r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3523
Expires: Tue, 06 Dec 2022 05:54:36 GMT
Date: Tue, 06 Dec 2022 04:55:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5631
Cache-Control: max-age=112157
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:53 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:05:10 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12568
Expires: Tue, 06 Dec 2022 08:25:21 GMT
Date: Tue, 06 Dec 2022 04:55:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 04:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2132
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: la+DltyKaI1yThbXWZNeglm6AE3mtpgTIyFKBdZs00dSeGFjvVycQ3E5Vt54Fr9sB+FCRi1lAXs=
x-amz-request-id: YN9Q32CXDF8KY5SJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 04:46:58 GMT
age: 535
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
paulpconstruction.com/
162.0.215.237301 Moved Permanently 707 B IP 162.0.215.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 06 Dec 2022 04:55:53 GMT
server: LiteSpeed
location: https://paulpconstruction.com/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:55:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:11:20 GMT
cache-control: public,max-age=3600
age: 2673
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5614
Cache-Control: max-age=107073
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:53 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:40:26 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 25441bafab90d4faa59b630409a1b9e1
4d63dcc96959734419eb7eb8de50c79cae838285
32e0446a39f46b22a9223ed96521113c6813bd5ccb89637efabc94c890428a36
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 04:55:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 13:25:17 GMT
Expires: Sat, 10 Dec 2022 13:25:16 GMT
Etag: "4d63dcc96959734419eb7eb8de50c79cae838285"
Cache-Control: max-age=375562,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77526e904c010b49-OSL
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vI9KhATbjSK4IBCO9uhskw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hx6a3qtIeAlifO7TB2iTfxny46Y=
paulpconstruction.com/
162.0.215.237200 OK 26 kB IP 162.0.215.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33052), with CRLF, LF line terminators
Hash 670ecb6c2fbbd55abdfe5be22d206cfb
43a279e3cb96c6e931d2f7016679a1d8d47d8433
8fc96e20f0ee91d3d62c25b31fbe87f1f32196f41bc3f17581c5490deccc29f3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://paulpconstruction.com/wp-json/>; rel="https://api.w.org/", <https://paulpconstruction.com/wp-json/wp/v2/pages/502>; rel="alternate"; type="application/json", <https://paulpconstruction.com/>; rel=shortlink
etag: "120882-1670279186;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 25831
date: Tue, 06 Dec 2022 04:55:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paulpconstruction.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.4
162.0.215.237200 OK 11 kB URL HTTP/2 paulpconstruction.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.4
IP 162.0.215.237:0
File type ASCII text, with very long lines (63030), with CRLF line terminators
Hash ef5cf9e099df3cd7e33d9a5fab442ec6
674ec7c394e9f988689fd7fa1fda40e587ba60a4
a0984639e4245aee2662e4bc32287088ecbee5e5bc0db4925d3c77ca9475007f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.4 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 12:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10849
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.0.215.237200 OK 12 kB URL HTTP/2 paulpconstruction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 21:37:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
162.0.215.237200 OK 3.6 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 162.0.215.237:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/astra-addon/astra-addon-636d738a13c153-98413673.css?ver=3.6.6
162.0.215.237200 OK 1.9 kB URL HTTP/2 paulpconstruction.com/wp-content/uploads/astra-addon/astra-addon-636d738a13c153-98413673.css?ver=3.6.6
IP 162.0.215.237:0
File type ASCII text, with very long lines (12256), with no line terminators
Hash 48a4cc1c391403be62a0e046c033fc74
564252add8643d7ffd825620bd056bd324e95ee5
27788d4d95ad2a414bfa3549ae05c95533b335c00d10dec713e4c24a6a7e9f47
GET /wp-content/uploads/astra-addon/astra-addon-636d738a13c153-98413673.css?ver=3.6.6 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 21:56:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1912
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
162.0.215.237200 OK 12 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (65497)
Hash eae4534b9e0b15aaf7ad9f3111688549
4bde4256711207e4a95c1376f0b453cd660a63d8
b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12595
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 04:55:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12595
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 04:55:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12595
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 04:55:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12595
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 04:55:55 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAmaranth%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAmaranth%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
Hash 3be61a550b3b3d21fcfc3332e21184e0
eff2c8b68959b3c790516c726d954488d4bbe4d0
2aef3dccd98af98b2ce21f3e4cc43915ccc69be5d8cea542b40abc5eefff8e75
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAmaranth%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArchivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paulpconstruction.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 04:55:54 GMT
date: Tue, 06 Dec 2022 04:55:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 26247
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:21 GMT
age: 25654
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cO5j7BIPh3GSOUqKDYYY2qmG6__Hn2XB9lFhhYT_WpOXya-9TTGtgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:24 GMT
age: 23611
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 24759
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hTx-BIZT_THNG5yNlQDL6LCM5lBs8ezZK8-5FMFiarpRfhmBu6pbTQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:51 GMT
age: 25804
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zTGiKMan3uG3edx5AsFabNE4eG_dmzrIIOFCWcOxYN0UgSCGTNTtxw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:25 GMT
age: 23610
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.4.1
162.0.215.237200 OK 6.9 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.4.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (59487)
Hash 4f269c40fbdfbc49379dc9f5cd2c4e17
6193fc08d47bdc78c7441dabcf44cdbcf371fd68
b34bec2faaff911324b5e5a692e3a09d8924c2d6591a05d3c5beb008aaac29bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.4.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 07 Apr 2022 21:47:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6947
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.8
162.0.215.237200 OK 3.6 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.8
IP 162.0.215.237:0
File type ASCII text, with very long lines (22829)
Hash 23ad768234f093740cd0ec87101e9e6a
9b149ce3a5ddabcc95b90d02359a0cc7105a32d6
68b6590684d2798ac4f087947b55c9da05d5ab2c6450574c230f37408ea602cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-base.min.css?ver=1.7.8 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3602
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
162.0.215.237200 OK 2.5 kB URL HTTP/2 paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
IP 162.0.215.237:0
File type ASCII text, with very long lines (11167), with CRLF line terminators
Hash 598b8e8e6a792bd57b8537c958e51265
99a39533063cd5203e77ab357bbd96e110287476
3abc8787aba6cebd53482ae4fa07f80d782976c6b0b3bc5086c962aac3f04d85
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-502.css?ver=1658952174 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 20:02:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2458
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/elementor/css/post-479.css?ver=1658952173
162.0.215.237200 OK 308 B URL HTTP/2 paulpconstruction.com/wp-content/uploads/elementor/css/post-479.css?ver=1658952173
IP 162.0.215.237:0
File type ASCII text, with very long lines (1119), with no line terminators
Hash ea0b6715134451a38cfedeb112b6d4aa
c881b62b6318732ead1275c989055bd3555f4921
a22570b0744f08485b34a584e8d0bea7728f76e9ab46e22e55343f2125a74a49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-479.css?ver=1658952173 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Wed, 27 Jul 2022 20:02:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 308
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.5
162.0.215.237200 OK 66 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.5
IP 162.0.215.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8b54dc4efcd0565793b9d5da728ff1e9
e8b76447e1553214160593bb8758455c33b362ec
f9eeb63308937197b77195a8d69e59296c38399e2d15ce9b3a7f2a23f1580ac1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.5 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 07 Apr 2022 21:57:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 66094
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.0.215.237200 OK 32 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (65447)
Hash caae40dedbb47cfab679877fd3c0fcf0
7a145002a0713369463a63e3ced33eecdbeb5096
8fb65d058a1440d4463e68f668c7050eed4a3fe6d621e27625714ebcd938e162
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 12:26:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31647
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.0.215.237200 OK 12 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.0.215.237:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.0.215.237200 OK 286 B URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.0.215.237:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.0.215.237200 OK 5.3 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.0.215.237:0
File type ASCII text, with very long lines (11126)
Hash d0728ca285aaa7b833b92ccab5c819f8
a24d6c284d5d68e0c3870e558cddf8c127a5ecf0
2103cbb53dc791be226abe165e7a463318f758950ae22fe4520d68b25f4e254f
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5306
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/astra-addon/astra-addon-636d738a1e3b91-57710277.js?ver=3.6.6
162.0.215.237200 OK 4.4 kB URL HTTP/2 paulpconstruction.com/wp-content/uploads/astra-addon/astra-addon-636d738a1e3b91-57710277.js?ver=3.6.6
IP 162.0.215.237:0
File type ASCII text, with very long lines (12305)
Hash 0fc8b9f6b0e867d00c5d86f2e9965412
6a44455c2eda5dc423a3fcd0fb13dbbb7be6b0de
e381da7504076ec5a45e55e8bed627d8998041b38567649bb22341dfa7d84b19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/astra-addon/astra-addon-636d738a1e3b91-57710277.js?ver=3.6.6 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 21:56:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4423
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
162.0.215.237200 OK 309 B URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
IP 162.0.215.237:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (509), with no line terminators
Hash 4dfbb417d68e9105a5d2d3099059b063
4e1ae13cf30e0b8f215f46249c1760e6235f6c67
f10b96f5f1a7644548d65b0de736106ff518bbb79d7a336f898346e3ceaed9e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 309
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.4
162.0.215.237200 OK 3.9 kB URL HTTP/2 paulpconstruction.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.4
IP 162.0.215.237:0
File type ASCII text, with very long lines (10420)
Hash 66565947fac4b68fb38a9d35f665da8f
b3b08168ce2ea936c7e701e40cb542753a3accaf
d2931cef7bf912894a97ffad7b00c3e1f42b1b2eed0c53434f6f4a352af412fb
GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.4 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Mon, 18 Apr 2022 14:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3859
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paulpconstruction.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:46:04 GMT
expires: Thu, 30 Nov 2023 19:46:04 GMT
cache-control: public, max-age=31536000
age: 464992
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26272, version 1.0\012- data
Hash acd820577f3bb34ce8625c9483bb1b91
ad95db0c1e705f0f602117a8dd669b4009b17e41
aae85c7c0ef572290bd44015db5d748cddbf34a5e53a14fb72f37e0a90243fd6
GET /s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paulpconstruction.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 07:28:37 GMT
expires: Thu, 30 Nov 2023 07:28:37 GMT
cache-control: public, max-age=31536000
age: 509239
last-modified: Tue, 19 Apr 2022 19:39:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
216.58.207.227200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs169vsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paulpconstruction.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:05:54 GMT
expires: Wed, 29 Nov 2023 15:05:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:24:02 GMT
content-type: font/woff2
age: 568202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31516, version 1.0\012- data
Hash 9e4726d312080161871f0472659ecf14
e0231f21da02732e9ef19c2280ea5a7aa25f04de
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604
GET /s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paulpconstruction.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 03:12:41 GMT
expires: Fri, 01 Dec 2023 03:12:41 GMT
cache-control: public, max-age=31536000
age: 438195
last-modified: Fri, 24 Jun 2022 19:34:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
162.0.215.237200 OK 3.0 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 162.0.215.237:0
File type ASCII text, with very long lines (5499)
Hash a9df4253ed567950eebac9f5e5711ecc
73bf0e88da2d18d9ac5c7455d7b4ad778dea5e66
f4258665527e644fd74f1b84db5d38bf31b9bb43bc0423b7ba04552bf1e06e70
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3025
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.5
162.0.215.237200 OK 9.8 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.5
IP 162.0.215.237:0
File type ASCII text, with very long lines (33427)
Hash 23f2fd2e0e09abe6e17bb3ae50b9510e
7ced6656ced83154305624467ffbc3265fdf2cc6
95a7878d124e0c20ffee1da9b70c22621ce06e5526eca458e4471159e80cbea6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.5 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 21:57:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9789
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1
162.0.215.237200 OK 3.3 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (4681)
Hash efc188609b81f8d9b6e15bd4adb09afd
69065f894dc48eda68e7dbce046c7e7d779aeae4
7a8db3d45d41b44998c7e9949ab43d89d72ddeaa4389c90fda8e34fece88997f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.4.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 21:47:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3303
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:55:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.0.215.237200 OK 2.9 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.0.215.237:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
162.0.215.237200 OK 2.0 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (4918)
Hash 918938b0ee6977d6506f2e0fa248bd66
292ba27818bec580f76945b53fee4ff6cddcb2c2
a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
162.0.215.237200 OK 12 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (40474)
Hash cf45d3e8044770ba8eabf3833e30fdbe
90f787b69fa2f83b87c28f3caa67985b04b333bd
c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
162.0.215.237200 OK 10 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 162.0.215.237:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1
162.0.215.237200 OK 6.4 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (19879)
Hash 1bbc0240c6a3f5f108ccc0437fb62e79
fb3d8d3ac6068af5c17f1b729cc54b42986ef11a
126e8f81928ceadb9eeb3dab10c0bb11a1bfc42b592e44610ba5e1531ea76eb0
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.4.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 21:47:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6436
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.0.215.237200 OK 8.1 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.0.215.237:0
File type Unicode text, UTF-8 text, with very long lines (8211)
Hash 240fba805d5f4d72a92a698c2982e0b8
3abeed7c23ec6678a0e309eb5513857aa9a5205b
a3d229350c4f973a872f155c54e6edffcd605b8c75998de19a1f3d4a41474fa7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 12:26:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8121
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/underscore.min.js?ver=1.13.4
162.0.215.237200 OK 8.5 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 162.0.215.237:0
File type ASCII text, with very long lines (18820)
Hash cf00cd949da31d9e1bdc61ddbbb57729
273662d3b8795d19cbe3254afe26366f86f62f1f
3c335721c0a8496ab7d4905cb4e61f5bcbe9fa35a3e8aa7e6500ec41995b9816
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 12:26:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8496
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/wp-util.min.js?ver=6.1.1
162.0.215.237200 OK 2.0 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (1413)
Hash 65d6238d06335f1636fef0dfd66fefb3
a01586aaa8dc9e8779a33f2ff401643d4e279b02
d7f19963ab3c5887d47d57f7206b664df8d48f0685e2d6ec07f92e68172a9a3c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 12:26:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1973
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.4.1
162.0.215.237200 OK 6.4 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.4.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (23758)
Hash 2dd89a82a1a4c51f82367c4011ba9cf5
81ad78aa11e62715a07d18b30db9e94a61507e18
695b57e3bc9cbece4988618cda111b62b854775a528f62d34c0c63022fbb19d2
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.4.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 21:47:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6415
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
162.0.215.237200 OK 1.6 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8
IP 162.0.215.237:0
File type ASCII text, with very long lines (776)
Hash 050745105f0893bad31b1f38ab726d54
fe134cf587b94c2bd42c9af0fc883d9d57231418
03ff10f438784b0ef9224947707c6f06ab262572690cd7b1777231c4f640a6a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1610
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8
162.0.215.237200 OK 1.4 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8
IP 162.0.215.237:0
Hash e30a82573bf2ca75faac6a9bd8cb2144
802815b3289b18b53569d9ac38dd2c93f500c2b8
0201f299dbcef2b7384a98bf9910eff5bb882af5833970adebeacf1903b3c878
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1389
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
162.0.215.237200 OK 9.0 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
IP 162.0.215.237:0
File type Unicode text, UTF-8 text, with very long lines (24463)
Hash 506b6e546e0ab7468140cc2828df4963
606906c3bf2d79ea9f5ea8e36eb29d31025f8009
367c5072bfb5b3bde249bd016ab8e0ba45a40b4a492734d4b808293cc577d381
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8994
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.0.215.237200 OK 5.9 kB URL HTTP/2 paulpconstruction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.0.215.237:0
File type ASCII text, with very long lines (15660)
Hash fc6bd04b4b7509229c5ad739718b6cca
96dd7e1f228b846acbf97b76663577b9e61c059a
55126d27a0602ffb83b4fe37db5bae35a58bb83edb401dc110aec2c1601a6f98
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 23:52:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5920
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
162.0.215.237200 OK 2.1 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
IP 162.0.215.237:0
File type ASCII text, with very long lines (1735)
Hash 4428ea0fd17520ae337458c7b5c4ce7a
a7b1e561dfa8a149e42e48b19b93475e184490f6
06525b1053f126c956c237853917d9bdb857527b6a7cb1e2ed93240fda0caeb6
GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2105
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8
162.0.215.237200 OK 11 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8
IP 162.0.215.237:0
File type ASCII text, with very long lines (32412)
Hash cfb92bc6509d22d049480fbad12bca3d
e8d85b867dd20329b43437cc07cdf2bac433f673
322819df968475d04ea407a9f86a91fb510638d80b7a3815a53ff99ee0fe14c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10663
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
162.0.215.237200 OK 2.9 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
IP 162.0.215.237:0
File type C source, ASCII text, with very long lines (4036)
Hash 5be4ea0893ec2b5d8a1cb07e28d6bd27
03518c7c8788b033c6c9c36b6fe5b24f4766ce0e
1edc2d64a4c1d0e661925f3eb6c430ec2f213e8882b3906daadef4fc5c55133e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:54 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2894
date: Tue, 06 Dec 2022 04:55:54 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2018/07/abstract-bg-free-img.jpg
162.0.215.237200 OK 12 kB URL HTTP/2 paulpconstruction.com/wp-content/uploads/2018/07/abstract-bg-free-img.jpg
IP 162.0.215.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x803, components 3\012- data
Hash ef63687105ddd7451860606ccdeee60b
409fec0c15af8e307ce3e45a6d60d485aec72b9b
4ce8335a05d2296e9e770bbef1095c1280a9d314bc46d78f10e12234fb27fd6a
GET /wp-content/uploads/2018/07/abstract-bg-free-img.jpg HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Apr 2022 21:58:15 GMT
accept-ranges: bytes
content-length: 12515
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/themes/astra/assets/fonts/astra.woff
162.0.215.237200 OK 3.3 kB URL HTTP/2 paulpconstruction.com/wp-content/themes/astra/assets/fonts/astra.woff
IP 162.0.215.237:0
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: font/woff
last-modified: Thu, 10 Dec 2020 17:30:40 GMT
accept-ranges: bytes
content-length: 3304
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2022/04/pipe4.png
162.0.215.237200 OK 2.9 kB URL HTTP/2 paulpconstruction.com/wp-content/uploads/2022/04/pipe4.png
IP 162.0.215.237:0
File type PNG image data, 154 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash fff22aed252aca3dfb4b0770eeea3ab7
b81649656491a9fa933c0d970aa73b011a540461
a7f92a02a215471f5d4315a3078844aea229a1124d63e9e6c93be69d73561877
GET /wp-content/uploads/2022/04/pipe4.png HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/png
last-modified: Thu, 07 Apr 2022 22:52:21 GMT
accept-ranges: bytes
content-length: 2890
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
162.0.215.237200 OK 78 kB URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 162.0.215.237:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://paulpconstruction.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: font/woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
accept-ranges: bytes
content-length: 78196
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald%3A300%7CTeko%3A400&display=fallback&ver=3.9.4
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald%3A300%7CTeko%3A400&display=fallback&ver=3.9.4
IP 142.250.74.106:0
GET /css?family=Oswald%3A300%7CTeko%3A400&display=fallback&ver=3.9.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paulpconstruction.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 04:55:54 GMT
date: Tue, 06 Dec 2022 04:55:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2020/02/home-img-01.jpg
162.0.215.237200 OK 0 B URL HTTP/2 paulpconstruction.com/wp-content/uploads/2020/02/home-img-01.jpg
IP 162.0.215.237:0
GET /wp-content/uploads/2020/02/home-img-01.jpg HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Apr 2022 21:58:17 GMT
accept-ranges: bytes
content-length: 192348
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2022/04/YUNC0386-Copy-1024x576-1.jpg
162.0.215.237200 OK 0 B URL HTTP/2 paulpconstruction.com/wp-content/uploads/2022/04/YUNC0386-Copy-1024x576-1.jpg
IP 162.0.215.237:0
GET /wp-content/uploads/2022/04/YUNC0386-Copy-1024x576-1.jpg HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Apr 2022 23:10:29 GMT
accept-ranges: bytes
content-length: 147145
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2022/04/kennedy-pour-scaled.jpg
162.0.215.237200 OK 0 B URL HTTP/2 paulpconstruction.com/wp-content/uploads/2022/04/kennedy-pour-scaled.jpg
IP 162.0.215.237:0
GET /wp-content/uploads/2022/04/kennedy-pour-scaled.jpg HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/wp-content/uploads/elementor/css/post-502.css?ver=1658952174
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/jpeg
last-modified: Thu, 07 Apr 2022 23:13:20 GMT
accept-ranges: bytes
content-length: 1123554
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/uploads/2022/04/Copy-of-Minimal-alphanumeric-black-and-white-logo-Made-with-PosterMyWall-1.png
162.0.215.237200 OK 0 B URL HTTP/2 paulpconstruction.com/wp-content/uploads/2022/04/Copy-of-Minimal-alphanumeric-black-and-white-logo-Made-with-PosterMyWall-1.png
IP 162.0.215.237:0
GET /wp-content/uploads/2022/04/Copy-of-Minimal-alphanumeric-black-and-white-logo-Made-with-PosterMyWall-1.png HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paulpconstruction.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: image/png
last-modified: Thu, 07 Apr 2022 22:04:53 GMT
accept-ranges: bytes
content-length: 18242
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
paulpconstruction.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
162.0.215.237200 OK 0 B URL HTTP/2 paulpconstruction.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 162.0.215.237:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: paulpconstruction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://paulpconstruction.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 04:55:56 GMT
content-type: font/woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
accept-ranges: bytes
content-length: 93372
date: Tue, 06 Dec 2022 04:55:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2