Overview

URL paulgay.com/
IP188.165.53.185
ASNOVH SAS
Location France
Report completed2022-07-06 04:35:36 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 paulgay.com/ Malware
2022-07-06 2 www.paulgay.com/ Malware
2022-07-06 2 www.paulgay.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/revslider/public/assets/css/settings.css (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/css/owl.carousel.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/css/owl.theme.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/css/font-awesome.min.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/tablepress-combined.min.css?ver=5 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/style.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/css/iron-audioplayer.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/essential-grid/public/assets/js/lightbox (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/croma-music/js/objectFittPolyfill.min.js (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/essential-grid/public/assets/js/jquery.t (...) Malware
2022-07-06 2 www.paulgay.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/revslider/public/assets/js/jquery.themep (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ve (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/p (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/utilities.js Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/jquery.parallax.js Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/barba.min.js Malware
2022-07-06 2 www.paulgay.com/wp-includes/js/underscore.min.js?ver=1.8.3 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/iron-parallax.js Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/main.js Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/croma-music/js/countdown/jquery.plugin.min.js Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/croma-music/js/twitter/jquery.tweet.min.js Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/croma-music/js/countdown/jquery.countdow (...) Malware
2022-07-06 2 www.paulgay.com/wp-includes/js/wp-embed.min.js?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/iron-audioplayer.js Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/js_composer/assets/lib/waypoints/waypoin (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.j (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/js_composer/assets/lib/owl-carousel2-dis (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/plugins.all.min.js Malware
2022-07-06 2 www.paulgay.com/wp-content/uploads/2016/05/IMG_1041.jpg?id=925 Malware
2022-07-06 2 www.paulgay.com/wp-content/uploads/2016/05/dossier-presse.jpg?id=873 Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/assets/audioplayer.html Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/assets/default.wav Malware
2022-07-06 2 www.paulgay.com/wp-content/themes/croma/js/assets/default.wav Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/revslider/public/assets/js/extensions/re (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/revslider/public/assets/js/extensions/re (...) Malware
2022-07-06 2 www.paulgay.com/wp-content/plugins/revslider/public/assets/fonts/revicons/r (...) Malware
2022-07-06 2 www.paulgay.com/wp-admin/admin-ajax.php Malware
2022-07-06 2 www.paulgay.com/wp-includes/css/dashicons.min.css?ver=5.6.8 Malware
2022-07-06 2 www.paulgay.com/wp-content/uploads/2021/12/203AA1B4-5CC0-4293-BD73-40E18749 (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] www.paulgay.com (71) 0 No data No data 188.165.53.185 Unknown ranking
[Mnemonic Passive DNS] fonts.googleapis.com (7) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-05 05:12:14 UTC 54.230.111.14
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-05 05:12:14 UTC 44.240.216.68
[Mnemonic Passive DNS] paulgay.com (1) 0 No data No data 188.165.53.185 Unknown ranking
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-05 12:56:13 UTC 34.120.237.76
[Mnemonic Passive DNS] cdnjs.cloudflare.com (4) 235 2014-04-23 07:31:51 UTC 2022-05-16 10:07:49 UTC 104.17.25.14
[Mnemonic Passive DNS] fonts.gstatic.com (2) 0 2017-01-30 04:59:51 UTC 2022-07-05 04:59:30 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-07-05 04:59:43 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-05 22:46:12 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 188.165.53.185

Date UQ / IDS / BL URL IP
2022-08-08 14:41:13 +0000
0 - 0 - 9 paulgay.com/wp-login.php?reauth=1&redirect_to (...) 188.165.53.185
2022-08-05 12:19:10 +0000
0 - 0 - 2 au-delice-des-gourmands.com/notificasecur/ 188.165.53.185
2022-08-04 19:45:47 +0000
0 - 0 - 1 au-delice-des-gourmands.com/ 188.165.53.185
2022-08-03 01:21:32 +0000
0 - 0 - 1 diamantina-joaillerie.com/ckfinder/userfiles/ (...) 188.165.53.185
2022-08-02 22:26:53 +0000
0 - 0 - 1 lasnida.com/wp-content/uploads/2022/07/Wic_Re (...) 188.165.53.185
2022-07-29 11:09:43 +0000
0 - 0 - 1 duquenne-moteurs.fr/webroot/upload/files/pupe (...) 188.165.53.185
2022-07-28 07:15:14 +0000
0 - 0 - 2 louistomlinsonfrance.com/wp-content/uploads/2 (...) 188.165.53.185
2022-07-28 02:33:48 +0000
0 - 0 - 2 louistomlinsonfrance.com/wp-content/uploads/2 (...) 188.165.53.185
2022-07-26 19:53:27 +0000
0 - 0 - 2 baakcafe.com/ 188.165.53.185
2022-07-24 02:09:14 +0000
0 - 0 - 1 lasnida.com/wp-content/uploads/2022/06/birdse (...) 188.165.53.185

Last 10 reports on ASN: OVH SAS

Date UQ / IDS / BL URL IP
2022-08-20 04:39:27 +0000
0 - 0 - 61 grupoweb.cl/ 198.50.158.221
2022-08-20 04:22:51 +0000
0 - 0 - 1 geomax.ma/ 51.255.83.82
2022-08-20 03:42:53 +0000
0 - 0 - 2 https://abmaxdigital.com/wp-content/uploads/2 (...) 51.79.72.47
2022-08-20 02:11:47 +0000
0 - 0 - 4 https://stnperu.com/op/dsmeasutaanmot 149.56.185.74
2022-08-20 01:22:52 +0000
0 - 0 - 1 geomax.ma/ 51.255.83.82
2022-08-20 01:04:38 +0000
0 - 0 - 4 fea0f1f6fede90bd0a925b4194deac11.dnsabr.com/ 51.195.195.241
2022-08-20 01:00:40 +0000
0 - 0 - 2 corscania.com/cgihub/Protected%20Client.vbs 51.79.19.15
2022-08-19 23:52:57 +0000
0 - 0 - 1 wowroms.com/en/roms/list?search=ps3 167.114.103.42
2022-08-19 22:28:25 +0000
0 - 0 - 2 update.chistilka.com/update.php?partner=offer (...) 5.135.140.26
2022-08-19 22:18:03 +0000
0 - 0 - 2 https://abmaxdigital.com/wp-content/uploads/2 (...) 51.79.72.47

Last 2 reports on domain: paulgay.com

Date UQ / IDS / BL URL IP
2022-08-08 14:41:13 +0000
0 - 0 - 9 paulgay.com/wp-login.php?reauth=1&redirect_to (...) 188.165.53.185
2022-07-23 15:42:45 +0000
0 - 0 - 28 paulgay.com/wp-content/uploads/2017/04/dossie (...) 188.165.53.185


JavaScript

Executed Scripts (40)


Executed Evals (1)

#1 JavaScript::Eval (size: 635, repeated: 1) - SHA256: 3ca1bdcd1c57d7f5ab21654c97b4034afe19fbe96672052f376e85f114961d8f

                                        $('.page-template-archive-posts-list .media-block a, .page-template-archive-posts-grid .meta-simple, [class*="page-template-archive-posts-grid"] .tab-text, .videogrid .text-box').addClass("color2_txt");

//Split Background
jQuery(".split-bg").each(function(index) {
    var newClass = 'split-bg-bottom-' + (index + 1);
    jQuery(this).prepend('<div class= "' + newClass + '"></div>');
    var colorBottom = jQuery(this).next().css("background-color");
    jQuery('.' + newClass).css({
        'background-color': colorBottom,
        'display': 'block',
        'width': '100%',
        'height': '50%',
        'position': 'absolute',
        'top': 'calc( 50% + 1px)'
    });
});
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 204, repeated: 1) - SHA256: 7a483044b64ec096e3741c123b19742f25bad156cb9dacd7d063c1e47aee9974

                                        < script > window.onload = function() {
    var em = document.getElementById("em");
    window.onresize = function() {
        if (parent.jQuery.onFontResize) {
            parent.jQuery.onFontResize.trigger(em.offsetWidth / 100);
        }
    }
}; < /script>
                                    

#2 JavaScript::Write (size: 52, repeated: 1) - SHA256: 588b76a9b1105baaf542f84c3c315313f9fdf8a56b2fa463d04f1fe95cd52485

                                        < div id = "em"
style = "width:100em;height:10px;" > < /div>
                                    


HTTP Transactions (101)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 03:56:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9htpSBilC_u60O_oSLGbbNUJSMJnfZmQ-bHvF1h5YiQVeUPlsr0aGw==
Age: 2362


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Wed, 06 Jul 2022 06:07:35 GMT
Date: Wed, 06 Jul 2022 04:35:22 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hGY-x6KJ_NZN3Hub7BqukjLmjREvQdVojqAnM4_FxOr8Z94N4XMajg==
age: 4117
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 04:35:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 06 Jul 2022 04:34:59 GMT
Cache-Control: max-age=3600
Expires: Wed, 06 Jul 2022 04:58:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hzNVXF-HxEBoKt4EO8wXg9DoyuvewBViVvQN323p0JhaLp_3rpFUqw==
Age: 27


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2548
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 04:35:23 GMT
Last-Modified: Wed, 06 Jul 2022 03:52:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KZXRXpOLEcWeFaOJIpb3Hg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.240.216.68
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kLKMUVEaRBxJS4u/LNrr0suYZEo=

                                        
                                            GET / HTTP/1.1 
Host: paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         188.165.53.185
HTTP/1.1 301 Moved Permanently
                                        
date: Wed, 06 Jul 2022 04:35:24 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.0
set-cookie: PHPSESSID=0a33cc24949fb63b2fb02370b51c376a; path=/
pragma: no-cache
expires: Wed, 06 Jul 2022 05:35:24 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: http://www.paulgay.com/
x-iplb-request-id: 5B5A2A9A:3E2B_BCA535B9:0050_62C5110A_4C8EE:11C00
x-iplb-instance: 17180


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6656
Expires: Wed, 06 Jul 2022 06:26:20 GMT
Date: Wed, 06 Jul 2022 04:35:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6656
Expires: Wed, 06 Jul 2022 06:26:20 GMT
Date: Wed, 06 Jul 2022 04:35:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6656
Expires: Wed, 06 Jul 2022 06:26:20 GMT
Date: Wed, 06 Jul 2022 04:35:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa84f597b-27f5-4aa5-a416-9b7af03690c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5579
x-amzn-requestid: 1dd88ff3-004d-4979-9b03-c67dd1674eed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UyBktHjloAMFyag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c3e2ea-774b45f11971772d475320bf;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 07:06:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dxvi0GoFSQVY4quJX-Ysh562fakCJnUT2ioGl3UUCYfcz-SdRNv_QA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 07:20:32 GMT
age: 76492
etag: "88adaa91cabcf87f2b679e051c1da464cb297c00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5579
Md5:    2ef62ce237842260bf38afba9e210e79
Sha1:   88adaa91cabcf87f2b679e051c1da464cb297c00
Sha256: e00daace4e4d73799343aee18cbc8c64735221636908b8760bbc52a4d84353b0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde8f4008-69f3-4766-a957-006ebc39d2e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9047
x-amzn-requestid: 8e0eccf9-7f3e-4333-a5d7-a35dd0e068eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BU0HNmoAMFaQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af51-1d81f8e10200694125ede95f;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:25 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: p01XdrlrorzmgxXBsOJnDXZr2H4NK0kTKLw9EwA5gpq_BlyCwaub2A==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:18 GMT
age: 24306
etag: "7aa6cd994a565c8b6832d48c1e36b17f33621e90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9047
Md5:    bb2f16af747cd633f71de1966771b532
Sha1:   7aa6cd994a565c8b6832d48c1e36b17f33621e90
Sha256: b61a354007e630a3be3ae0c2c2336d3dd71cec02eab7b4234ebb40f69561acf0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb6c586-bb86-4a54-bd48-f2b5da763e74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7117
x-amzn-requestid: 7cfe344b-f098-4260-bb50-6574786e6ee2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BW8HnbIAMFkrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5f-14a960ac060d2d120cb0ad7c;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0F6ZVkqKywgjh9Qa1DJw_-rdOLcc1tzEll0J58NeawksoIu9nY1a-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:52:41 GMT
age: 24163
etag: "01efbdf6b2ab79332bf6a22d36472e294732aa17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7117
Md5:    b4ead2bdcbc998a5685d65a26e40ce1a
Sha1:   01efbdf6b2ab79332bf6a22d36472e294732aa17
Sha256: 04399a91345db4f89bdbbb9ddb30db0f2a0c29654491b38bb1a30bd40c4f3e48
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utd8tEKYIAMFbmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9b-i6Ono7HZPLnQTZVWjd00ihgjD2qR-Meg1fdOa2d-SXIITlOM4yw==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 13:48:41 GMT
age: 53203
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb27cd33-0557-4e9f-afa8-36973b921638.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11085
x-amzn-requestid: 82a2d755-e6c4-42dd-968b-68139eb0ca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqG7yIAMFX4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-632afe61133c32b9404293aa;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FgLDC0y3cLO-alKiAuW2MgtAoPAEnYGOMANmRO6Uf7zDF2yQozPcqA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:02 GMT
etag: "c2d6d0adbf9ddb01fb9e8e89398504c31720f99c"
content-type: image/jpeg
age: 25102
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11085
Md5:    5552141e4ff21ea5cdfb3ee3cf7099a2
Sha1:   c2d6d0adbf9ddb01fb9e8e89398504c31720f99c
Sha256: 27bbe0ad182a253333e32623db676ef00298acc21c6195c0a7ca7a4c3c2b0b12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24a4e9ec-f2d8-496d-8bf5-4a09a1c529ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6451
x-amzn-requestid: 1aea88d2-bb3a-4c4d-9ad9-bcc717493d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BtlHJ1IAMFlVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aff0-2fe5fbde52a985f4692b5d86;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ay1wAs7K4Qj0kFA5gLmh2a7FBkMA-WvBsh68bB7OwRHreBVUDyl-kA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:52:42 GMT
age: 24162
etag: "9ab38400f242963b5e02b94fbdc7757dfe3b99f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6451
Md5:    be33cac352975a54b76edc4da7656a91
Sha1:   9ab38400f242963b5e02b94fbdc7757dfe3b99f9
Sha256: d29bdd7fcc9bfe862ff29fa52089ad9670141cef385d4bc7926ceb6e43612fba
                                        
                                            GET / HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.0
set-cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <http://www.paulgay.com/wp-json/>; rel="https://api.w.org/", <http://www.paulgay.com/wp-json/wp/v2/pages/1369>; rel="alternate"; type="application/json", <http://www.paulgay.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110C_5192C:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2471), with CRLF, LF line terminators
Size:   12618
Md5:    a387a6b9dc863ff5fc69f3d4dc0ad4ed
Sha1:   742f98fe95f9d09ff75b373979c4571017965e3b
Sha256: ec069e8be72369b29e53e780ec84471877f0b1dd175365ba0624340dcabbf170

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.6.8 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   797
Md5:    2e7e2ada94ec977b993441f8f8873eb5
Sha1:   908b24a1f93267ed0a988dff5e5514913a92ae31
Sha256: c5966897b86ed3675907d64e943b36a21b7637eb7cc57816b2456b4c888a3156
                                        
                                            GET /css?family=Droid+Serif%3A400%2C700&ver=5.6.8 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   303
Md5:    a12841952a98d4e00e0ad3ff2a8c60f8
Sha1:   226af6f94b388fcd3950735f8ed630d35c222f91
Sha256: 4ef5233d7a20fdcdcc67930e5d9b7ad760597129df1c2fdab7f2dd78fefbfe9b
                                        
                                            GET /css?family=Josefin+Sans%3A400%2C600%2C700%7COpen+Sans%3A300%2C300italic%2C400%2C600%2C600italic%2C700&subset=latin%2Clatin-ext&ver=5.6.8 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   1060
Md5:    39e6cf32d410aaa6d1abcf7d848fed63
Sha1:   02e0a2f9d9a14e615f09589a8085960c165f4106
Sha256: 9a13e5365014908356040fc1ff5cd202f3f8f4704bf04f8f4a38c18c8a85faef
                                        
                                            GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.6.8 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   746
Md5:    f48c66d649ce57ac78feb973f1cd92df
Sha1:   80163bb33ff72e2c3fdd1764daf57147dd471cd5
Sha256: c18cd7db66802cba0f04aaba4f7991e09bbf3ef4892a5af0d0538b4717e90ef6
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 7849
server: Apache
last-modified: Mon, 22 Feb 2021 20:43:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51958:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (27525)
Size:   7849
Md5:    a3dd1c0cc400319c405dfb62dc6eba57
Sha1:   0f1baa39908b0bc5a6ab8e82e7a51d2a49021019
Sha256: 153da274f7b797b304dffe7762875bc10694ed11975d1ee06e44fa12060df783

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.1.0.2 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 9131
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:59 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139EA:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7136), with CRLF line terminators
Size:   9131
Md5:    9e3c30c0d4ee6b9a9e6b418bc85f7df0
Sha1:   9600d82b4c7c3612082a81379f8b07b063f4124f
Sha256: db7298f9c5b71d9fb459767959aed4a7a8b79e5cf346ae8499379311c8d6f5b9
                                        
                                            GET /wp-content/themes/croma/css/fancybox.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 1265
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_20772:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1265
Md5:    b2b40337128247eaee6baa5bf0446705
Sha1:   2966a2f216b64e81d95d1f4966c0465b6748d249
Sha256: 8719e9c5f0515c79f4d71d67451cc5924bc3dd234f337c2fcdd4e8f808cfd488
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 7024
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527D4:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (29256), with CRLF line terminators
Size:   7024
Md5:    606eced6351f068f91f98f4a59fee316
Sha1:   ecfe7f6c053c50f5c8b7ed6b151462e521d4fd85
Sha256: c41871327c0d7f2aaaa552ef7503850a0d330201cd764e1b7c769521c5733876

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/css/owl.carousel.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 1115
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351D8:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1115
Md5:    c97e537117abac9ce24020cf4282b9db
Sha1:   78ec34c58f1f8927171abb2488a28e658ae6fa60
Sha256: a2e55cfe0b20f47162e93f1d31e97645c0362381b9cf433c84d11f4850597a41

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/css/owl.theme.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 615
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20234:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   615
Md5:    1ca2c879667f137ea6f9d9552d22b695
Sha1:   ec3135f84271bec28cae4d07e8adf3d6a3c951dd
Sha256: 45c254568e00e630dfe88a253214034d750f7bf19ed085df6e8cb3faa896ee73

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/css/font-awesome.min.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 6666
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51964:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (28900)
Size:   6666
Md5:    44199db135a3cf78e3cf4bf6e3170033
Sha1:   96a27c54fd2723ff930c3faa8cf6c600a90ff78a
Sha256: 80e21be34b782b126cd2908f142df631e4396099a1e62255253b6299b3e9a0aa

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/tablepress-combined.min.css?ver=5 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 2318
server: Apache
last-modified: Fri, 29 Jan 2021 14:30:51 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20237:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (5144)
Size:   2318
Md5:    cbdebb71b2e2e961e3e04b98baae26e1
Sha1:   4c9b2fd5c6ecfdf7564827ae1afc48d721fcc37e
Sha256: b481695b9ac0b5b7453b5211d88e3e2ec3f98fe712baa4148fef70010b4579a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/css/page-banner.css HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 535
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351DE:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text
Size:   535
Md5:    f3b0cbaf29e44111622f6d70352b0818
Sha1:   d00af4ef112d8341372f2b16c2813f10c4d7ed04
Sha256: 2922b578dfa34aff233e793a7936a35236a34b6538344f3bb7f03ec03359f679
                                        
                                            GET /css?family=Abril+Fatface%3Aregular&ver=5.6.8 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   344
Md5:    b9f83b69b12c26c200b6c895b9edc944
Sha1:   2e81ec40f29063b23b5d0b368154c9e7f4a436cf
Sha256: 48e5013759f8e3378088f5a108b924eb1fb39b90e4e6ac473942622342ebad15
                                        
                                            GET /ajax/libs/velocity/1.4.3/velocity.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         104.17.25.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 06 Jul 2022 04:35:25 GMT
Content-Length: 16064
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb0401a-ad85"
Last-Modified: Mon, 04 May 2020 16:17:30 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 14415
Expires: Mon, 26 Jun 2023 04:35:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsmb9Ejtg6VjqLznrRY3lZ64Jm%2FsmszmUFtaup6KyrdNxIDOET8o7E0SFG0nYnzjOjzqSA%2BIxWdsEudFNQVfgBYxRjCMWktzA%2FdXNiAwHrpE2h8WRWo5LMV7TNN8KD6ZaX4pRn3M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7265a2349df31c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   16064
Md5:    abbb62e43cf961f2820d07ce32d8ac79
Sha1:   9bd6d48935b17f36ad9f4780070989305389c1ec
Sha256: f8200fa79e819dc58a6e1c7ac17d7a1735b012cb7f7833836c6210f9bc4c4b1e
                                        
                                            GET /wp-content/uploads/css/custom-style.css HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 5363
server: Apache
last-modified: Mon, 01 Apr 2019 09:43:23 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527D6:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  assembler source text\012- assembler source, ASCII text, with very long lines (326), with CRLF line terminators
Size:   5363
Md5:    dcdb147673476770055ba27a99e934a7
Sha1:   be4a88815d87f1b982761c3a87b628ca96c8f468
Sha256: ebdde3a2c7ebea20d805fd845c5745696903542e3f87dac6b06c010505e8999c
                                        
                                            GET /wp-content/uploads/css/custom-style-croma-music.css HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 409
server: Apache
last-modified: Fri, 08 Nov 2019 09:42:30 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51967:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   409
Md5:    51fc6fdad11a8d61a106aed1e4eb16d2
Sha1:   6fa3f171443d4acf4a71efbd2c0088d2f5c5330b
Sha256: 7ab4f93250cd914fc8f388fceaac9ea4beb9efbed3bb5470402e880ce94e194b
                                        
                                            GET /ajax/libs/animejs/2.0.0/anime.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         104.17.25.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 06 Jul 2022 04:35:25 GMT
Content-Length: 4808
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03d2a-2a9a"
Last-Modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 14415
Expires: Mon, 26 Jun 2023 04:35:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys3gguOQrKmQh8TZ%2FdGIsqOQTfaIik0rwiEnnnsAj3gHWKPBnpqKBgBvlnmYgrZTu3hbDSzFVlMKA386czmCjenG9e%2Fhe%2B5RP0WP7e88rX2ftVViTeqgdioVxuIQGgGlDasdhUZg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7265a234ab62b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (525)
Size:   4808
Md5:    fae7ed0dba452ac4e853df4f8512832c
Sha1:   13be197d6a25ba8c6714ad57596f31d0ca3b00e1
Sha256: ceab786e2de22919b56ca8480e745b7e9229021909f8a34f0135f7cff03cd2a7
                                        
                                            GET /wp-content/themes/croma/style.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 39052
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_20773:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  Nim source code, Unicode text, UTF-8 text
Size:   39052
Md5:    54e9a05080b85b86d40b638f7aef002c
Sha1:   86354bfdda714ba23bdfbcbd00940c8b8eb51a27
Sha256: 0f9207736fd8639028e0ddab69416d3060c17ee50c8da35fdeeeb803c89497bf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/wavesurfer.js/1.2.8/wavesurfer.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         104.17.25.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 06 Jul 2022 04:35:25 GMT
Content-Length: 7772
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb0402f-74fa"
Last-Modified: Mon, 04 May 2020 16:17:51 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 14415
Expires: Mon, 26 Jun 2023 04:35:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dcoKMJMFBvumL3l7g5C4mKtTokuYCn%2FYUZ2O83nIBmV4fMyoSXi9t9gGQpLJdeP4F2hJa31vuZVkJXx7YGXNQo4caOcqi%2F3iKlK7LyFVdVF5kUvJQvWa9ZVeBZZBhCwh95j43rd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7265a234bdff1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (29778)
Size:   7772
Md5:    5d1df53c896b1f168d58f862bd3b3b5b
Sha1:   3030979ac23a08c17037b92554cf261eb4607b74
Sha256: 15461a618588c4d86f65594790665cc948080eb737832d1f7be0f6c6135ec5b3
                                        
                                            GET /ajax/libs/moment.js/2.11.2/moment.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         104.17.25.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Wed, 06 Jul 2022 04:35:25 GMT
Content-Length: 14116
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03f26-9f21"
Last-Modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 14414
Expires: Mon, 26 Jun 2023 04:35:25 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ods%2FrWD2ZDBIbJbkb1t04y6ish4pSL%2BUcHTIvA59WZqm9tBZ0%2B7ddEGZVD5kbaSLTY5CK4%2F%2BbYKoBm5l3V%2BFMCPuYonVkDXcTjxIP4UxGhD0cTBfbx%2Fl4ADXUA3183TvxNJpYyCY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7265a234bb68b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (32015)
Size:   14116
Md5:    385a34e5a9783c3b260753c4fe5f6b56
Sha1:   d435834ec67fd829b401a22651267e9380b33aaf
Sha256: 0826a3791dd0a80b407793b611183190fd2b9a189af609a1cc0394693c08e51a
                                        
                                            GET /wp-content/themes/croma/css/iron-audioplayer.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 2404
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351E1:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text
Size:   2404
Md5:    858638be17ff0120e946ac31180e50f0
Sha1:   3fbe634b4f4edcd425c8eac0c503e1690cf68845
Sha256: eddfe0d5f20d5e0e21ad3689ca4d0d7d581a98c445afba0e2e779b69a17e037d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/css/custom-style-croma-event.css HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 405
server: Apache
last-modified: Fri, 08 Nov 2019 09:42:30 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20239:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   405
Md5:    c7b32fe0005d36bbf3490c6dfbbb4f6b
Sha1:   5d4ef7e6f9bc105c54fb151e12669a25a059d84a
Sha256: a43c3f3e7c8c3a4df5be50bf414d3c0d337294968efcb1bae1cc1bab71b7b861
                                        
                                            GET /wp-content/plugins/essential-grid/public/assets/js/lightbox.js?ver=2.1.0.2 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 13720
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:59 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_20777:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (410), with CRLF line terminators
Size:   13720
Md5:    9982e61ce83250ea78ed65f57034be11
Sha1:   3261c897a186e86505ea6796129381146ce1c2b2
Sha256: d0ecdb2c344073739d5788a9e7ec22e0ee0f880e3d4057767c3f924e10a66ecd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4169
server: Apache
last-modified: Fri, 29 Jan 2021 13:09:26 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_5196B:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
                                        
                                            GET /wp-content/plugins/croma-music/js/objectFittPolyfill.min.js?ver=1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 1089
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_5196D:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (2660), with no line terminators
Size:   1089
Md5:    05b0bd1499b69a62dda1c223eabcbb2f
Sha1:   b4bca8b99b82661338daa26f5fef0bfaea2aebee
Sha256: 419dedf445831c921e3d729b81708f05a810dfd1fb15a9698e242d260f8b42eb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/croma-music/js/ironMusic.js?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 775
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_2077A:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   775
Md5:    f3c2dbc951826112f5ce122240093c03
Sha1:   5a0730b9a7258cc80ae4eed7727fea045a132c3e
Sha256: 915d4f89a20b4f49e9faa71dd90066146e9b8ea875ea326717e0f20757812360
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 44397
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139EB:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   44397
Md5:    093022cbb463574a78112bc1315e62d9
Sha1:   f6cab15675e35bca525d43a70ac20eed35d4cc74
Sha256: 69e831c5926dbf97dd3b6a38d722420eb2ab480320ec478194e6919392271a09
                                        
                                            GET /css?family=Open+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   596
Md5:    591b1be39cc53960d37180cad72b5369
Sha1:   8adb85548abaea59e0070a684d8fd4678dae0439
Sha256: c538b591724713742308b7b1d025390e179bd9cdf2bd14182073db5512e76fbc
                                        
                                            GET /css?family=Josefin+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 06 Jul 2022 04:35:25 GMT
Date: Wed, 06 Jul 2022 04:35:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   421
Md5:    dff552ef1e4faa51244d7e02af007d4f
Sha1:   dd766b198977189e3b25f8a8676c762c2ca4f7e9
Sha256: c2193fa87557365fd80bda522a47692caa9f6d63aa67f4198b033c66de953335
                                        
                                            GET /wp-content/plugins/essential-grid/public/assets/js/jquery.themepunch.tools.min.js?ver=2.1.0.2 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 36917
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:59 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351E3:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (26857), with CRLF line terminators
Size:   36917
Md5:    506e29b2c16740e1de17fb13d08b5f84
Sha1:   a23c87277cf596578e6e186cecf9e6c01e4ad507
Sha256: fc42dd4a9b81bd68f6ca3887b5f23b477040360843eb04b574fafca4061308e7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4662
server: Apache
last-modified: Thu, 04 Feb 2021 08:27:54 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527DF:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (11272)
Size:   4662
Md5:    9c26256ee738b510ab56c09607a7286f
Sha1:   197327c8d1cd72ce8d335fc0b8b007ddca60191d
Sha256: cfe161d7b5764e21a1e8ea764f4a0c0da41f1aba16bb8329bd11acbc7a156e4b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/assets/owl.min.css?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 1154
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_2077D:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (4618), with no line terminators
Size:   1154
Md5:    5955ecf0c6ab0418e178fe492bf981a9
Sha1:   6ac013d1d8d4d07083aa52e4902da28524bf6eb5
Sha256: 9b7b726a0f3e5fdaff34d06974fab6be3e93efc9c5739e7afbe9a604f3df6a06
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 17259
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_2023B:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (32026), with CRLF line terminators
Size:   17259
Md5:    5f13b7024037fbec55bf699b64291676
Sha1:   8a86f42068e02d9446693297afeb6ed33347c988
Sha256: b59da6c8b97afdac66e58faa3a1b6f70ec1313e36ad882bc4669439e0eb26746

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 3699
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139F3:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (52724)
Size:   3699
Md5:    b26885a67eb330cd6345db73122804f6
Sha1:   397d935c84b6b0d59f529930d81e8219ad67926f
Sha256: 80533b4f5af6cf0689907a1dd9a8ed60175ae90283a97e10a2737b3cb84e1d2d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 3951
server: Apache
last-modified: Fri, 29 Jan 2021 13:12:45 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351E5:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text
Size:   3951
Md5:    9c3f35d25fc1f08e91d811f18b705309
Sha1:   4ff1be4c211d2e4ad3fa4b83abe9a71405d4e4df
Sha256: af1ce72f37d8d8f7d80d7f3d81a05a1f0d441967b371237050e7ee38b30438a0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: text/css
content-length: 2828
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_5196F:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (20683), with no line terminators
Size:   2828
Md5:    b74daf5ac07c32f78ee64cdc633793c5
Sha1:   49b4556b8588788eda28eff3e0a7a53fb66532a3
Sha256: daf164f0d20badf2a3d972e5a81d36ab712fe505ff56e88bb00668729c7472bf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/utilities.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 16964
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527E6:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   16964
Md5:    ab7314d06d9aaf5b533b3cb87aba0079
Sha1:   f2a705ae0081821ee467b3028c2190378e2ff456
Sha256: ea65012f27436149345cde8b870bb0db13243b261ced1b56537145d9d05750f1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/jquery.parallax.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 813
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20242:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   813
Md5:    0ff1a1ff6c193ee0307a5d1aa4a3fb3d
Sha1:   8502cfce0dd607ac924a3ea205fdcc8a5b6c761b
Sha256: 80e4c35ea50b89475cb0399b5bf094f6733ba18232c42aa1c6e7794eefbc5e81

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/barba.min.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4090
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139F6:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (12563), with no line terminators
Size:   4090
Md5:    39feb0bb0d15a22d61820f1387eba2f5
Sha1:   c694499b791f36f2784037cdbc2fd76bddbaeb7d
Sha256: caea9f1d68c8354427103bd61f791c657310fb023406506c000e7788fd2ac3f5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 5663
server: Apache
last-modified: Thu, 15 Apr 2021 21:18:46 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351E6:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (16010)
Size:   5663
Md5:    5c9683ce4b5ae14e78aef6e91a2f772d
Sha1:   e8bb47e8c3fd3987413dd1ab355005ac04e69795
Sha256: 408cb00c398acae2090af546d72302f728ab7391436c08e69340e211370a7d07

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 5606
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51976:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (19302), with no line terminators
Size:   5606
Md5:    0efafbecce64312aea66b69f8ddcbbec
Sha1:   c34c4d59473aad7412257096b121fd752d7f13b6
Sha256: 19ecff382e9045abee99b4532cfb142f73a5cafe586cb7caf53f105a8ac91ce6
                                        
                                            GET /wp-content/themes/croma/js/iron-parallax.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 344
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527E8:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text
Size:   344
Md5:    1abc16531d46e9a2b3afc0e25a636aa6
Sha1:   b5b380d8704dca07c59af91f78d9046051b6c4ca
Sha256: 8dad4658fc8a542d28a743c2df6d10ed349335b77351f26043dbdfc235f6ef6b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/main.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 12629
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20243:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (380)
Size:   12629
Md5:    3221d4849d9ad6b4ec5cf3c4d4d4b9ff
Sha1:   6be1266105ed2d732823d0179d7e8efa0737f9fe
Sha256: 54758c097eb3791661caecfef7de2a194e6af1d06bdfc03c68ca4c5b4a17af1a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/croma-music/js/countdown/jquery.plugin.min.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 1350
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139F8:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (2986)
Size:   1350
Md5:    c705eccbc54d1afe70da97378a6feba1
Sha1:   9b64b42591a8d3715182f8a737be7ba9ab0c6012
Sha256: f7e5526cfc2b81367e1330a129119ef52ae4c8edb9fdec18d17606e84f2fd27d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/croma-music/js/twitter/jquery.tweet.min.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4856
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527EA:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   4856
Md5:    4b980bfe38233cc533f6ec812fc66ae4
Sha1:   affb9c4f4a2e4599ffff72381b7414159d552791
Sha256: 45576f59dac1436712338bb67932a22f1ce169e7561846422fa66f0caf3805e1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/croma-music/js/countdown/jquery.countdown.min.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4548
server: Apache
last-modified: Mon, 27 Mar 2017 09:27:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351E9:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (13647)
Size:   4548
Md5:    8ab2813ed4be5aaa2c0e98ce6b88a099
Sha1:   01517f9b0c5963651e571756bc843e44cc1de909
Sha256: b2c04acaa5bd110452db802930dfbcf29e5e6cac54530a72606c4fc268fdf06c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 765
server: Apache
last-modified: Thu, 04 Feb 2021 08:27:54 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20244:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   765
Md5:    fe875afb236ee8f0d50040fe58d848d4
Sha1:   e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
Sha256: 328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/iron-audioplayer.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 3914
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_5197C:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (392)
Size:   3914
Md5:    c8ab132041afc6df7abc1e18c8a5bb73
Sha1:   18838b4a1c14f09dd18e18b1d0b71f47a6c3d6a9
Sha256: 14fd0d075aefc74718e47010a30cf62850ec31a17db0a18924545e99308aa97b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 2615
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351EF:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (7808)
Size:   2615
Md5:    ce37923565b26522f8e8cbd5070f03a1
Sha1:   139bdb311e96f326a2a7040e012a32bfa5331251
Sha256: 2c3ab394646b898c62e876a367ca8ac8dd9a81ff46559d3e4765487b7125b0d3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 2352
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527EC:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (6832)
Size:   2352
Md5:    dbc33e669a20be9b777bde7bbc8b3d41
Sha1:   a55b4c4cdc8f8bd80271f4362d6d9b761dd3f1a2
Sha256: e31f7e98dfa73772fe47da219c6f5b273af875896d9c4cd6866facb647728f88
                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/vc_grid.min.js?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 4203
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20245:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (24114), with no line terminators
Size:   4203
Md5:    86d7c871348128116e160fbdbc564d21
Sha1:   c6328a73030b7b82789c0c9011c3debbb252e5bc
Sha256: 59d4d3e55ad16dc93e934866e057c7249f5e7691acb2caedf3fe89fe96250719

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 6175
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_20781:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (24112), with no line terminators
Size:   6175
Md5:    9878292ebd6362bab0b2218d3e280e44
Sha1:   36c27074c881d6c98502143cbdff39e37247ebe8
Sha256: e4b4ac96af211d4386597a325bc5403e758a5d090a110776b4790fd31620113e
                                        
                                            GET /wp-content/plugins/js_composer/assets/lib/owl-carousel2-dist/owl.carousel.min.js?ver=5.0.1 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
content-length: 10476
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139FC:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   10476
Md5:    b7defeba91c472933662eb264de8883f
Sha1:   6641d4498acd2f154c9c3679aa27be10aea66970
Sha256: 3b3fc78bb46c284d4fba0f60781353c47b7ba35a0a04302565114bcdea8e6f38

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paulgay.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16720
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 29 Jun 2022 19:40:25 GMT
Expires: Thu, 29 Jun 2023 19:40:25 GMT
Cache-Control: public, max-age=31536000
Age: 550500
Last-Modified: Wed, 11 May 2022 19:25:13 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
                                        
                                            GET /wp-content/uploads/2017/04/paul-gay-logo2-menu.png HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: image/png
content-length: 3251
server: Apache
last-modified: Thu, 13 Apr 2017 20:03:07 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51983:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  PNG image data, 322 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size:   3251
Md5:    f03e400ca5f302c3454bb92df30b5902
Sha1:   77f0f06fec784f98703b4baf426aa75a7076855f
Sha256: 57708e61ce9911d48e31bfc5420134d47ebbce624eb4bccdd2897d2dc8df0a5e
                                        
                                            GET /wp-content/uploads/2017/04/paul-gay-logo2-gris.png HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: image/png
content-length: 4046
server: Apache
last-modified: Thu, 13 Apr 2017 19:59:57 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351F0:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  PNG image data, 502 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size:   4046
Md5:    6c4b00665d1968540b1100ff78acb517
Sha1:   4d86be3ec178856a2e0265f2c3da07f49da4d7ae
Sha256: 39c25dc2a5ec697da8a1ea08b44701c98e33212b5a76416f19cdde14477c924a
                                        
                                            GET /wp-content/themes/croma/images/defaultpx.png HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: image/png
content-length: 930
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_139FF:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   930
Md5:    75d7a2c5bed719e71d41c1d67b755073
Sha1:   a65d2a5bc00bacdda6e4b3312e686132e4abb42d
Sha256: 9053add1a1fbe527ac04647553b69782a4fb0b2bcf32c26333772a7e4df6b177
                                        
                                            GET /wp-content/uploads/2017/04/slidder4.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: image/jpeg
content-length: 405135
server: Apache
last-modified: Fri, 07 Apr 2017 10:20:12 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20247:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1604x957, components 3\012- data
Size:   405135
Md5:    f52f2aa538c83ffed49f80c5af377930
Sha1:   820d1cc3ac41c52bbdace69b80b07450e3372b42
Sha256: 8cf9ea31a9a7c9653554152c380a0ab54e826359936b3b428ae631d56ab188db
                                        
                                            GET /wp-content/themes/croma/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paulgay.com/wp-content/themes/croma/css/font-awesome.min.css?ver=5.6.8
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-length: 71896
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:D3AC_BCA535B9:0050_62C5110D_51987:1F9A1
x-iplb-instance: 18183


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size:   71896
Md5:    e6cf7c6ec7c2d6f670ae9d762604cb0b
Sha1:   97e438cc545714309882fbceadbf344fcaddcec5
Sha256: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
                                        
                                            GET /wp-content/themes/croma/js/plugins.all.min.js HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:25 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_2077F:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  data
Size:   215386
Md5:    c088e810f0c91cf3aac80931df10b2b6
Sha1:   2d01062d54a9321a0dc807c2ff8f88ecf72e7df2
Sha256: d8d91ac45accbba023c9661d82c76e6cd0d4d5182d86a6593839e706711fdff4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2016/05/IMG_1041.jpg?id=925 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 125463
server: Apache
last-modified: Fri, 07 Apr 2017 15:25:33 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110D_13A01:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 960x960, components 3\012- data
Size:   125463
Md5:    e3babac45f574ebdee55dbb78a79e3a7
Sha1:   709a50ab801b5b53e1870228e7d9fc71b027a6c8
Sha256: 3e9550961f86ae1178c95cf342b3e65bd0e2bcfb9e05ca1cdde566ed0be258b1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2017/04/slidder2.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 215386
server: Apache
last-modified: Fri, 07 Apr 2017 10:20:02 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110D_527F7:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Marianne ROSENSTIEHL], progressive, precision 8, 1500x968, components 3\012- data
Size:   215386
Md5:    c088e810f0c91cf3aac80931df10b2b6
Sha1:   2d01062d54a9321a0dc807c2ff8f88ecf72e7df2
Sha256: d8d91ac45accbba023c9661d82c76e6cd0d4d5182d86a6593839e706711fdff4
                                        
                                            GET /wp-content/uploads/2016/05/dossier-presse.jpg?id=873 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 151780
server: Apache
last-modified: Fri, 07 Apr 2017 11:53:54 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:25 GMT
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110D_20787:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Marianne ROSENSTIEHL], progressive, precision 8, 767x570, components 3\012- data
Size:   151780
Md5:    1b765a5b21d9c029a3ddda1c0e927bb8
Sha1:   081a6794e9e73c7746db56d88d5fa2b6b4acf25b
Sha256: 92e9b458a8c623d3f55235e8e9fa5f764c6e4aed123f8096694c8f9d35c10da7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2017/03/home-slider.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 639187
server: Apache
last-modified: Mon, 27 Mar 2017 10:58:20 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110D_351F5:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Marianne ROSENSTIEHL], progressive, precision 8, 2000x1333, components 3\012- data
Size:   639187
Md5:    6e577cf622fea67c861048016dcf7bfa
Sha1:   1609f1e9f986693a38a205f59a295e109dd95c33
Sha256: be0465dfaaced18cbf34f0565dad5d7ea6947ca6e8b810f45c66331738851932
                                        
                                            GET /wp-content/uploads/2017/04/PAUL_GAY_by_AJ_Hirsch-18.jpg?id=916 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 666724
server: Apache
last-modified: Fri, 07 Apr 2017 15:15:54 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110D_20249:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=ANDREAS J. HIRSCH], progressive, precision 8, 1500x1001, components 3\012- data
Size:   666724
Md5:    a0049dbeafe20744d1e20f86912770a1
Sha1:   86ae866f0db0113896d451937c27216ee6dc2e4c
Sha256: 9a8770963dd734e86ab2d906201d995c89768c5581aaddacdd2db4be42270a64
                                        
                                            GET /wp-content/uploads/2016/05/video-le-cid.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 23035
server: Apache
last-modified: Fri, 07 Apr 2017 10:56:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:36B3_BCA535B9:0050_62C5110E_13A03:11BA1
x-iplb-instance: 38227


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 438x314, components 3\012- data
Size:   23035
Md5:    aa2fdb6c421e4f6ec9e78bd8b7ad4c7a
Sha1:   2458326d4afece3e1282fbd3465bc08de27b5445
Sha256: 964400a85e842a2b66c72c4baf2e3a3217aa648091ad506e1f10448a6c6d010b
                                        
                                            GET /wp-content/uploads/2016/05/video-veaudor-559x376.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 22495
server: Apache
last-modified: Fri, 07 Apr 2017 10:56:10 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_527FF:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 559x376, components 3\012- data
Size:   22495
Md5:    4243a709a350412293ba10a16d9ced47
Sha1:   0557d9667d01fa3c06cdf0d846470cf50d447393
Sha256: d151dad32793593d960b4babf4ffb942943f10b9fc46965caa6525dc2dcbdde6
                                        
                                            GET /wp-content/themes/croma/js/assets/audioplayer.html HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: text/html
content-length: 544
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_52801:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text
Size:   544
Md5:    e21313075831ccb6c185c01f3bd6bbd1
Sha1:   ef03390cd9853da14694cedbdc83de27c118f5e0
Sha256: aeac397021218a6617f78c368c8366d262ad6216bf01bd89d102a243380a3065

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2017/04/paul-gay-extrait2.jpg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/jpeg
content-length: 38690
server: Apache
last-modified: Fri, 07 Apr 2017 14:55:14 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110E_2024E:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Marianne ROSENSTIEHL], progressive, precision 8, 378x353, components 3\012- data
Size:   38690
Md5:    50270f0615a354a7c36c43a8a4c518ef
Sha1:   380c5c81b3c79917ddb289c16eb2673ee5af2ca2
Sha256: ad946874b642991216eadf551b9fc5e2ced56c125e896e2e49a95122b4695fc5
                                        
                                            GET /wp-content/themes/croma/js/assets/default.wav HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 206 Partial Content
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: audio/x-wav
content-length: 88244
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Wed, 06 Jul 2022 05:35:26 GMT
content-range: bytes 0-88243/88244
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110E_20252:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz\012- data
Size:   88244
Md5:    a365eef99aaa26c0f30e7bcfb68e33ae
Sha1:   1410d8ca05f9281a6d9a44fccd00caccc432fd47
Sha256: a5ae81670a76b0f444d032591de30e58e3cedc7de012a4afd067d1fd729aaf34

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/croma/js/assets/default.wav HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 206 Partial Content
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: audio/x-wav
content-length: 88244
server: Apache
last-modified: Mon, 27 Mar 2017 09:23:44 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Wed, 06 Jul 2022 05:35:26 GMT
content-range: bytes 0-88243/88244
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_52807:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz\012- data
Size:   88244
Md5:    a365eef99aaa26c0f30e7bcfb68e33ae
Sha1:   1410d8ca05f9281a6d9a44fccd00caccc432fd47
Sha256: a5ae81670a76b0f444d032591de30e58e3cedc7de012a4afd067d1fd729aaf34

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2017/04/favicon32.png HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/png
content-length: 446
server: Apache
last-modified: Fri, 07 Apr 2017 11:58:42 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_52809:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   446
Md5:    10ed97c6fe49a14ca8570b32d0a42f55
Sha1:   0d5100f43c8bee50fecc88b31338af8774324f13
Sha256: fba0fd642d194fb6e3386c7d692571e6aa321575cf50b43f4b1be54c315f4c06
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.3.1.4 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: application/javascript
content-length: 6767
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_5280A:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (28168), with CRLF line terminators
Size:   6767
Md5:    81f77b52abe455f216c817a768cd7b9d
Sha1:   1903e46e2351eb6bf05b3ead7888930cb5e02cbb
Sha256: 2805a6995d294998bfd6f4e04c07d0ab93910e163868c045e992bfaae16b7bf2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.3.1.4 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: application/javascript
content-length: 7094
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110E_20254:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  ASCII text, with very long lines (25832), with CRLF line terminators
Size:   7094
Md5:    4ed124e505c54b737afb70dcdbbe0dc0
Sha1:   674177c4b8ab66d251a94f4e55e596b7f51e4e9e
Sha256: 6617041cf913aa3513547b9f823407fa05d25b58b1c00a0efe842540f77b6a76

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: image/gif
content-length: 2545
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:26 GMT
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110E_2025B:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  GIF image data, version 89a, 24 x 24\012- data
Size:   2545
Md5:    4b3afb84b2b71ef56df09997a350bd04
Sha1:   accdac8a7abeab0e21c49539aad0a973addb28ef
Sha256: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
                                        
                                            GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.paulgay.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:26 GMT
content-type: application/x-font-woff
content-length: 7536
server: Apache
last-modified: Mon, 27 Mar 2017 09:28:06 GMT
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110E_351FB:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Size:   7536
Md5:    04eb8fc57f27498e5ae37523e3bfb2c7
Sha1:   d942ae11706c3f7e511e3c49b0e4574d7ad199c4
Sha256: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /wp-admin/admin-ajax.php HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 297
Origin: http://www.paulgay.com
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:28 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.0
access-control-allow-origin: http://www.paulgay.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C5110E_5281A:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (887)
Size:   1387
Md5:    fd28b35165249fa0e9f1c66b5318db31
Sha1:   6751dfcac32d3d4365384198e6ec7605ec78dd9f
Sha256: ca44cf08f599c2abf3bb5fb20bdae7aa44cc8469c1c96653e3ce20511a5165db

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:29 GMT
content-type: text/css
transfer-encoding: chunked
server: Apache
last-modified: Thu, 15 Apr 2021 21:18:47 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:28 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:7662_BCA535B9:0050_62C5110E_35217:11BA3
x-iplb-instance: 38227


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35730
Md5:    00492d322e5572c7abc3e8701b6c52c1
Sha1:   0802ac2c8280ce7c98af881b1d49ec682acbf314
Sha256: 8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/js_composer/assets/vc/vc_gitem_image.png HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:29 GMT
content-type: image/png
content-length: 1959
server: Apache
last-modified: Mon, 27 Mar 2017 09:32:18 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:28 GMT
x-iplb-request-id: 5B5A2A9A:198C_BCA535B9:0050_62C51110_528BF:24ADF
x-iplb-instance: 38226


--- Additional Info ---
Magic:  PNG image data, 1024 x 1024, 1-bit colormap, non-interlaced\012- data
Size:   1959
Md5:    625832f38907f3263ad730255090498b
Sha1:   5769ffb58c55630fc9b3c11cdf17b3a155ba1aaf
Sha256: bc68d22bf1c5afc0f6b62fa2f8802d76bdd6c0abf6eb44c0f09a71174d244fa1
                                        
                                            GET /wp-includes/css/jquery-ui-dialog.min.css?ver=5.6.8 HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:29 GMT
content-type: text/css
content-length: 1535
server: Apache
last-modified: Fri, 29 Jan 2021 13:09:28 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:28 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:F602_BCA535B9:0050_62C5110E_2078F:1F99F
x-iplb-instance: 18183


--- Additional Info ---
Magic:  ASCII text, with very long lines (3294)
Size:   1535
Md5:    ff169de9aed9145bed2ef9ccad3e3a67
Sha1:   b4393acbedc506702f41cc941862f3e8e32b68c9
Sha256: 2fd12ea14ae1f9a14f70f6593b82e5ef41614fd7f3e7116b91cd874b752b5dc2
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paulgay.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16796
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 29 Jun 2022 21:40:37 GMT
Expires: Thu, 29 Jun 2023 21:40:37 GMT
Cache-Control: public, max-age=31536000
Age: 543292
Last-Modified: Wed, 11 May 2022 19:25:14 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16796, version 1.0\012- data
Size:   16796
Md5:    f39b602d1b08fc398343e5c11cf8cd87
Sha1:   944ea7b3ca302c92a6414f203ab47803da20948b
Sha256: 511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
                                        
                                            GET /wp-content/uploads/2021/12/203AA1B4-5CC0-4293-BD73-40E18749FDDE-771x1024.jpeg HTTP/1.1 
Host: www.paulgay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.paulgay.com/
Cookie: PHPSESSID=c58c68f512326f8d60a5a3cf01b772b4

                                         
                                         188.165.53.185
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 04:35:29 GMT
content-type: image/jpeg
content-length: 218757
server: Apache
last-modified: Thu, 09 Dec 2021 22:51:56 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 06 Jul 2022 04:50:28 GMT
x-iplb-request-id: 5B5A2A9A:746E_BCA535B9:0050_62C5110E_2025E:24ADD
x-iplb-instance: 38226


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 771x1024, components 3\012- data
Size:   218757
Md5:    f49ad722810ea26bb6ad31ca95708926
Sha1:   c7942aa92ebf961f55b7e4b09d6ef751db7636c2
Sha256: 8069591bc690b12d13cd68e0cb184b136572dd030c796cb3201533979cdcfb08

Alerts:
  Blocklists:
    - fortinet: Malware