paonbleu.ht/
144.217.252.90301 Moved Permanently 228 B IP 144.217.252.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash de92db63585898515d4072fbd8f04018
8ade6937f9b48aa0cd8c0b0b79520bd59370cdf1
567a50e0ee595ee2b3487597acc4df3ac57b2752f0300533e34ec8160f29b2ba
GET / HTTP/1.1
Host: paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 06:08:35 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 228
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'none'; img-src * 'self' data: https; script-src 'self' * 'unsafe-inline'
Set-Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762; Max-Age=2592000; Domain=paonbleu.ht; Path=/; Secure; HttpOnly; SameSite=Lax
Location: https://paonbleu.ht/
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20457
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 06:08:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6651
Expires: Fri, 03 Feb 2023 07:59:27 GMT
Date: Fri, 03 Feb 2023 06:08:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3191
Expires: Fri, 03 Feb 2023 07:01:47 GMT
Date: Fri, 03 Feb 2023 06:08:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 05:36:10 GMT
content-type: application/json
age: 1946
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o7mb+LWjZsIq83KyDmcLPBuZ+lbB3ZbVJ+j1oZT4Df5B+XzLLP8YBhefe+oO2y93CJZi5Cqn3CY=
x-amz-request-id: 81GHSDRZAYJHECXG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 05:23:25 GMT
age: 2711
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5874e556efa51ff070bd846f4cdaec
90445b3b36367e442c7c5fca9260a6931f11c195
01e69813805ebbaf4957e8354a7bcdcbb0ff2bfc0fcf5417fe21a993661fb359
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01E69813805EBBAF4957E8354A7BCDCBB0FF2BFC0FCF5417FE21A993661FB359"
Last-Modified: Fri, 03 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 03 Feb 2023 12:08:36 GMT
Date: Fri, 03 Feb 2023 06:08:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 06:07:19 GMT
age: 77
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7229
Expires: Fri, 03 Feb 2023 08:09:05 GMT
Date: Fri, 03 Feb 2023 06:08:36 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nOJcFX+T/pVydplc0MmwTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qQbJ+rq1lf4J2xw4k9Fu3teXZZs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a95304dcd74e0f8b89e3474bf48fcea1
de251fa2d2b51d56bcfd45136da11b6e25860ca4
fedd8147f46fba9916b8ab8d7295847ef35e0a3933b5a1d725a760cc503cea89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEDD8147F46FBA9916B8AB8D7295847EF35E0A3933B5A1D725A760CC503CEA89"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Fri, 03 Feb 2023 12:07:57 GMT
Date: Fri, 03 Feb 2023 06:08:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3297
Expires: Fri, 03 Feb 2023 07:03:35 GMT
Date: Fri, 03 Feb 2023 06:08:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3297
Expires: Fri, 03 Feb 2023 07:03:35 GMT
Date: Fri, 03 Feb 2023 06:08:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3297
Expires: Fri, 03 Feb 2023 07:03:35 GMT
Date: Fri, 03 Feb 2023 06:08:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3297
Expires: Fri, 03 Feb 2023 07:03:35 GMT
Date: Fri, 03 Feb 2023 06:08:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v2-PiZSoEbRhvxbdT2TUmJk9hDT08qpRhT6DhdEIU6nd3s2qL969Xg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:04 GMT
age: 29374
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 1350cdd1-10c2-44e0-993d-2335a082fb91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fstgNH0moAMF3OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5c67-02211c3d5ca147c718348860;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t7OYoLCzzQakW2lqiAUaeKA00Beq4J5elQ5qF7yGUb2L7JSNUJCPNA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:40:54 GMT
age: 5532
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e706db8a6107758a148463e916f2532d
4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81
673f18036a53f8ff297ef6a63fd094e7c41d90f3960f0e687a741cc7dd3f6172
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffda40dcf-1e5b-4e49-bd65-084935f52db9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6791
x-amzn-requestid: 665115ea-728e-4a55-aaf8-b09db3fa67a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffl96FIzIAMFYGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61d25-0abbd7262ca10b7a7d2bf9eb;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:15:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T-OEFTj1rywKfBhEUUD0Rc6pFbk-gyFsETr_fjDQR5WGHAVOBgrB9A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 19:18:01 GMT
age: 39037
etag: "4b0b8cb5ced3e3e67b0320a3bbaecd2176e21b81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40d4165b4e6dbb637204df196545ada8
a01f74c0c2c3ec1e5e7d6498415df8fbf109ae94
25d54e72b043f2d9553be6a8dedfce3ce39df4ac2b992f7e6d32ef04e96a3266
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bc75469-aee4-46b2-9ae0-75869ae8bb2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8912
x-amzn-requestid: 4fdceb0c-8af7-4ffb-b28b-c0d9e22f2456
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpQ4KGUsoAMFlcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9fb67-68ef58c454f6bd834eb05485;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 05:40:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: o7j1Zm4FhgxOrVdmJ5AK1gr_5W9koIYYryCIm5iAeJgHMlwDgDO9VA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:55:08 GMT
age: 29610
etag: "a01f74c0c2c3ec1e5e7d6498415df8fbf109ae94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 27588
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1c2a5a291f23be6591c9b19db47b47
2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619
327efb8c72421819992900ab0f8f267da7d28122c710b8694979116579d512c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3083
x-amzn-requestid: 7a4f094b-a423-401e-a9e7-8d9f130e2e40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi1drEtKIAMFuYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76924-66751080608a6cd2650b853d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:52:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UoXATdGOgEK3Unxszcp4ulAK3b1BuHS2MbUzTHe-qxjNZkb2eoxE-A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 19:18:02 GMT
age: 39036
etag: "2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 06:08:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.paonbleu.ht/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
144.217.252.90200 OK 2.9 kB URL HTTP/2 web.paonbleu.ht/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 144.217.252.90:0
File type ASCII text, with very long lines (15672), with no line terminators
Hash bf7096ca41170da88bcbfc44deb0ee3d
902698ea0322a5df92d7d9d2a9c78a1c4db6a006
738aac2fa693c1dc9a2e50de3760c95a57abae72f14019434d8ef71cb443c1f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 17:07:16 GMT
etag: W/"62d59344-3d38"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 06:08:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.paonbleu.ht/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
144.217.252.90200 OK 20 kB URL HTTP/2 web.paonbleu.ht/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 144.217.252.90:0
File type ASCII text, with very long lines (15660)
Hash 225703eddf3d05130ef76b9cc6fdb6e5
52f66ec71a41477b4d0cadb9bad658d3b1a24208
e60fddd744181d7199fbe209002b7e8f35a220b12bc236cedaff1a6d19b00f9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:52 GMT
etag: W/"62d59aac-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
144.217.252.90200 OK 34 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 144.217.252.90:0
File type ASCII text, with very long lines (65280)
Hash 93f49304531afb4cae91352a521d7cf0
795d1f8d8c36422be5322a6b393331de51fe9ea4
affa77ccca030238e902d1a47ed934fd76f4baeb5f2d41343632525c14387744
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:50 GMT
etag: W/"63d77572-21f91"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
144.217.252.90200 OK 2.2 kB URL HTTP/2 web.paonbleu.ht/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 144.217.252.90:0
File type ASCII text, with very long lines (6051), with no line terminators
Hash 17e2b523310e718b64aef13e2450db58
69a97bf9b24371630dc0989c2b49a7dbacf74b21
0abd23ca5e6f052c6b727975c189d533f4791c5f0352d09adf43eff8cadfa5d7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 17:07:16 GMT
etag: W/"62d59344-17a3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 06:08:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 06:08:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.paonbleu.ht/wp-content/uploads/2021/12/femme-noire-souriante-portable.jpg
144.217.252.90200 OK 30 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/12/femme-noire-souriante-portable.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=388, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=600], baseline, precision 8, 600x388, components 3\012- data
Hash b84aa9277bfeb958d91e258c1ab84270
562fc7bcfecddb51b7ab0bbb65aa8f78fde936d6
a286e3b827033d82a4165946ad8d471c2349456e8bb0f06cd1132f0caa54d0c5
GET /wp-content/uploads/2021/12/femme-noire-souriante-portable.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/jpeg
content-length: 30445
last-modified: Thu, 09 Dec 2021 17:54:11 GMT
etag: "61b242c3-76ed"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
144.217.252.90200 OK 99 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
IP 144.217.252.90:0
File type ASCII text, with very long lines (19277)
Hash 131a43f32d41ef192284261afb9e1b6e
bdd1caa9ddb3fd17c77e8583f0124edfb63e102a
f2cd34c3a240bda7bf064caf9fe430483da37606b3df4341b357799471b84720
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 07:44:50 GMT
etag: W/"63d77572-4b7b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
144.217.252.90200 OK 19 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 144.217.252.90:0
File type ASCII text, with very long lines (10544)
Hash 4450bbe72fe83155a545beff5bf0cd9f
133d78201f14c8aa1b438c4f6f07dea910dc92ab
2ccd83d6d385e0da01d2e95e26a2633eda3cf35db017709c4f22cbd1d0b1e686
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"63d77571-29ba"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.10.2
144.217.252.90200 OK 28 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.10.2
IP 144.217.252.90:0
File type ASCII text, with very long lines (43869)
Hash 7a34d270aa2e05fa365bd75d405647be
e6fb839018b1be11e085e6b3be9a332767bf2080
77dec0c2f45baa1b3f98ec051e959b653488ab7033ab114a6386567e567bf99e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:52 GMT
etag: W/"63d77574-ab85"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.10.2
144.217.252.90200 OK 17 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.10.2
IP 144.217.252.90:0
File type ASCII text, with very long lines (2620), with no line terminators
Hash ac19a3b9b02f69a1a568dbd9917b663e
901b8a1c359a1fca06ef9d359336a73e0cfc8bfd
c71de94174a6bde754154e53a40c3d96aebd1efe0db83725e4ece3f09f65da2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"63d77571-a3c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/12/couple-finance-laptop-small.jpg
144.217.252.90200 OK 56 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/12/couple-finance-laptop-small.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=388, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=600], baseline, precision 8, 600x388, components 3\012- data
Hash 4bceccde48b6d1d2ab88e988cb56210d
21ce6fcab87d47669288f23594197605d2575da4
6f0c3ce98520339ea5efabd9e86bf1dc67d377868cde786273f22206258bd15c
GET /wp-content/uploads/2021/12/couple-finance-laptop-small.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/jpeg
content-length: 56372
last-modified: Mon, 13 Dec 2021 01:54:10 GMT
etag: "61b6a7c2-dc34"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.10.2
144.217.252.90200 OK 13 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.10.2
IP 144.217.252.90:0
File type ASCII text, with very long lines (3720)
Hash 3a0ae1f71246d5a0e4d3d61343c5f776
6eef24dfdbb6f86f51c7437e0b8920115873be74
be2fd66ebe8fddd035fa9faf2e1d42c4ddfb1a71c9ea64e8784fd6a9e9004a47
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 08:03:47 GMT
etag: W/"63ccede3-e89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/finance-technology.jpg
144.217.252.90200 OK 80 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/finance-technology.jpg
IP 144.217.252.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 720x405, components 3\012- data
Hash 9442686ae16ff05c54eb24f37f31ac27
ff5ea1cba7916a57f9b4d20bd995c38cbe2540d1
2df001422f19d9abe580fbbb66fe6280e86a4dfe069b50331de07766088362b9
GET /wp-content/uploads/2021/01/finance-technology.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/wp-content/uploads/elementor/css/post-19.css?ver=1671180922
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/jpeg
content-length: 80399
last-modified: Mon, 11 Jan 2021 11:47:10 GMT
etag: "5ffc3abe-13a0f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 06:08:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
144.217.252.90200 OK 115 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 144.217.252.90:0
File type ASCII text, with very long lines (12198), with no line terminators
Size 115 kB (115422 bytes)
Hash 201b6e9c3312b1c88fecd332ef348074
772a8d77a26dfe638d248bd571cd4e253ea86c23
57b47cec0b0248c829a277304272b23de3788ba6775a500b4bf5a9bcefc795d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"63d77571-2fa6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
144.217.252.90200 OK 77 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 144.217.252.90:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: font/woff2
content-length: 76764
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: "63d77571-12bdc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
144.217.252.90200 OK 78 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 144.217.252.90:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 30 Jan 2023 07:44:50 GMT
etag: "63d77572-13174"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/cropped-paon-bleu-logo.png
144.217.252.90200 OK 37 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/cropped-paon-bleu-logo.png
IP 144.217.252.90:0
File type PNG image data, 361 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 05e4f05f3fd8f2e3126720a24acdc265
07db646f5b6c2a828cb211a92ce81f38e62e15e3
1d8a44a99a129cafefd546e509b3e91401468bc795dad848fe0d915fa61e25fd
GET /wp-content/uploads/2021/01/cropped-paon-bleu-logo.png HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/png
content-length: 37142
last-modified: Thu, 07 Jan 2021 11:16:12 GMT
etag: "5ff6ed7c-9116"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/cropped-favicon-pb-192x192.jpg
144.217.252.90200 OK 7.1 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/cropped-favicon-pb-192x192.jpg
IP 144.217.252.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Hash 46f001edb8a82a77124f06d0d08d9dc8
9082dce7a61cb4c4ec9d0548921b4a19d652cd11
30f1ee45d03da4a3f4dd48fe27e7a66556726840c5a8260d6d52ae56b39297a6
GET /wp-content/uploads/2021/01/cropped-favicon-pb-192x192.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/jpeg
content-length: 7089
last-modified: Thu, 07 Jan 2021 11:22:13 GMT
etag: "5ff6eee5-1bb1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/cropped-favicon-pb-32x32.jpg
144.217.252.90200 OK 1.1 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/cropped-favicon-pb-32x32.jpg
IP 144.217.252.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 32x32, components 3\012- data
Hash 628bc074b7c95ea8942c53db4a95bebe
8c51a5f7745ad137189b169c3250da63277963b0
062a95a55e4ac891f12262a7d7b23e3bdb3e8e354d01c6a13ace34172056497a
GET /wp-content/uploads/2021/01/cropped-favicon-pb-32x32.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: image/jpeg
content-length: 1070
last-modified: Thu, 07 Jan 2021 11:22:14 GMT
etag: "5ff6eee6-42e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.17.0
144.217.252.90200 OK 93 kB URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.17.0
IP 144.217.252.90:0
File type Web Open Font Format (Version 2), TrueType, length 93444, version 1.0\012- data
Hash 0d1a44bc222da28ed1cf0c6f29e73c55
ad1e7b04dbccbc51c2c3bd4f45f7381820b9647f
15ecd2c95dbae27cb05d094955791c6cabbc022fff88c43ad375a61642666f52
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.17.0 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.17.0
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: font/woff2
content-length: 93444
last-modified: Mon, 30 Jan 2023 07:44:50 GMT
etag: "63d77572-16d04"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/paiement-en-ligne-pb.jpg
144.217.252.90200 OK 163 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/paiement-en-ligne-pb.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 163 kB (163276 bytes)
Hash fbca1361a88f85d06b1cb21f471aa0eb
c528ea8e437dbb593e9bc03af7d9152bf84f6f15
43d83865b5d6dafd2f2f09166709b75fa8a00293c0f2465791f31be668d4dbc4
GET /wp-content/uploads/2021/01/paiement-en-ligne-pb.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:41 GMT
content-type: image/jpeg
content-length: 163276
last-modified: Sun, 10 Jan 2021 13:04:29 GMT
etag: "5ffafb5d-27dcc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/travel-plane-wttc.jpg
144.217.252.90200 OK 203 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/travel-plane-wttc.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=494, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1000], baseline, precision 8, 600x400, components 3\012- data
Size 203 kB (202821 bytes)
Hash 23a046408221545f1b994a9d446f5ff2
5f571f87f5312f276ffda5a17b506a1af4f8f0ec
abfbe18c97e26bffd6cb7025a904679f796c23d0932fa4ce114c82aa90f46557
GET /wp-content/uploads/2021/01/travel-plane-wttc.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:41 GMT
content-type: image/jpeg
content-length: 202821
last-modified: Sat, 09 Jan 2021 17:59:19 GMT
etag: "5ff9eef7-31845"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/man-pregnant-wife.jpg
144.217.252.90200 OK 297 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/man-pregnant-wife.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 297 kB (296828 bytes)
Hash 70ca8188a8cef7568fe63a6a218f3cba
4b1d28ac4e107474be89c067cb9421146bca84fd
4ea7e2197021f02415aba152e5aa7b88f9335f0dac23f15e1a77852016d013a4
GET /wp-content/uploads/2021/01/man-pregnant-wife.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:41 GMT
content-type: image/jpeg
content-length: 296828
last-modified: Sat, 09 Jan 2021 23:00:07 GMT
etag: "5ffa3577-4877c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/2021/01/couple-supermarket.jpg
144.217.252.90200 OK 250 kB URL HTTP/2 web.paonbleu.ht/wp-content/uploads/2021/01/couple-supermarket.jpg
IP 144.217.252.90:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 250 kB (249764 bytes)
Hash 81b2d4c97156e88c076767f095bde0ef
aad30f79c0c3b7049059422c4a7a30d085bec66d
5039bb8f36bb02f4d7b20b73e0eb2284abc620ff20f98bac3463ac1a5fe4507f
GET /wp-content/uploads/2021/01/couple-supermarket.jpg HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:41 GMT
content-type: image/jpeg
content-length: 249764
last-modified: Sat, 09 Jan 2021 18:24:40 GMT
etag: "5ff9f4e8-3cfa4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 27652
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2
IP 144.217.252.90:0
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:51 GMT
etag: W/"63d77573-1396"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:51 GMT
etag: W/"63d77573-8c1e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 144.217.252.90:0
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:53 GMT
etag: W/"62d59aad-27ee"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.10.2
IP 144.217.252.90:0
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 08:03:48 GMT
etag: W/"63ccede4-543c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 144.217.252.90:0
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 08:03:48 GMT
etag: W/"63ccede4-6272"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 07:44:50 GMT
etag: W/"63d77572-4824"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:52 GMT
etag: W/"62d59aac-50eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/elementor/css/post-220.css?ver=1671180923
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/uploads/elementor/css/post-220.css?ver=1671180923
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-220.css?ver=1671180923 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 08:55:22 GMT
etag: W/"639c327a-3901"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Sun, 22 Jan 2023 08:03:47 GMT
etag: W/"63ccede3-633fe"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/
144.217.252.90200 OK 0 B IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:39 GMT
content-type: text/html; charset=UTF-8
link: <https://web.paonbleu.ht/wp-json/>; rel="https://api.w.org/", <https://web.paonbleu.ht/wp-json/wp/v2/pages/19>; rel="alternate"; type="application/json", <https://web.paonbleu.ht/>; rel=shortlink
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"63d77571-23dbd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/elementor/css/post-19.css?ver=1671180922
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/uploads/elementor/css/post-19.css?ver=1671180922
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-19.css?ver=1671180922 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 08:55:22 GMT
etag: W/"639c327a-12cdd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.20
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.20
IP 144.217.252.90:0
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.20 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 07:41:39 GMT
etag: W/"63ce3a33-197d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:54 GMT
etag: W/"62d59aae-194b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/elementor/css/post-8.css?ver=1671180918
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/uploads/elementor/css/post-8.css?ver=1671180918
IP 144.217.252.90:0
GET /wp-content/uploads/elementor/css/post-8.css?ver=1671180918 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 08:55:17 GMT
etag: W/"639c3275-b5b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 144.217.252.90:0
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"29d-5f37663cd89ca"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 08:03:48 GMT
etag: W/"63ccede4-14ef"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:53 GMT
etag: W/"62d59aad-132e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
paonbleu.ht/
144.217.252.90302 Found 0 B IP 144.217.252.90:0
GET / HTTP/1.1
Host: paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 06:08:36 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: 'unsafe-inline'; object-src 'none'; img-src * 'self' data: https; script-src 'self' * 'unsafe-inline'
set-cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762; Max-Age=2592000; Domain=paonbleu.ht; Path=/; Secure; HttpOnly; SameSite=Lax
location: https://web.paonbleu.ht/
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 144.217.252.90:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
etag: W/"5fb63b61-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"2a3-5f37663cd8db2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 144.217.252.90:0
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 07:44:49 GMT
etag: W/"63d77571-e238"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/elementor/css/post-97.css?ver=1671180922
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/uploads/elementor/css/post-97.css?ver=1671180922
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-97.css?ver=1671180922 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 08:55:22 GMT
etag: W/"639c327a-2b33"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/uploads/elementor/css/post-1326.css?ver=1671180923
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/uploads/elementor/css/post-1326.css?ver=1671180923
IP 144.217.252.90:0
GET /wp-content/uploads/elementor/css/post-1326.css?ver=1671180923 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 08:55:23 GMT
etag: W/"639c327b-a4e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 17:38:54 GMT
etag: W/"62d59aae-4ac6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 07:44:52 GMT
etag: W/"63d77574-9f8a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 06:08:40 GMT
date: Fri, 03 Feb 2023 06:08:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 07:44:48 GMT
etag: W/"63d77570-26cf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 11:23:26 GMT
etag: W/"6103e12e-15db1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.10.2
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.10.2
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.10.2 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 08:03:48 GMT
etag: W/"63ccede4-2461e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
web.paonbleu.ht/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
144.217.252.90200 OK 0 B URL HTTP/2 web.paonbleu.ht/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 144.217.252.90:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: web.paonbleu.ht
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web.paonbleu.ht/
Cookie: __Secure-MOZSESSIONID=7307d70a86bd4ab5a00499762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 06:08:40 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 17:38:50 GMT
etag: W/"62d59aaa-15b64"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2