Overview

URLparamountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin
IP 160.153.136.3 (Netherlands)
ASN#21501 Host Europe GmbH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-13 01:21:24 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-27 01:58:08 UTC 2022-10-12 23:14:05 UTC 54.230.111.65
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-12 04:58:51 UTC 34.117.237.239
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-10-12 05:18:12 UTC 192.124.249.41
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-12 19:59:18 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-12 05:00:17 UTC 35.165.41.15
events.api.secureserver.net (3) 125179 2020-06-23 03:18:34 UTC 2022-10-12 20:58:30 UTC 104.84.152.186
r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-12 04:58:09 UTC 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-12 04:58:20 UTC 34.160.144.191
paramountsite.com (10) 0 2017-01-29 12:11:43 UTC 2022-10-13 00:19:45 UTC 160.153.136.3 Unknown ranking
img1.wsimg.com (36) 9893 2012-06-20 14:42:31 UTC 2022-10-12 07:29:27 UTC 23.36.79.16
img6.wsimg.com (2) 15438 2020-02-20 07:56:58 UTC 2022-10-12 11:48:03 UTC 23.36.79.16
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-12 12:13:11 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-13 2 paramountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin Malware
2022-10-13 2 paramountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin Malware
2022-10-13 2 paramountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 160.153.136.3
Date UQ / IDS / BL URL IP
2022-10-16 08:59:57 +0000 0 - 0 - 2 oseldesigns.com/ 160.153.136.3
2022-10-16 07:50:01 +0000 0 - 0 - 14 dreamfestival.org/ 160.153.136.3
2022-10-13 01:21:24 +0000 0 - 0 - 3 paramountsite.com/wp-content/old/old-inner/ne (...) 160.153.136.3
2022-10-12 17:21:12 +0000 0 - 0 - 4 ihaveaheart.org/download/invoice.zip 160.153.136.3
2022-10-12 12:30:49 +0000 0 - 0 - 3 ihaveaheart.org/download/invoice.zip 160.153.136.3


Last 5 reports on ASN: Host Europe GmbH
Date UQ / IDS / BL URL IP
2023-01-27 13:55:05 +0000 0 - 0 - 1 www.time4unow.com/wp-content/file.exe 160.153.129.228
2023-01-27 12:23:13 +0000 0 - 0 - 3 acellr.co.uk/20201027-50207388.jar 160.153.128.6
2023-01-27 10:57:09 +0000 0 - 2 - 3 m-ainsurance.com/wp-admin/M4ezdm1UfI/ 160.153.133.116
2023-01-27 10:45:51 +0000 0 - 0 - 1 www.time4unow.com/wp-content/file.exe 160.153.129.228
2023-01-27 09:14:34 +0000 0 - 0 - 3 acellr.co.uk/20201027-50207388.jar 160.153.128.6


Last 1 reports on domain: paramountsite.com
Date UQ / IDS / BL URL IP
2022-10-13 01:21:24 +0000 0 - 0 - 3 paramountsite.com/wp-content/old/old-inner/ne (...) 160.153.136.3


No other reports with similar screenshot

JavaScript

Executed Scripts (32)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (67)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 00:49:28 GMT
Expires: Thu, 13 Oct 2022 01:32:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 259wLaUZLtT20GHHW7MgmiMM8ce9V8wYumc2rhBxtLBfQcwnRSgi7A==
Age: 1905


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1aac651ec250c598683dd17ca2002c07
Sha1:   11595ac82e017f95190c2a36dc77323a3fedcbfc
Sha256: 93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7948
Expires: Thu, 13 Oct 2022 03:33:41 GMT
Date: Thu, 13 Oct 2022 01:21:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6326
Expires: Thu, 13 Oct 2022 03:06:39 GMT
Date: Thu, 13 Oct 2022 01:21:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: bS+Z9fP6Fx6MLHjCkjtxJgdear66RrdXHnw63D03ZUo7oQvocUztIKMx1OWpdcOfXn7nhPxUHi4=
x-amz-request-id: 2FA5DGYPHBMYSQ5R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 01:01:30 GMT
age: 1183
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /wp-content/old/old-inner/new_inquiry_for_new_po.bin HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         160.153.136.3
HTTP/1.1 301 Moved Permanently
                                        
location: https://paramountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin
Vary: Accept-Encoding
Server: DPS/1.13.2
X-SiteId: 4000
Set-Cookie: dps_site_id=4000; path=/
Date: Thu, 13 Oct 2022 01:21:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 13 Oct 2022 01:21:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 13 Oct 2022 01:21:13 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 12 Oct 2022 20:42:54 GMT
Expires: Thu, 13 Oct 2022 20:42:54 GMT
ETag: "aab54e7b51adbd124d64beac09a18ceeecb6cd8c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    3b0c83baba32ba54cbfe97e110c2f5f4
Sha1:   aab54e7b51adbd124d64beac09a18ceeecb6cd8c
Sha256: 61c45d1d7a2c3253fbbb15db7c45e6f6fcd9b8da8168c7cc64c6afc76d8e56d0
                                        
                                            GET /gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 21580
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:45:48 GMT
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21580, version 1.0\012- data
Size:   21580
Md5:    b1069b2da48b09e8b2ae9bea3149d4f8
Sha1:   59bfdf6085ab045c59ae17a35ca4903f323875f5
Sha256: b51f996c642e725d6d8a2cca37f6851c8b37bc815ca2ea878243e4dff07fc6c8
                                        
                                            GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 302 Found
                                        
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Thu, 13 Oct 2022 01:51:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 46524
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            GET /ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 91118
x-version: 0.7.1+sha-f8fdc16
etag: "a5944cab21058778f1a53c971bfc02a6"
last-modified: Mon, 08 Aug 2022 21:10:51 GMT
x-amzn-trace-id: Root=1-62f17bda-4610546c7fa2ce12182248c5
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (63425)
Size:   91118
Md5:    6ad42859c8009ab8deb5cd3aed417cfe
Sha1:   5785e0b6b9593d59e7558ea7bbe5c5a2df95d71e
Sha256: b653982386e0a54f939b7ed0f3b40ec7207bcb959bd5df86aa8c6c2d2815481b
                                        
                                            GET /gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 13300
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:50:06 GMT
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13300, version 1.0\012- data
Size:   13300
Md5:    35393539e40080bba12ff64b28fcf726
Sha1:   8093329baec8b4437ce00b30a1239494ec0de74f
Sha256: abfec0f6467788d35569c3de87958f4676f1ad98e944c31bb22c47a05972508e
                                        
                                            GET /traffic-assets/js/tccl.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Referer: https://paramountsite.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js
cache-control: max-age=1800
expires: Thu, 13 Oct 2022 01:51:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 13 Oct 2022 00:29:41 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 00:49:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f80mUVMxJNa3cB2bgLTyp9HOiv4dI9pNGtok8H3kbel2meZ9Fbmg1Q==
Age: 3093


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wrhs/362d20193a8fed115f99b16a157b7fc4/tccl.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://paramountsite.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "362d20193a8fed115f99b16a157b7fc4"
last-modified: Mon, 11 Apr 2022 14:15:53 GMT
vary: Accept-Encoding
x-amz-id-2: 73c+ZpWNgBh9xtilh6Nj22iH/BmUfkHwAgj9PgWHmvdTmSCUhi96da6Ell5SKHaif06RANK80zY=
x-amz-request-id: N5JSXGJTVEFZM8E9
x-amz-server-side-encryption: AES256
x-amz-version-id: Z0H0F1CdjRUI_nRMydHHi17Rv0HOw5tB
content-length: 11155
x-edgeconnect-midmile-rtt: 15, 15
x-edgeconnect-origin-mex-latency: 135, 135
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Thu, 13 Oct 2022 01:21:14 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45500)
Size:   11155
Md5:    1ac00b5d5abfa64175a140de3f29a8e2
Sha1:   c07c5611cfff3ec4c7034134e4148f177242908c
Sha256: 65198366099c4eea2ed8a4dbe30fbb7896435a3505c5265260715d3385058378
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3055
Cache-Control: max-age=113790
Date: Thu, 13 Oct 2022 01:21:14 GMT
Etag: "63467599-1d7"
Expires: Fri, 14 Oct 2022 08:57:44 GMT
Last-Modified: Wed, 12 Oct 2022 08:06:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:514,h:200,cg:true,m/cr=w:514,h:200/qt=q:95 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 14200
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://paramountsite.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 807970275
x-width: 514
x-height: 200
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
edge-cache-tag: /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:514,h:200,cg:true,m/cr=w:514,h:200/qt=q:95
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   14200
Md5:    10e9c90898a6247e0776f41507316de3
Sha1:   901c8564bc29245db3b35082911e540274c94987
Sha256: d2cf58badb70c8d642665f2c7de68f6712b02e1aa5b6b313cb7a5e8951244b2a
                                        
                                            GET /blobby/go/483affd3-dfef-42a1-9be5-1333180f13f8/gpub/d2df5a7fe0472599/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 6052
x-version: 0.7.1+sha-f8fdc16
etag: "ad4a30688c0a2f6520e0a417877379fd"
last-modified: Wed, 10 Aug 2022 14:59:34 GMT
x-amzn-trace-id: Root=1-62f3c7d5-1513a1ca37d7d22843a458cb
x-forwarded-port: 443
x-forwarded-for: 50.63.4.66
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6326)
Size:   6052
Md5:    4f7d543d7b45a822fb1a84534393caa0
Sha1:   ff56d458317d402f20f14e103600c8574601644c
Sha256: 08c71de8be00f80a78eb7c7ce145157ae75ad1d9463edc7820dedf1c6f3692ad
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mTD+hQds48bVzNGOvaM9Yg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.165.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MOg1f5BDxlhU3lKrHEagGSl52R8=

                                        
                                            GET /blobby/go/483affd3-dfef-42a1-9be5-1333180f13f8/gpub/14886a926d42bb36/script.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 14718
x-version: 0.7.1+sha-f8fdc16
etag: "44105172de4675f0f098f883e4103075"
last-modified: Wed, 10 Aug 2022 14:59:34 GMT
x-amzn-trace-id: Root=1-62f3c7d5-53a78a8f430c9bb75f4b1e43
x-forwarded-port: 443
x-forwarded-for: 50.63.4.66
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50909)
Size:   14718
Md5:    cea0c6bda892cc851c187d0563679a98
Sha1:   bb37e2af4630b107b79b199f968239e2af399363
Sha256: 3ba3d5e535e6f6170bf78d2f19662f88b10a5abc3d9795e55d3954c38ebaabdc
                                        
                                            GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 302 Found
                                        
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Thu, 13 Oct 2022 01:51:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-layout23-Theme-publish-Theme-51b93317.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4869
x-version: 0.7.1+sha-f8fdc16
etag: "d285a682ec2a7d6df149dcf78e89897f"
last-modified: Tue, 04 Jan 2022 03:20:40 GMT
x-amzn-trace-id: Root=1-61d3bd07-53263a691cbd8abd6d406960
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18010)
Size:   4869
Md5:    3bd3a08280dfbb45c0ad66ead10d7573
Sha1:   a1c6d6754f47326dcc46071c1e6b4e6017c0c664
Sha256: 4246675aa31b8db1cc5e5df708874893a9f5f248006b8cad7f07275e50f4e131
                                        
                                            GET /blobby/go/static/radpack/@widget/MESSAGING/bs-Component-3fa47963.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3876
x-version: 0.7.1+sha-f8fdc16
etag: "e135455abac1e365c75acb29427be2bd"
last-modified: Wed, 30 Mar 2022 21:06:30 GMT
x-amzn-trace-id: Root=1-6244c654-23bec5f97d8cb44d046c9a3f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13449)
Size:   3876
Md5:    ef73a2ad26978dc129780e9fa8b56fbf
Sha1:   a27b1e38a9b0a8a64eadac394393b44c34514433
Sha256: 31a27befad2953d262687734a98ecef2a590a1871ac87e093360ef29735381d2
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-_rollupPluginBabelHelpers-5f52e4cb.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 377
x-version: 0.7.1+sha-f8fdc16
etag: "4a37f23cb638c625fc8451584283e359"
last-modified: Mon, 08 Aug 2022 18:52:52 GMT
x-amzn-trace-id: Root=1-62f15b83-003dc2ab5af787e05b944251
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (516)
Size:   377
Md5:    be5e2df437d04bbce03ff30557c0aa95
Sha1:   8ca469e5c8909868faa643aaa2b5219408de5775
Sha256: 1aa251af840640b303d7ec6f283cd279a270f4e0e383bb20d00bcc261f8b0170
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index-d15d4cb0.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 579
x-version: 0.7.1+sha-f8fdc16
etag: "f806faab29346709aa36f154927b3ac6"
last-modified: Thu, 14 Oct 2021 23:04:34 GMT
x-amzn-trace-id: Root=1-6168b781-363fae662be9e06319f5a063
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (829)
Size:   579
Md5:    a35fc2506c2f855bb96a61b6699268e7
Sha1:   b70a15c22c5bb0f41deba263468e5ffd462a2ec7
Sha256: 3957ccba82ae77c1f4b8241fdd2b10eb226d001b9280b5a928581c7e38cd3267
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index2-5a810c82.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 713
x-version: 0.7.1+sha-f8fdc16
etag: "da82f14f261b7847fc0bc55dac30a9b3"
last-modified: Mon, 13 Dec 2021 22:59:04 GMT
x-amzn-trace-id: Root=1-61b7d037-31e2e89a06b12bc27efaa2ca
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1352)
Size:   713
Md5:    bd42473bb0a3a779c914acfc4f145dc8
Sha1:   6387121e6d129824962b8eceb8d87164860129fe
Sha256: e75a09ece643bd3d554ff8f6aa8939a64e48da7f355be43760ea7149bf4b9049
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-index3-98b416a8.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 58295
x-version: 0.7.1+sha-f8fdc16
etag: "e0201f84421293da324b0057e86fe74a"
last-modified: Thu, 28 Jul 2022 19:30:36 GMT
x-amzn-trace-id: Root=1-62e2e3db-723b36273c4dfffd08f32895
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   58295
Md5:    30e057d7f362544072a7e35362837c34
Sha1:   077e2d7cc1698cb80211ed8546c93d1aa9000dbc
Sha256: 1de499780b54db25dfd9fc1d77202d511a5175ea63c8aa17037cb5556750ad22
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-legacyOverrides-17961cd1.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 259
x-version: 0.7.1+sha-f8fdc16
etag: "e0dd176c6926b0363adaf4f9aaef6ee1"
last-modified: Thu, 14 Oct 2021 23:04:42 GMT
x-amzn-trace-id: Root=1-6168b789-7229267e4f6e6dbd7af15ccd
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   259
Md5:    bc9c212a6b8e5e57c4039ee03f678dca
Sha1:   faad2097fec9e72939280373c79797111c78dc65
Sha256: 669578ac5ebdf9dd13f8bb4c82425dc4f79280e2e82766f6a19cf6c3aa83bbb6
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-loaders-fffeeba5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 740
x-version: 0.7.1+sha-f8fdc16
etag: "852cbc5322260e00b44f2c682f88b2c7"
last-modified: Thu, 14 Oct 2021 23:04:41 GMT
x-amzn-trace-id: Root=1-6168b788-04e31f272fd746490d747855
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3043)
Size:   740
Md5:    ef933bdbde5407473165c8076c400033
Sha1:   a4ed7ffc21e649f1a7463021892a1f7d7ef8275b
Sha256: c7a5729828eef458dec3177ba83479f77c11ef943d44d407fa8d82067d3afb83
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-minimalSocialIconPack-367b65a4.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 6724
x-version: 0.7.1+sha-f8fdc16
etag: "5fd30bb38eba06e3522ae28610ac8c74"
last-modified: Thu, 14 Oct 2021 23:04:38 GMT
x-amzn-trace-id: Root=1-6168b785-0155fcbf6cbeb78d408f219e
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19615)
Size:   6724
Md5:    4ce2ee26b7bfd92534ac48544ac05330
Sha1:   76ac71090fcbe1f2192fab56a5a312c2ea4b7f72
Sha256: b7faa0c6048431108b5c1ec65a3cb7c674e3618f16fbd0c39318307a3137ad41
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/form/formIdentifiers-8d1eb835.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 324
x-version: 0.7.1+sha-f8fdc16
etag: "ec47357ab58887161e840b985bc1cc3f"
last-modified: Fri, 30 Apr 2021 14:43:26 GMT
x-amzn-trace-id: Root=1-608c178d-0826f8bc5e97bb3f00eba013
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (367)
Size:   324
Md5:    782912a843de912c919a44d1df9da02c
Sha1:   de61b203330dc65b194cb1713147dafac47ecef4
Sha256: 11d76cdfc038467e7e856419d8e7367eb40a2af1c518c17c724b9120786a79e5
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/common/constants/traffic2-f4096148.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 430
x-version: 0.7.1+sha-f8fdc16
etag: "56b37779e560b1f33dae335fcdf417e5"
last-modified: Tue, 01 Dec 2020 17:54:55 GMT
x-amzn-trace-id: Root=1-5fc6836e-274d6c4c70fec5b058af7bae
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (651)
Size:   430
Md5:    2bd483e0e1dbe2726d090c9581c8ca85
Sha1:   95fa1b87ddf4027b4223b06e86932d788aba2636
Sha256: 205d0e1c2faf95cb7b22234abcad7abae243b799ea1d790288ddfee6e46a6ad9
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Recaptcha/badge-a479b038.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 367
x-version: 0.7.1+sha-f8fdc16
etag: "8857679c4bd7c2c9238416f452bed34f"
last-modified: Wed, 21 Oct 2020 02:55:22 GMT
x-amzn-trace-id: Root=1-5f8fa319-4467925d4bc512bd5d8610c2
x-forwarded-port: 443
x-forwarded-for: 64.202.160.104
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   367
Md5:    a5c6e41c09faadb3c1c61691d2095174
Sha1:   aad16c94df292aa072454c6fdc55e1774153229b
Sha256: cb15a1744276298a8303612901f1b85d9d773663c5c591cb128b98e2bb25166f
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/lib/components/Carousel-d4bbd8a7.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 7054
x-version: 0.7.1+sha-f8fdc16
etag: "e579cd3f9ea8e112675b529fc85417c3"
last-modified: Tue, 26 Jul 2022 18:34:15 GMT
x-amzn-trace-id: Root=1-62e033a6-2a4cf0c1004db6f253765cdc
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19989)
Size:   7054
Md5:    61db91671b34870b2a22649bae7a75e5
Sha1:   e2394e915aeb66badba97fa50307e74ad5769daa
Sha256: 4ffb98b3cecca59fc757b51e44016322380bd6bc56c37cb350a54bee6e5894dc
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-dataAids-6a839d53.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 626
x-version: 0.7.1+sha-f8fdc16
etag: "edc15ad5daac3cfa744bffdb1e0174be"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2da3a4b6382be71e0d8c5ecb
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1824)
Size:   626
Md5:    11370164b73124ea595098d2ecbe6d0b
Sha1:   bcc349130116ef2aee6ed77984b7726b43af8576
Sha256: d2a8fc6601e5e3b7c457e6c56f225547618fb5b454ba5dd37082cfa67ab4453e
                                        
                                            GET /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:267,h:104,cg:true,m/cr=w:267,h:104/qt=q:95 HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 7598
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://paramountsite.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 2097226918
x-width: 267
x-height: 104
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
edge-cache-tag: /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:267,h:104,cg:true,m/cr=w:267,h:104/qt=q:95
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7598
Md5:    a37c69184d7a50d8b84bafd0dee0525e
Sha1:   424cc05aeeb1d8c100d72ab4c90e418b107972d7
Sha256: e83281398e1a2f5c39480dce5e6f8b8f8c1f0c31a2a44acbd9569eae91e2ad95
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-navigationDrawer-27f5f1f5.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 191
x-version: 0.7.1+sha-f8fdc16
etag: "8f12765eb30fbdcfcdc116d13f7fc272"
last-modified: Thu, 28 Jul 2022 17:59:29 GMT
x-amzn-trace-id: Root=1-62e2ce80-4ef8fc4a33c151912970138f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.107
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   191
Md5:    cec9b0814a648933ea94f34556da96ab
Sha1:   b1633975363116ff254ad319b033a1022d483922
Sha256: cb8d0e2233b2d495612d7644089dec2bcb7b3d02d7ccb775df3b8ca4a995a9f8
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-overlayTypes-e1dbe765.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 335
x-version: 0.7.1+sha-f8fdc16
etag: "21ad22788e6caa18a4e9e57f7372b108"
last-modified: Mon, 13 Dec 2021 22:59:02 GMT
x-amzn-trace-id: Root=1-61b7d035-018188ae176241301ebce646
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (383)
Size:   335
Md5:    21f75a3937961a662b8d8879193c440c
Sha1:   4b1ed44a75627896d16fa62b335c445470b014a7
Sha256: 84559c119581a7d097957055082a3d95fb9af3043cd3237f27756d3332eeba76
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-searchFormLocations-c86f2a99.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 244
x-version: 0.7.1+sha-f8fdc16
etag: "daa79ad7558674f6a12d962abf47f2f6"
last-modified: Thu, 14 Oct 2021 23:04:37 GMT
x-amzn-trace-id: Root=1-6168b784-1438c006715eea557e6c9f7f
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   244
Md5:    835256b0b1680833155abf0f7420cca2
Sha1:   1d7eca7af4c7fdc66cfe34c1796ce7c3376d21b3
Sha256: b876ca1181efb3e0c9eac5384578fe015bc322c2a5407f4a86826374c86e4187
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_commonjsHelpers-758665cc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 518
x-version: 0.7.1+sha-f8fdc16
etag: "894d1fecf13beb6804e454d74bab4fc5"
last-modified: Thu, 20 May 2021 16:49:33 GMT
x-amzn-trace-id: Root=1-60a6931c-2dfc069918f926cb337de793
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (905)
Size:   518
Md5:    45e169dc10f78234504ee292d5fbc13c
Sha1:   6ce99366de7d5a6aa2d72870696c10dec16d56e9
Sha256: b4bf979d5e9ca93f7c5e1736d1c90d0662d37a6c360c7e30ed0f06e65b080694
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_react_commonjs-external-3d5a31a2.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 212
x-version: 0.7.1+sha-f8fdc16
etag: "889d83416d141ae9c1e8e3eb5c4f68c0"
last-modified: Wed, 24 Feb 2021 19:34:55 GMT
x-amzn-trace-id: Root=1-6036aa5e-4e3aabaf2f33643a300f2279
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   212
Md5:    83df0b1b683dfb124c68705dfc76fcee
Sha1:   5cc0c7157c31f32d14cb1b4b1da6b1a824c2d112
Sha256: 7a4f6de8c05928fa839dd4bca96e2c2088c92d942f1a9f285832edea5580ef48
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/_rollupPluginBabelHelpers-92db7618.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 376
x-version: 0.7.1+sha-f8fdc16
etag: "95e155e942e2f3d810d854bd7baf8f04"
last-modified: Wed, 24 Feb 2021 19:34:54 GMT
x-amzn-trace-id: Root=1-6036aa5d-248bcb407aeca8241d304317
x-forwarded-port: 443
x-forwarded-for: 64.202.160.108
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (501)
Size:   376
Md5:    59ae8ad50c2d5a071cf77710bd85bfdf
Sha1:   2ee00b76c41a0d13f258d9dc44484fbe0a3b8524
Sha256: f439a3d1fc52de6c8049f20077eba81e70489d73bd117253d6e06755fb368aff
                                        
                                            GET /blobby/go/static/radpack/@wsb/guac-widget-shared/c/interopRequireDefault-112e3bdc.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 255
x-version: 0.7.1+sha-f8fdc16
etag: "11ccc819361ff3f58653d84601c90234"
last-modified: Tue, 09 Mar 2021 21:39:32 GMT
x-amzn-trace-id: Root=1-6047eb13-42a9ed893514533d651f3c03
x-forwarded-port: 443
x-forwarded-for: 64.202.160.111
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   255
Md5:    c193577695c55a6d01f99c001d244ae9
Sha1:   f5bfc578e3b68fa149e0ec505036883dde2e2182
Sha256: 5960984c09db3ab6275b0c5f58fbaa9423d07e95b248630115506387428f03f8
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-LinkAwareComponent-c879a9d1.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 891
x-version: 0.7.1+sha-f8fdc16
etag: "db9b98d640eba155278db0bbaa83050d"
last-modified: Tue, 08 Mar 2022 16:16:57 GMT
x-amzn-trace-id: Root=1-62278178-78898aaa78d117a566634235
x-forwarded-port: 443
x-forwarded-for: 64.202.160.110
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1875)
Size:   891
Md5:    44a9beb87d40f6145cb908a9b1c71c00
Sha1:   a6f805ddcc53b7cb5ab774de344c30c41d4d5ce0
Sha256: aaad2d68eb5062983443ff7a7d607dff5035cfd75a719742d2a0d95af37b89e0
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/bs-FlyoutMenu-Component-266b929e.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1272
x-version: 0.7.1+sha-f8fdc16
etag: "d2f3f3bb13567c7c3ba8c50de05a8272"
last-modified: Mon, 13 Dec 2021 22:59:00 GMT
x-amzn-trace-id: Root=1-61b7d033-2b00d29f0bf8ee864a58d40c
x-forwarded-port: 443
x-forwarded-for: 64.202.160.105
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3283)
Size:   1272
Md5:    15588eb49730af3f92b29fa295d0a216
Sha1:   eb61fae6f935f037beebca9f2557ce05a32212b6
Sha256: acce03ab4359514251cfe658c86746d82f01160cf1fb6d779a264410fa8d5e7c
                                        
                                            GET /blobby/go/static/radpack/@widget/LAYOUT/c/bs-Toggle-bde2cb32.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 1020
x-version: 0.7.1+sha-f8fdc16
etag: "70bc240b39fd393f6e3003cc69e4fe73"
last-modified: Fri, 29 Jul 2022 16:58:40 GMT
x-amzn-trace-id: Root=1-62e411bf-092c235955a8dd6b4bde9a5a
x-forwarded-port: 443
x-forwarded-for: 64.202.160.109
x-forwarded-proto: https
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 86400
content-encoding: gzip
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:14 GMT
date: Thu, 13 Oct 2022 01:21:14 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2368)
Size:   1020
Md5:    f781ac203e2b685fc34dff85b2e11b50
Sha1:   43f27a48b1b29ea644e6a4da46aca1dc0c4cd794
Sha256: fac7178c58b529a9e5f2af5ce88aeb912245e1f39fa39a877116cbf75da0ff2f
                                        
                                            GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1 
Host: img6.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Thu, 13 Oct 2022 01:21:14 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24676)
Size:   7498
Md5:    b8a5a228a358454084c34dd1cf431c61
Sha1:   37aa5fe6e083b8147156ca66a1993a7bd74e8a61
Sha256: 06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
                                        
                                            GET /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:180,h:180,m HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 10310
x-version: 0.4.4+sha-5bbb742
x-track-origin-referer: https://paramountsite.com/
access-control-request-method: GET
access-control-max-age: 864000
etag: 961278545
x-width: 463
x-height: 180
x-isteam-meta: {"orientation":1}
cache-control: public, max-age=31536000
expires: Fri, 13 Oct 2023 01:21:15 GMT
date: Thu, 13 Oct 2022 01:21:15 GMT
edge-cache-tag: /isteam/ip/483affd3-dfef-42a1-9be5-1333180f13f8/logo_transparent_background.png/:/rs=w:180,h:180,m
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   10310
Md5:    e7468d55117decc1911837191b2a1930
Sha1:   d4b6e5655ac2bf56b3aa3dede852e816b85e6899
Sha256: 015ae523632a3d54979da5abfd6969e76a02c8422c817ab08441a8f706c1da67
                                        
                                            GET /t/1/tl/event?cts=1665624074751&dh=paramountsite.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=77512668&cv=2.0.0&z=610784906&vg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&vtg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&dp=%2Fwp-content%2Fold%2Fold-inner%2Fnew_inquiry_for_new_po.bin&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22483affd3-dfef-42a1-9be5-1333180f13f8%22%2C%22pd%22%3A%222022-08-10T14%3A59%3A32.296Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout23%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=9420d46a-2b7f-58e1-97c9-27c87053fba6&ht=pageview HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.84.152.186
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://paramountsite.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /t/1/tl/event?cts=1665624075006&dh=paramountsite.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=77512668&cv=2.0.0&z=1635983588&vg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&vtg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&dp=%2Fwp-content%2Fold%2Fold-inner%2Fnew_inquiry_for_new_po.bin&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22483affd3-dfef-42a1-9be5-1333180f13f8%22%2C%22pd%22%3A%222022-08-10T14%3A59%3A32.296Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout23%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=0b67d294-ce2d-5683-995d-dc4379946878&ht=perf&tce=1665624073815&tcs=1665624073650&tdc=1665624074998&tdclee=1665624074755&tdcles=1665624074752&tdi=1665624074745&tdl=1665624073865&tdle=1665624073650&tdls=1665624073650&tfs=1665624073645&tns=1665624073197&trqs=1665624073815&tre=1665624073880&trps=1665624073857&tles=1665624074998&tlee=0&nt=navigate&nav_type=hard HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.84.152.186
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://paramountsite.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /t/1/tl/event?cts=1665624074752&dh=paramountsite.com&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&vci=77512668&cv=2.0.0&z=2062275484&vg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&vtg=2825a5f1-6557-5c2b-bf41-6ae9a7a38322&dp=%2Fwp-content%2Fold%2Fold-inner%2Fnew_inquiry_for_new_po.bin&ap=IPv2&trfd=%7B%22ap%22%3A%22IPv2%22%2C%22websiteId%22%3A%22483affd3-dfef-42a1-9be5-1333180f13f8%22%2C%22pd%22%3A%222022-08-10T14%3A59%3A32.296Z%22%2C%22meta.numWidgets%22%3A4%2C%22meta.theme%22%3A%22layout23%22%2C%22meta.headerMediaType%22%3A%22Image%22%2C%22meta.isOLS%22%3Afalse%2C%22meta.isOLA%22%3Afalse%2C%22meta.isMembership%22%3Afalse%7D&hit_id=92cb78b4-174e-5fbc-b90f-ff4b51b7ee97&ht=pageevent&ea=impression&eid=pandc.vnext.404.impression HTTP/1.1 
Host: events.api.secureserver.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paramountsite.com
Connection: keep-alive
Referer: https://paramountsite.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.84.152.186
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
access-control-allow-origin: https://paramountsite.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /west-chester HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: ec8b4e892df6a4393fa6f8881f912b65
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   82298
Md5:    dd2f685171f5701fb5fee45241602334
Sha1:   8282bb9195faf1380d9432c11d7859f4a53aed41
Sha256: 32c63d3d0f05d7b6ad4339c28765566cc40326591ae30c17e65c6e47955c16ce
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8932
Expires: Thu, 13 Oct 2022 03:50:07 GMT
Date: Thu, 13 Oct 2022 01:21:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8932
Expires: Thu, 13 Oct 2022 03:50:07 GMT
Date: Thu, 13 Oct 2022 01:21:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3261ab5d-a8bc-4570-b3a7-6a84af32a316.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10731
x-amzn-requestid: 30e35246-dd7f-421c-afcf-5c5372edd5d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fEgESiIAMFTtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dee9-06ab66382ab2d71a18b6a8be;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6A39Ehe0Fwc7uow0JhqTI0HAanx-R0y5xBnQ_sFhSlOn-T3OHm-pWw==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 05:53:22 GMT
age: 70073
etag: "11fd9e6c872c6eb6e03761dbbcf38bf3707b741a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10731
Md5:    8cb88b15f7586a43b2f80b8079afd374
Sha1:   11fd9e6c872c6eb6e03761dbbcf38bf3707b741a
Sha256: 8bfffc22e8ea19dab232e21f1f5f76811e37b048f80cad532f905f5a1047b9c4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0765acf2-cc81-483a-86a5-a0ecdf7b492f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6071
x-amzn-requestid: 7752bd28-ed18-49d0-a9f9-9041bb3cf279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhQhtG2QoAMFxbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2e0a-56d366c63b34948c3f3bfc8f;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:11:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NqVAUoxJtAc3GLj_lDjPy10ZCAkmceF63mqwQb9dO_yEaI2mbvCINA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 10:18:50 GMT
age: 54145
etag: "49952db4bc1a7f95030077bbc217f98edc05c4e9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6071
Md5:    31b22955f11d72232f0ec71c1f65be4b
Sha1:   49952db4bc1a7f95030077bbc217f98edc05c4e9
Sha256: 14f3a1b16494de7669ebb0939fce688b3ef419895042b1b219ce86c043ef7684
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7580
x-amzn-requestid: 6a320517-254f-40f6-b7cd-b87317d2177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tq9HkqoAMFVcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63473312-13af2ea55b9d524d37b1dd46;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaYmkULE2Gb48Ep1NuF98M6D9nbo54L1-tyAqzbSWKUQ0S4jQeiORA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:45:44 GMT
age: 12931
etag: "325484ea6c2653483019d85d690b4a697f8dde9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7580
Md5:    4428a41f1c63e0c32664bc1b7d6b65a0
Sha1:   325484ea6c2653483019d85d690b4a697f8dde9f
Sha256: 7a8e1afc1f987dbd6275617db2655d7f92f2ead75ce6cbe924bf572e1b2567d0
                                        
                                            GET /contact-us HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 35e220b77951350020ce088b769645f9
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16836
Md5:    cb8b7f5da777136cbf1cf30542d2594d
Sha1:   4fe58d7f580ac484a80a2f68842822e9fc80099c
Sha256: 85d5914621c796844b98d248a728269e89f92eb59008d9e72618eb6c2a2ca6d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482fed3a-a0d0-4662-8637-e1ff7fe447dd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11531
x-amzn-requestid: 29b4b1c2-a531-4c4b-b116-096478107324
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zt6HxFSaoAMF7UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63423d64-62af898434029b78565e1d72;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 03:17:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uSBwuTLWaNc69LO-VpnzCZhv1upWsxgynWyKxTmGXipjfV9lbXOJjQ==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:45:50 GMT
age: 12925
etag: "0e5b7a38547d34811110436908f1e99ddab925b7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11531
Md5:    d775aeb34ad7a7c69d8221e972fdd78a
Sha1:   0e5b7a38547d34811110436908f1e99ddab925b7
Sha256: fdbf70e939e3b6c1b141a3a824e442d08d473da9de72eeee8988b51276dcaedd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601dddd7-f022-4702-bac3-f92bfef5f042.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7863
x-amzn-requestid: 57346991-3866-4f4b-aac7-3411869802e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zn20-EL4IAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633fd1b9-5bb12cbc095061fa6a6420a3;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 07:14:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O0k8ffHjS-JM1uRIEAuAwAmU6QY5pg38Ef2NHDESTcnOM514f3x_xw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 22:47:47 GMT
age: 9208
etag: "e32bb263c8bda87ed9d0c4068b290156cc973ba9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7863
Md5:    0048874f97f0965b4591d89576136f07
Sha1:   e32bb263c8bda87ed9d0c4068b290156cc973ba9
Sha256: 32f6d4932f5db94915be93c0bce2a514b0ed35425a6b2175104435e7982f12d7
                                        
                                            GET /privacy-policy HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 57e192c50d9e90a1ae7551bf61149dc3
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/old/old-inner/new_inquiry_for_new_po.bin HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         160.153.136.3
HTTP/1.1 302 Found
                                        
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /wp-content/old/old-inner/new_inquiry_for_new_po.bin


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/old/old-inner/new_inquiry_for_new_po.bin HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         160.153.136.3
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
date: Thu, 13 Oct 2022 01:21:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sw.js HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: application/javascript
                                        
link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 67d804fda89273be58cf9b06c4821afe
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paramountsite.com/wp-content/old/old-inner/new_inquiry_for_new_po.bin
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         160.153.136.3
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
date: Thu, 13 Oct 2022 01:21:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landen HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: bbe0c605abc0ae847a54fbd1190f347e
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /milford HTTP/1.1 
Host: paramountsite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paramountsite.com/sw.js
Connection: keep-alive
Cookie: dps_site_id=4000; _tccl_visitor=2825a5f1-6557-5c2b-bf41-6ae9a7a38322; _tccl_visit=2825a5f1-6557-5c2b-bf41-6ae9a7a38322
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         160.153.136.3
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.26.0.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/cinzel/v19/8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMDrMfIA.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin
cache-control: max-age=30
content-security-policy: frame-ancestors 'self'
vary: Accept-Encoding
content-encoding: gzip
server: DPS/1.13.2
x-siteid: 4000
set-cookie: dps_site_id=4000; path=/; secure
etag: 818a14c532f96345e88b64de2564a3fc
date: Thu, 13 Oct 2022 01:21:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---