769f741ca77f7eb9ed4
c5535044b82ef2b3996d364d8c857c9decfb4337a5ca5c4cd74368d2684a4125

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=4.18.0 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 20:45:38 GMT
etag: W/"630fc872-6a0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.308904,VS0,VE126
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 741
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 22:37:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

paradigmtc.tech/wp-content/uploads/2022/03/line-icons-53.png

151.101.130.159

200 OK

1.1 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/line-icons-53.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1120 bytes)
Hash
cba23389e53512624d442852f1d7b70a
6e050dc3ea5b6634351222112f85ec2778913821
4b9c5363d34babfb95093aebb5fba1bbd9fa6c6ca3a9850aabc94ece69e3c03d

HTTP Headers

GET /wp-content/uploads/2022/03/line-icons-53.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-444"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.296098,VS0,VE358
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1120
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/lifesaver_64px.png

151.101.130.159

200 OK

2.0 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/lifesaver_64px.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2048 bytes)
Hash
6d51f4efc9e29416e1cce6e9bf04b686
7147e62ea3125df2aa9d45062e54618f22258a89
437b6f341eae2790473b30b3f74c6ab9f7de630c04a91e482f92132c42e71320

HTTP Headers

GET /wp-content/uploads/2022/03/lifesaver_64px.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-7e9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.296452,VS0,VE362
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2048
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/global_64px.png

151.101.130.159

200 OK

2.1 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/global_64px.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2079 bytes)
Hash
40a6703c6896589c6511772f325d6406
32ec5aada262dd0b73e6a6df6abd2dceef193127
209978024b004567f63bc3a956a05f3ef8e1e68657db311fd263982a6117d5bc

HTTP Headers

GET /wp-content/uploads/2022/03/global_64px.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-808"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.298822,VS0,VE362
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2079
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/layers_64px.png

151.101.130.159

200 OK

1.2 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/layers_64px.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1233 bytes)
Hash
aa5326e27ec971690f7263c4b99672fa
34f67fcdccdf780fa9267e4018d2a9452d81d17d
ae2894c636a0fe6635d4c7ef0338656705f3f33b30553d26abf80e136634ab3a

HTTP Headers

GET /wp-content/uploads/2022/03/layers_64px.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:18 GMT
etag: W/"623f6be6-4b5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.297168,VS0,VE366
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1233
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/05/unnamed-9.png

151.101.130.159

200 OK

23 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/05/unnamed-9.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 271 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
23 kB (23074 bytes)
Hash
4c22695f4109f9c3d01b89aedb696121
c59fc4a1f571cf5acf559673e1afd8db06da8830
78f0a7a54c683608a96e5d8c60a0d102ccb7b3eaa251b909c9e9a019999b9e94

HTTP Headers

GET /wp-content/uploads/2022/05/unnamed-9.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 04 May 2022 17:12:07 GMT
etag: W/"6272b3e7-5a06"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.295438,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23074
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/et-cache/8/et-divi-dynamic-8.css?ver=1666467430

151.101.130.159

200 OK

9.2 kB

URL HTTP/2
paradigmtc.tech/wp-content/et-cache/8/et-divi-dynamic-8.css?ver=1666467430
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (39491)
Size
9.2 kB (9158 bytes)
Hash
bf359cacda14e8620d885de307de4f5a
ad25c9937658284811ae3d72386929249729e568
b0ea20be510e98be4624dfc7199c18219edb4a5587db5170b867a1dc67d58cf5

HTTP Headers

GET /wp-content/et-cache/8/et-divi-dynamic-8.css?ver=1666467430 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 19:37:10 GMT
etag: W/"63544666-1932a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.290784,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9158
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/line-icons-35.png

151.101.130.159

200 OK

831 B

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/line-icons-35.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 54 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
831 B (831 bytes)
Hash
76b418cf38b4341c9b7217209550893b
f80215b776cab488d587fd6001e7a661459461b7
2b39c8d642b9c0c79697aa0368a8ad9c82e5bbd068ac2ed529bb71204ba5c154

HTTP Headers

GET /wp-content/uploads/2022/03/line-icons-35.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-328"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.301205,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 831
X-Firefox-Spdy: h2

paradigmtc.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

151.101.130.159

200 OK

4.4 kB

URL HTTP/2
paradigmtc.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (11126)
Size
4.4 kB (4405 bytes)
Hash
24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307305,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2

paradigmtc.tech/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

151.101.130.159

200 OK

14 kB

URL HTTP/2
paradigmtc.tech/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43771)
Size
14 kB (13906 bytes)
Hash
1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.310716,VS0,VE479
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0

151.101.130.159

200 OK

2.8 kB

URL HTTP/2
paradigmtc.tech/wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6498)
Size
2.8 kB (2814 bytes)
Hash
5f04ddae91b4e3988160999051f29845
81326047bddfdf1738d22ba37cb88251094351d5
d2249e6da91e7c3a8a52a8a0ce157e5d81dbc8bc2835fd05f671b2c8d5a97bba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/es6-promise.auto.min.js?ver=4.18.0 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: W/"630fc871-1aa1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307273,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2814
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/it-services-03.png

151.101.130.159

200 OK

8.1 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/it-services-03.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 540 x 540, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8105 bytes)
Hash
0fc0f776a76af4dbf1b95a5733ff7796
21966075315e084e89431e00905c0c0b6acf88dd
43ab913e51c08937c0eb8cdcf9491b3679622032ab852239ed18270d59fe3fad

HTTP Headers

GET /wp-content/uploads/2022/03/it-services-03.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:22 GMT
etag: W/"623f6bea-1fd1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307346,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8105
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/quote-dark.png

151.101.130.159

200 OK

795 B

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/quote-dark.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
795 B (795 bytes)
Hash
f00914f2c36e5d8cb87c2f7be1ffff4c
e608e0d4a5f5a18f058a0aedb4b6a1e2bf369bf9
3129c5ddcfcc125454c8dce7367eb59db4a084a5ff97817177f70c9d8983f270

HTTP Headers

GET /wp-content/uploads/2022/03/quote-dark.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:25 GMT
etag: W/"623f6bed-304"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.313296,VS0,VE481
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 795
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0

151.101.130.159

200 OK

582 B

URL HTTP/2
paradigmtc.tech/wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text
Size
582 B (582 bytes)
Hash
8de6a3b5983f9934d6a8b881305d7d72
37914cb4c9bc34e3291288e7f13d87380ce81436
85fcd0273ca1fe2eae86e389e7cfe68ec42ac0ce4c53092b9083e35f66aae3f0

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.18.0 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: W/"630fc871-53f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.309296,VS0,VE486
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 582
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/quote-light.png

151.101.130.159

200 OK

921 B

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/quote-light.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
921 B (921 bytes)
Hash
cd911b7c22e584aa96dc041a6bb1cb0d
c72f099bdad47012b6919f034715c5a289bff420
9c346ee4c294b5992f15bcb47a8e37bde98b7ce14ba4a65fa3a7bdb5a2bb07a1

HTTP Headers

GET /wp-content/uploads/2022/03/quote-light.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:25 GMT
etag: W/"623f6bed-382"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.312759,VS0,VE485
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 921
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431

151.101.130.159

200 OK

2.5 kB

URL HTTP/2
paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (15540), with no line terminators
Size
2.5 kB (2454 bytes)
Hash
bf99fe93b0c1282e3b9f01ed580a1258
b1e45e95675e2aeb1887488961d1b5ae55e83515
691484ed31c164331c9f83e0bed2390db4d76a45ac4b3d086acde067367d8e25

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 22 Oct 2022 19:37:11 GMT
etag: W/"63544667-3cb4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.291354,VS0,VE564
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2454
X-Firefox-Spdy: h2

paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

151.101.130.159

200 OK

34 kB

URL HTTP/2
paradigmtc.tech/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65447)
Size
34 kB (34060 bytes)
Hash
22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: lyzqm9wah0
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:38 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307321,VS0,VE611
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0

151.101.130.159

200 OK

79 kB

URL HTTP/2
paradigmtc.tech/wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65467)
Size
79 kB (79388 bytes)
Hash
7d6061b3b8527ba1a3ad6005c8c3fb09
b050c15be92ef41042011f5365a5301f5fdd378f
6efe0953674c1e43c8a5823f7a6b2e5ed0d96fbed517d51111e975315e0f536b

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.18.0 HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 20:45:43 GMT
etag: W/"630fc877-42e58"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.307276,VS0,VE726
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 79388
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/it-services-04.jpg

151.101.130.159

200 OK

182 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/it-services-04.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x863, components 3\012- data
Size
182 kB (181742 bytes)
Hash
ba8eec17d7f5ffe375001d68128b1eac
d1cda3b17e1292c3ae86d00d7d43e684edba339c
8bb39f9b5d9f4c4807499a741be01c0b13ea4aeb25ac4e9168d68a9a850a550e

HTTP Headers

GET /wp-content/uploads/2022/03/it-services-04.jpg HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 26 Mar 2022 19:39:20 GMT
etag: W/"623f6be8-2cbe6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.312205,VS0,VE723
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 181742
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf

151.101.130.159

200 OK

38 kB

URL HTTP/2
paradigmtc.tech/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size
38 kB (37490 bytes)
Hash
6125b44a7376346beaeaf665203032a9
de094bb058daeb4c3a4e8f225eae04184fdff782
98d6f644f58353980a534d3bad4358c141bedf3319de17d33fdf404c776dfe87

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Wed, 31 Aug 2022 20:45:37 GMT
etag: "630fc871-168f0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.326928,VS0,VE775
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 37490
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/img-15.jpg

151.101.130.159

200 OK

150 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/img-15.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x641, components 3\012- data
Size
150 kB (150000 bytes)
Hash
767ac1bec75ed84975f4c06ab1b97600
cf540baba7f18281d61753439639fc1bd58c058e
c660c0df1f95f7a2f2fa470faaf7f95701e126169ad8b8d7dc2b31c38038ed10

HTTP Headers

GET /wp-content/uploads/2022/03/img-15.jpg HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 26 Mar 2022 19:39:19 GMT
etag: W/"623f6be7-24a4d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.302704,VS0,VE839
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 150000
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/it-services-02.jpg

151.101.130.159

200 OK

118 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/it-services-02.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x863, components 3\012- data
Size
118 kB (118255 bytes)
Hash
48520b201550d608a11ce1c80ce5e1f5
88de870c796c4b58f75079f835e4a8e0e8004cfc
b5a54ca3deda366b897bf6eb008b0a816130a14090a11f7753cf2e48f83bf033

HTTP Headers

GET /wp-content/uploads/2022/03/it-services-02.jpg HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 26 Mar 2022 19:39:16 GMT
etag: W/"623f6be4-1d8ca"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956267,VS0,VE359
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 118255
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/img-06.png

151.101.130.159

200 OK

108 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/img-06.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 400 x 282, 8-bit/color RGBA, non-interlaced\012- data
Size
108 kB (108144 bytes)
Hash
b40f580665a5cd91c8f929f8344386ec
ba4be14de2b179abbc95e66c114e41ba9e0b0324
c4b5ed3cdd885a8ff6bd5857ef5946231a92102af23c72115993faf85b31da9f

HTTP Headers

GET /wp-content/uploads/2022/03/img-06.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 26 Mar 2022 19:39:24 GMT
etag: W/"623f6bec-1a63b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956297,VS0,VE480
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 108144
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/05/iStock-1230144854.jpg

151.101.130.159

200 OK

574 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/05/iStock-1230144854.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Cloud computing technology and online data storage for business network concept. Computer connects to internet server service f, manufacturer=SONY, model=ILCE-7RM3, orientation=upper-left, xresolution=346, yresolution=354, resolutionunit=3, software=Adobe Photoshop CC 2018 (Windows), datetime=2019:11:26 13:38:53], baseline, precision 8, 1253x836, components 3\012- data
Size
574 kB (574132 bytes)
Hash
fc604371a9ceef4c8c194a4444f7f12f
8e7613d3aff425451d45e5a0147fd0d3b59ee165
6a9453f65cb4e24389b069b9bb0b7514001b0c7da050a52fcb3f83b62e53ec4b

HTTP Headers

GET /wp-content/uploads/2022/05/iStock-1230144854.jpg HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 17 May 2022 18:26:30 GMT
etag: W/"6283e8d6-8d22b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601458.311821,VS0,VE1093
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 574132
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js

142.250.74.163

200 OK

162 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (590)
Size
162 kB (162282 bytes)
Hash
05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6

HTTP Headers

GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paradigmtc.tech
Connection: keep-alive
Referer: https://paradigmtc.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:23:25 GMT
expires: Sat, 04 Nov 2023 22:23:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/03/img-13.jpg

151.101.130.159

200 OK

135 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/03/img-13.jpg
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x641, components 3\012- data
Size
135 kB (134587 bytes)
Hash
3b6ff9b8ce269fc18a09f3a43fe9ea0d
be8982fd5930893b5f7d51b8b6ff40dd1f2b40b8
863967c22a58f70a2ce13d893c42934f7be1c659c7383c5dc3c2a19413789310

HTTP Headers

GET /wp-content/uploads/2022/03/img-13.jpg HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/wp-content/et-cache/8/et-core-unified-deferred-8.min.css?ver=1666467431
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 26 Mar 2022 19:39:24 GMT
etag: W/"623f6bec-20fdd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601459.956351,VS0,VE840
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 134587
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-32x32.png

151.101.130.159

200 OK

2.7 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-32x32.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2709 bytes)
Hash
e4193b13c770170cc10495dbec5aa0aa
5522a7b32387afe379ef04736175e4cb38e2f6c6
49d2d99af4278037ba1089d314cca9d46a9d25d3be324b478c665549afbe9c0f

HTTP Headers

GET /wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-32x32.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 05 Jun 2022 13:41:25 GMT
etag: W/"629cb285-a79"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:39 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601460.716376,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2709
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Oct 2022 12:31:58 GMT
expires: Sun, 29 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 554742
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 89484
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

paradigmtc.tech/wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-192x192.png

151.101.130.159

200 OK

45 kB

URL HTTP/2
paradigmtc.tech/wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-192x192.png
IP
151.101.130.159:0
ASN
#54113 FASTLY

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45288 bytes)
Hash
e532d5dbae830ee57eec8c2dd059ad51
16daa27ee94ccf051efddf8885a20b0c0ee65020
3614cedfcc2c423e9abeefdfcb2fc3f358f5d601446eddf0302795613c21879a

HTTP Headers

GET /wp-content/uploads/2022/06/cropped-Screen-Shot-2022-06-05-at-8.40.36-AM-192x192.png HTTP/1.1
Host: paradigmtc.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradigmtc.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 05 Jun 2022 13:41:25 GMT
etag: W/"629cb285-b0f2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: lyzqm9wah0
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 04 Nov 2022 22:37:40 GMT
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667601460.715930,VS0,VE719
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 45288
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff96da6f9-536c-48c1-bafa-3f133749368c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5626 bytes)
Hash
a5b4e91e11387354ae4208f1cc27e4dd
c904608373d3e938b09a5ed82a51c2e43f13452d
2b967cacc0433762c074cfa0e032c2694171d221c004ac9465027a8667f9207f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff96da6f9-536c-48c1-bafa-3f133749368c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5626
x-amzn-requestid: 04db4275-3da4-44dd-abca-a388803d9413
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxIGfXIAMFqZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-3f8c4f1b5066f090713f79fc;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: g0juFLitefrFCcE3J6c3Y6ku8a03xfLE_Eno50Aw1TMYDpdIo_tZpw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:10:18 GMT
age: 1646
etag: "c904608373d3e938b09a5ed82a51c2e43f13452d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6228 bytes)
Hash
b1799c94891598120fab550073379516
ed51b7d2c443aec199c1605b5ebe2e1e25f287a3
5f3f2ffdc992d917d8d3b5890c0ad9810b9699c38e932c0d4d32625346eb87a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6228
x-amzn-requestid: 788a9f03-5b3f-446c-a02c-844fe2f07221
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ameKPFJAoAMFy1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd74-15bffc073dae60355b484cbb;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:10:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YN9fqqZ0ZqpXcYQZbi5MXAL2e_jd5aW3qdbsqLUGR7Rhj5-QvP1VxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:14 GMT
age: 1051
etag: "ed51b7d2c443aec199c1605b5ebe2e1e25f287a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations