windsorarmshotel.com/
151.101.130.159301 Moved Permanently 162 B IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://windsorarmshotel.com/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: 8iypdqt99y
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Wed, 23 Nov 2022 21:57:09 GMT
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669240630.703786,VS0,VE114
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8142
Expires: Thu, 24 Nov 2022 00:12:51 GMT
Date: Wed, 23 Nov 2022 21:57:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2497
Cache-Control: max-age=134144
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:09 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:12:53 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15210
Expires: Thu, 24 Nov 2022 02:10:40 GMT
Date: Wed, 23 Nov 2022 21:57:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 21:18:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2300
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: a6MHIzH350jUU96JpPEp6KejGHg0LxXWPL5V41sDYCTdtXR3QsyTIVAI2aolN23tnI2L/xzHeMo=
x-amz-request-id: MVHZ6N2PQHSPAE9Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 21:40:09 GMT
age: 1021
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:57:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 21:11:11 GMT
cache-control: public,max-age=3600
age: 2759
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5019
Cache-Control: max-age=131602
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:10 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:30:32 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9NzWr36Ecx7MEfYewdTqQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: H+295/QlDkALc/BxxygVYrUmo0w=
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Thu, 24 Nov 2022 02:00:36 GMT
Date: Wed, 23 Nov 2022 21:57:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Thu, 24 Nov 2022 02:00:36 GMT
Date: Wed, 23 Nov 2022 21:57:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Thu, 24 Nov 2022 02:00:36 GMT
Date: Wed, 23 Nov 2022 21:57:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 85444
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9defa28d124bae7e5ef29a1fb165ee02
2afe813f0fefae511064297ccff9a6de548104e8
8cfdd12386dcc87cfd874ed0c2d42cd33ae2a05cb35127f1a94e163d17bd5b31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11576
x-amzn-requestid: 9dd2cb2e-de79-4937-b525-05be9d57c03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrdFuxoAMFa9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee49-5437ea0f1568967278fe96ad;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1daKtJmaZARpzMRiPQaWttMITAndRqZt0VwhiBzbxzxBvw4a28a2sg==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:03:20 GMT
age: 86032
etag: "2afe813f0fefae511064297ccff9a6de548104e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: X01U1sW6euqL-a8kJ6tc3ISmJd6Wc6m81Vg2ot6AfMv6h2VCVbPIDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:52 GMT
age: 680
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 84591
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:52:50 GMT
age: 262
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xvl32dFAYPWahdcLHkZfWex76uFDiR9Qfk5MEqilDYxbyYfxvr492Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:52 GMT
age: 680
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
windsorarmshotel.com/
151.101.130.159200 OK 57 kB IP 151.101.130.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14830), with CRLF, LF line terminators
Hash 6881b158df5a8de64f12365aa146bbb3
b72750d6c20bfa81fe467df93b9c347e903b62c2
0cd1befec1bec5efa47353df153992eb925193df6019fde718a81e47e7dcf59e
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://windsorarmshotel.com/wp-json/>; rel="https://api.w.org/", <https://windsorarmshotel.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://windsorarmshotel.com/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: NO:Not Cacheable
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:12 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240630.993049,VS0,VE2894
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 57071
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
151.101.130.159200 OK 4.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
IP 151.101.130.159:0
Hash b5f1a469d7ff3571a0c076b1a2456a10
67c09b0eda6ea24727808893a04e15f2436f4bd4
f815e24b259da489d20901d0365a913c2bbfd8149c93ed7dcc1184ffa240f8ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-52a1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.053888,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4474
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
151.101.130.159200 OK 14 kB URL HTTP/2 windsorarmshotel.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (43771)
Hash 1047dd6779111ec73736abd71a40fef9
e08643922ce9a1a488f2a72c0341807f59f7528e
d85287eacda4e97356cf1b53ec765e34c8913558d6fb485b334debf78c89a3bf
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15b64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.063964,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13906
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2
151.101.130.159200 OK 1.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2
IP 151.101.130.159:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash dec033663791df6f9bda62872451d40f
8d86b21d63dac22ce0c7b83e36a8798906a42482
dc211d6b79915896be681b0252c2ec68efdd1f11b5881b0cf3fc645fcfbcd4da
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 25 Apr 2022 17:35:58 GMT
etag: W/"6266dbfe-1345"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.066233,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1368
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/accesspress-social-share/css/frontend.css?ver=4.5.6
151.101.130.159200 OK 4.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/accesspress-social-share/css/frontend.css?ver=4.5.6
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 34b0cce2fe9260f2d0dd9b95a2ca549e
a925c5e006b3a9f2ace27e573b95c2d46cebf46d
d5b5dcd38fb917907673caacabcbd85841dfecbd5a67a4c55e3e216bf90d6f09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/accesspress-social-share/css/frontend.css?ver=4.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-6b33"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.069846,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4400
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/accesspress-social-share/css/font-awesome.min.css?ver=4.5.6
151.101.130.159200 OK 7.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/accesspress-social-share/css/font-awesome.min.css?ver=4.5.6
IP 151.101.130.159:0
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash 486e992e5ae601a99c392b75025d479e
4593b241ecfd381e11d1d47c3f8b155164b2d850
15b03736c59d090798627af58a8ae8381c654244893786f290f201e422d9f0d8
GET /wp-content/plugins/accesspress-social-share/css/font-awesome.min.css?ver=4.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-791c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.069867,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7785
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2
151.101.130.159200 OK 28 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2
IP 151.101.130.159:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 8cfb798c11169a106b23a03b74b24f4a
1d1b19f7b805f18fb04ba6fb2204cd5389b099e6
6f64bb6ed992d2f97198794f3b8619fbbaf5d127120c69bc738eb14f6be90c9e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 25 Apr 2022 17:35:58 GMT
etag: W/"6266dbfe-33d77"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.067229,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 28079
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/slick.css?ver=6.0.3
151.101.130.159200 OK 1.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/slick.css?ver=6.0.3
IP 151.101.130.159:0
Hash 392fdf01753c5481e9aaf83f1ea9f87c
a21c6993095e0b26bf69e4a57b5666bda2caf079
1dbbb141ee7147dbb6f64a59d7120837e3ab2a5d8ca205fddd6abe02b6d253b7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/slick.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-12fa"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.073794,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1363
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=6.0.3
151.101.130.159200 OK 7.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5cb2a6dfe2d46376db8b4503498f3c42
6112c7f4129ed5aa254bfbade14008b0a34ff2fa
0fb1b42b335d7886ef4e1b913288db329faba2033fbc4af0d64817141a0b033e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/animations.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-10d6f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.073605,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7391
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
151.101.130.159200 OK 1.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 151.101.130.159:0
Hash 8c5101cf326d40bd98df98a8d0c0519e
6e81a81ba411ac3f3ef44123ccbeb994c1363f84
7297a73ebadada2be39b896862257140781c6f221c08906553ae463a68ab290e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 12 Apr 2022 03:21:33 GMT
etag: W/"6254f03d-aab"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.073619,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1028
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
151.101.130.159200 OK 279 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 6ad1b9deb453b52874e7c87f46f75a4c
794a3af053102cdc64c366c18886b6fcb1dc6e48
c520566fac572e58ca791b0559021f9826c51a9125aba5b902e7db927e3b5927
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-438"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.075275,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 279
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/css/site.css?ver=1.10.2
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/css/site.css?ver=1.10.2
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 477d7f46c57cfd1e19e049020b9b91b2
6483c9ee03b811d39ffcffea0f32a54d79abb53b
decac2b4a3fa307fe37ef32edcd98111961878c30f480f039051bdd420c7f330
GET /wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/css/site.css?ver=1.10.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-f1f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.075973,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1066
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
151.101.130.159200 OK 11 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 151.101.130.159:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 88394fc88d1642ec8d5c6385df6b20af
b3bf02dea826e1111811049d6ca403f1b69350e7
0651d2e67d96c3525994c1853e13b259e448f470367e53ff6d917c2d2d76cd28
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-9b46"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.075458,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10737
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.2
151.101.130.159200 OK 2.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.2
IP 151.101.130.159:0
Hash 42ecd5fda50f9a48752f748d93317b01
46b2a183989a9842cfb8dcab00b3ca985ed21bfd
4a0a04a74b0393b017cd81e15dfa18e114934f3af0a499c2dd82480f05b0c7f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-5609"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.083425,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2670
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/css/wprmenu.css?ver=3.1.7.2
151.101.130.159200 OK 2.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/css/wprmenu.css?ver=3.1.7.2
IP 151.101.130.159:0
Hash cf95d57cad935524a5af657eb121669b
90e0b3ef99992398cba60a718b0cf7a71bb5a89a
c1600e7354636fa00e44c2573d9ebd59e6147a88273bc507856ba675a4b5e3a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/css/wprmenu.css?ver=3.1.7.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-2597"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.083401,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2411
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/css/hotel-booking.min.css?ver=1.10.2
151.101.130.159200 OK 9.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/css/hotel-booking.min.css?ver=1.10.2
IP 151.101.130.159:0
File type ASCII text, with very long lines (50412), with no line terminators
Hash e40118753bd14d9e92c4a03f3a057bfc
d37233589cc2287b42f73fd77b19c6294d28ab96
18dc6b64977c422a15a99a0ec24b082ed14c86dc12480363b8978d7017620ca9
GET /wp-content/plugins/wp-hotel-booking/assets/css/hotel-booking.min.css?ver=1.10.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-c4ec"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.083465,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9674
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/css/libraries.css?ver=6.0.3
151.101.130.159200 OK 19 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/css/libraries.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (26545), with CRLF line terminators
Hash 624bd211d8538773d924ea5f75297063
3dccb9a3a8d2ed43f64e5afc511c96c149c2f2df
675f1da06afc764a231d7769db5103c18b85358a851149af71fc5582a5f3bc62
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-hotel-booking/assets/css/libraries.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-18117"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.083444,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 19105
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
151.101.130.159200 OK 54 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (65358)
Hash 400b2550f063264ed1e948ae811af8ed
76c6aa67d1c3b755d620ccd2909b5a0b83e19eca
b84dfdfeb9eb51d38f891d255756d5ec0fbac034b1b70dcf711e3350f01178f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-76828"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.085307,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 53930
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1
151.101.130.159200 OK 8.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (29523)
Hash fc2c452c5422da444e53c3e5381cd0c4
28f4aed9f822a331697858ef49f0832be9ec791c
50d0b90bf83beedef9c43931f52ba3f6bb2943257e225e2ec8149305df997857
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.12.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 12 Apr 2022 03:21:33 GMT
etag: W/"6254f03d-7a36"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.085517,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8417
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.9
151.101.130.159200 OK 5.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (27639), with no line terminators
Hash 6225e6fc47233ce2da1f8353aa02ba98
54d48779687ae3ff724f6e7098040ae803e2f85f
e804791d2f8be832f077481ca4a0652198618e9d463836487161e9026adea8de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:53:27 GMT
etag: W/"620e6167-6bf7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.085927,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5255
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.2
151.101.130.159200 OK 2.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.2
IP 151.101.130.159:0
Hash 061f0a056083304ebfac912a9dd73a17
fd376af06b77394fe37a5ba0684526f746f5e397
05a1e979a974600e9539b117c4baa13073d1f17dd3060058d5de06a798a567b9
GET /wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-320d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.083376,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2250
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.9
151.101.130.159200 OK 3.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (13362), with no line terminators
Hash 385002d70a00be54653b2f886079a828
90120baaa78132c787ff9ff7a4d00ac6ea367a5e
a8e3af1d5ff675ff0ea8fe543ab4b2d406ab0dbec2c3a740bf5165c4f14cd087
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-3432"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.091617,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3076
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/owl/assets/owl.carousel.min.css?ver=6.0.3
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/owl/assets/owl.carousel.min.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (3184)
Hash 69bb89616b41241eb5882af076b5127a
8f5e9865f576fec8d89c5486335a174536912752
e88fe45ae75badc623ac13c76f214a6723cbb049a1ff9dbca9f3586e405cb69b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz-child/owl/assets/owl.carousel.min.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-d17"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.100723,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1115
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/owl/assets/owl.theme.default.min.css?ver=6.0.3
151.101.130.159200 OK 487 B URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/owl/assets/owl.theme.default.min.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (846)
Hash ceb0d517b626ccd829d3036f83ae6ae4
f990fbdb19d68361ba9843d44ae01d81dbdabcd3
d5f2f73b74636fc6dcd11a6dd254342dc3460e789e490b7ee9312db98cac96df
GET /wp-content/themes/diaz-child/owl/assets/owl.theme.default.min.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-3f5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.101251,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 487
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/style.css?ver=1.0
151.101.130.159200 OK 20 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/style.css?ver=1.0
IP 151.101.130.159:0
Hash 00f342e706b9428d117454e7c6d3b112
8b2179c588fffa9647cd631a7677093d4b40de17
b69e011339d2d328dddc54a0af79de133f274a297d4eb818d36d2ae3e018017e
GET /wp-content/themes/diaz-child/style.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-1b224"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.101799,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 19972
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/grid.css?ver=1.0
151.101.130.159200 OK 3.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/grid.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1095)
Hash c91d43507f80ad2e4bf48bc1935e7c70
f0e954f4765d2b2821457f6c724aac9b881b8717
9057563379e4e631a6c9a2b1bb1c4663cd67eaa73be075e0785eb9eb1181bc4d
GET /wp-content/themes/diaz/css/grid.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-436d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.104458,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3377
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/style.css?ver=1.4
151.101.130.159200 OK 388 B URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/style.css?ver=1.4
IP 151.101.130.159:0
Hash 60ab8cbde4abd6c0ebbaac2eab6a205e
579be391c3dff85bac3371170819699140a752a2
ff5591d2d30b4f53b8ab3fa94899242d583a7453113a81274e2680b0f7bcdcc9
GET /wp-content/themes/diaz/style.css?ver=1.4 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-258"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.100474,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 388
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/widget.css?ver=1.0
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/widget.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (612)
Hash ec79cf6b24bf2c9cdbc581161144ecc3
774c5782f9906b84ca67ff9ec33bc61fefbdbbdc
c0a6f8dab7ebc184b482a53f5c78e41d5b0721427bb44b64f21d5b6b6001f0a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/widget.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-fcbe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.104944,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11766
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/base.css?ver=1.0
151.101.130.159200 OK 9.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/base.css?ver=1.0
IP 151.101.130.159:0
File type assembler source, ASCII text, with very long lines (709)
Hash 3050c49876560f6045a2d3fc723a1a3a
a9d225647f46d6f2ea1f4598ceaa569d4f747d88
a023161ff11b03e90532fdb1c6f80a334e76fd8d76585ed3489c7c85671b7b4a
GET /wp-content/themes/diaz/css/base.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-a7d5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.104275,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9264
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/layout.css?ver=1.0
151.101.130.159200 OK 18 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/layout.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (894)
Hash 76e2a5315e55b4148ce561e759e789be
5c82e73197d020422c855670600a0879bdfd78fc
bc16a1cd1c8412fc364f06ba7e40a9f4f37daf8ff6e0fd2234e17921c268c4c8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/layout.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-18dde"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.108597,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 17813
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/custom-class.css?ver=1.0
151.101.130.159200 OK 5.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/custom-class.css?ver=1.0
IP 151.101.130.159:0
File type assembler source, ASCII text, with very long lines (505)
Hash c1bf8de9cad46d6e2e224f6494dbb2f2
f5d6d059830e3cd6c8128d52ebe6eac91fe667cb
d62a97d662e9d8717424b91ecf8453244e049155f36df23b48d4359431a8cc55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/custom-class.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-5d70"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.113590,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5632
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/contact.css?ver=1.0
151.101.130.159200 OK 4.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/contact.css?ver=1.0
IP 151.101.130.159:0
File type assembler source, ASCII text, with very long lines (355)
Hash e2c3d1b04e57767809f38246fb0bda6d
8abd3bd67130cf9abfb8962bc93fc47970a8db2c
afb93731222fbf02b1c57e2cb52cc16f50c45349c9bcb6deeaf1a3465a688cc6
GET /wp-content/themes/diaz/css/contact.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-569a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.113599,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4840
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/blog.css?ver=1.0
151.101.130.159200 OK 14 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/blog.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (613)
Hash 516e516b0ba6b6387389ffc7f88731a0
df988428f054692cc352dd1d41e1a1ac23a77bff
13afba70bd49d60cfec30ab41ec6cea5e4c626b64c6725c0b363b82ea6a56596
GET /wp-content/themes/diaz/css/blog.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-16102"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.113645,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14041
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/portfolio.css?ver=1.0
151.101.130.159200 OK 13 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/portfolio.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2054)
Hash 97dd3ce2a6fadc49e695260536d0b342
069836e26a27ac88cf3b5477fa160d8021433131
768d0e9cacef216e64470b03aebd8bd97893c2008f434bdd76114fd0c35d2127
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/portfolio.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-16162"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.113623,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12980
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.6.0
151.101.130.159200 OK 3.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (21138), with no line terminators
Hash 1d7ac1ba3d9378bd4ebe0f4ca47edbb1
06198def91006bcd86265bb42f2d52a1a5981295
3ffc72b72ebe8942666ec42268b2c3c77da76b7f7bc033a526dec14da49cbc62
GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-5292"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.115519,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3159
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a54ccb27cee7db352e269389e279a76c
d62c9f3d2db62114a67e13d0ed23aea091edb4dc
a83b0a3f58c5527d087f1b48f8cb264c405f2839c0598beb372fabee4f63aae9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3562
Cache-Control: max-age=140939
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637e0cda-117"
Expires: Fri, 25 Nov 2022 13:06:12 GMT
Last-Modified: Wed, 23 Nov 2022 12:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
windsorarmshotel.com/wp-content/themes/diaz/css/browsers.css?ver=1.0
151.101.130.159200 OK 1.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/browsers.css?ver=1.0
IP 151.101.130.159:0
Hash dca3342907a7b9814406cd1a98e1c003
8e5f32aa44b398176cd77daf2a71923d696d3d53
1ed565679521cd4b3eba44a9965cd17865cd26f7e44ba4a336fecaad4c6a79ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/browsers.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-1cfb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.115400,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1814
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/pe-icon-7-stroke.css?ver=6.0.3
151.101.130.159200 OK 1.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/pe-icon-7-stroke.css?ver=6.0.3
IP 151.101.130.159:0
Hash 20d2ac799cb03dd71999763673bc01ce
16efaae4f3880e6ac1f17886568c3bade07f7692
e18f6779f47466d0bc17377235724a852ac1277a8cc2a159e93c77620b3cfc2a
GET /wp-content/themes/diaz/css/pe-icon-7-stroke.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-2393"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.116054,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1910
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/stroke-gap-icons-style.css?ver=6.0.3
151.101.130.159200 OK 54 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/stroke-gap-icons-style.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (60876)
Hash 9e171f7d3956a13b844be01db80f03c7
f45819c1634ca77877c8d52a44eceac04ed87a6f
ad01809472c604f26089889058b79ec01071bb8eb74ba2eb369233d74dc84cda
GET /wp-content/themes/diaz/css/stroke-gap-icons-style.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-1c240"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.125059,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 54489
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/icon-moon.css?ver=6.0.3
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/icon-moon.css?ver=6.0.3
IP 151.101.130.159:0
Hash 28feaa48f2d3bcccf09c2f36078b00cf
80d70753d66ec4111d1a860db4efb76e9947decc
f614d85fad4e77b1d6687c29eeed26a6cf03c10078b0a14fe2c2ab701836bce4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/icon-moon.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-15467"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.126248,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12543
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/woocommerce-default.css?ver=1.0
151.101.130.159200 OK 23 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/woocommerce-default.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1148)
Hash d178a6e59f7a866669d92544afd0436d
0c3274a65c8925a7260bcc6e64f71d5efb54bc20
42312a757bb5d1e7dba8715f054f2ae08bd49f5bfe5006d317f319dcf5eba49f
GET /wp-content/themes/diaz/css/woocommerce/woocommerce-default.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-247d2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.130758,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 23127
X-Firefox-Spdy: h2
use.typekit.net/rpn6mgj.css?ver=6.0.3
23.36.76.186200 OK 980 B URL HTTP/2 use.typekit.net/rpn6mgj.css?ver=6.0.3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 8b5f24e388325265de9bffb8ae32bd1d
ec57ca7c69ee7e0881e8e5305a2e7841155ef2bf
102dc5637b1eb216d28f362a967075e116ed40c79698737fd67dbe23480c1161
GET /rpn6mgj.css?ver=6.0.3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 980
date: Wed, 23 Nov 2022 21:57:13 GMT
X-Firefox-Spdy: h2
code.jquery.com/ui/1.12.1/jquery-ui.js?ver=6.0.3
69.16.175.42200 OK 124 kB URL HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.js?ver=6.0.3
IP 69.16.175.42:0
File type ASCII text, with very long lines (1002)
Size 124 kB (124434 bytes)
Hash 2c20d94f200cc85f5f03b61baf0fbfca
23b24e5397703a1c2484b018986036024f10745a
d2dae630b0d5251b8bfb435c111fba839684f23f07d7471f6d2bc3bee597b9e3
GET /ui/1.12.1/jquery-ui.js?ver=6.0.3 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:13 GMT
content-encoding: gzip
content-length: 124434
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feaca-7f20a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669240633.dop207.sk1.t,1669240633.cds024.sk1.hn,1669240633.cds071.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type1-fashion.css?ver=1.0
151.101.130.159200 OK 3.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type1-fashion.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1632)
Hash 627ce0da1878ef5af4fce6216f42e55c
eb852b3fe49b63bb2f90ada63aae035d4e4c553d
dd2af94920b5c4ce344c71a50c347cd2ea45b63cfd90bf908a00cfee7fbe95ce
GET /wp-content/themes/diaz/css/woocommerce/type1-fashion.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-6757"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.131023,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3741
X-Firefox-Spdy: h2
code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css?ver=1.1
69.16.175.42200 OK 8.3 kB URL HTTP/2 code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css?ver=1.1
IP 69.16.175.42:0
File type ASCII text, with very long lines (2363)
Hash 5f648878fbbe3dda9cfbee54e62c3f90
e1d85dd9613b00d065a88b00347e46cf124b464a
6e3e4c70fc6aa5cc461500bc931843ca58f300c8627b1e7c6cfab7fb083f850f
GET /ui/1.12.1/themes/base/jquery-ui.css?ver=1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:13 GMT
content-encoding: gzip
content-length: 8323
content-type: text/css
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feaca-8c85"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669240633.dop207.sk1.t,1669240633.cds024.sk1.hn,1669240633.cds016.sk1.c
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type4-hosting.css?ver=1.0
151.101.130.159200 OK 2.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type4-hosting.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2356)
Hash 2fdaae2027f942d11141f917c0acc682
d0b5a9229d14b4494bc9c83c845c6b2884f83080
3a7e402f1305f54d62564a3c3c0adfd8d4a3a3447032af41de193b9f84c60506
GET /wp-content/themes/diaz/css/woocommerce/type4-hosting.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-5f0b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.137394,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2940
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type10-medical.css?ver=1.0
151.101.130.159200 OK 3.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type10-medical.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2241)
Hash fcd6e1c6e4acd9cff11066a99edb656e
49e5a0dc264697e92b6bcd5ee56131a07e920af5
287367f588ad81fdbc53c48eac3f0233ec99544fbc9291841a1e1a17fc1a96a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type10-medical.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-7a55"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.137841,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3829
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type12-attorney.css?ver=1.0
151.101.130.159200 OK 2.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type12-attorney.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1167)
Hash 4e12805f0e64d38a19b67bb715ef4931
cfb4227d1aefe9f4c9d711c2ea8b14a634490212
fb30514d0e89249c1ae0c69eed921e679c7a8cc38f0d7b3bafe47831aba5fd5b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type12-attorney.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-3e1a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.138180,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2544
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type8-insurance.css?ver=1.0
151.101.130.159200 OK 3.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type8-insurance.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2073)
Hash 2a0589b198904cbe065e67aca3d5487f
fcbb6642fb8754b8d62209aa3af9c119dd8182b8
20a8fd626eb17643b4a26c5c45f0de4af0a3ae5cdf6e89ece35c8a04fa862e36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type8-insurance.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-62de"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.137862,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3346
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type14-fitness.css?ver=1.0
151.101.130.159200 OK 4.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type14-fitness.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (3420)
Hash 55804cc8b0f14b31e98c4e95ade39174
8bd7d9c25f12d57f6e7db50ff7c1aa3a86d90e1f
bd9a5b27524ad05b4c98bd706cdbb2402bd737277c9c44be2ff26c5da5bc9463
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type14-fitness.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-9916"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.138650,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4863
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type13-architecture.css?ver=1.0
151.101.130.159200 OK 6.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type13-architecture.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2672)
Hash 2d0c3ef53eeaf00c7efb4ce38e7a3b0e
e3a461d9d3fe5f8e993f4cf1e4223d6105305b5f
4493fa3c600d53f7acc91058e0afccac5785d742858ba6d1c26b941738ec2008
GET /wp-content/themes/diaz/css/woocommerce/type13-architecture.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-d8f1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.138447,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6670
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: max-age=154051
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637e3445-118"
Expires: Fri, 25 Nov 2022 16:44:44 GMT
Last-Modified: Wed, 23 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
windsorarmshotel.com/wp-content/themes/diaz/css/material-design-iconic-font.min.css?ver=6.0.3
151.101.130.159200 OK 9.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/material-design-iconic-font.min.css?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f5eaa607d3344eccc352bac0772baaa6
1d55c80d1c2fb24cc8bebba3c5c2f52d4c1ec82e
2c7ad2e22e8f9dcbaa63260d7c1dbd6efbfa958271b1cc2eefee153f1b2846c8
GET /wp-content/themes/diaz/css/material-design-iconic-font.min.css?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-1149f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.130549,VS0,VE15
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 9509
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type16-photography.css?ver=1.0
151.101.130.159200 OK 4.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type16-photography.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2627)
Hash 745ae2bc76a04abc65305d425ff492d9
764dd3246cc3104488c607c767852e198d648896
a20997dc3c228b9103a68030203af720fe6851007bea62028a83fe2e35920159
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type16-photography.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-93e5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.139668,VS0,VE9
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4829
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type17-restaurant.css?ver=1.0
151.101.130.159200 OK 4.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type17-restaurant.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (3000)
Hash 61b1c71e8165e1f355d4934dad407785
9cee466b7526b4eb7852b3378be9c1b4e9b42f58
a341d2c4b835b2290ab54998dc89442787fbdd80ccb2eb2eeef839eaaf2eae3d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type17-restaurant.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-a58c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.139984,VS0,VE15
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4728
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400%2C100%2C300
142.250.74.10200 OK 551 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:400%2C100%2C300
IP 142.250.74.10:0
Hash db25db303f56c76bc2ae1f5d154c06d9
03d8be9e3258889af2a93fc881bfcf4b14c45be7
4e623cbe2aaac26fe82a6d5a818fc35985d990e1ec5506fb4a5bd0b4cf66fe56
GET /css?family=Raleway:400%2C100%2C300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 21:57:13 GMT
date: Wed, 23 Nov 2022 21:57:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/tribe-events/custom.css?ver=1.0
151.101.130.159200 OK 2.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/tribe-events/custom.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (707)
Hash 8e819d047a36afe65ae26cbae6745b69
c4cd2b0ba5839da7324ab9d780a492c9f52e59c5
0adfd461922f3511adc68b8901977cedd2790f3203183896f7c568f29b96c7c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/tribe-events/custom.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-2ce9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1669240633.162806,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2444
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type20-yoga.css?ver=1.0
151.101.130.159200 OK 3.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type20-yoga.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (2786)
Hash 3660c2214353d580bb922a47de083ad9
6355e511f0597bd5765e64c7a30ec6e023c79027
1a59ac7e2962bf805fec5523f11e67c7dc0e004c43cc30ffade1c68afe94cd08
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce/type20-yoga.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-6f34"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.162250,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3741
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48ac0dcd1f6f88596ef87738e0f9cf9e
3502377c8099350206754a6c30df0ffe336fbcdb
aaa789eaae8f94a42f937038badfbb07fcc46386a5d38bdb63de83084212f17a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4201
Cache-Control: max-age=102738
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637d7522-1d7"
Expires: Fri, 25 Nov 2022 02:29:31 GMT
Last-Modified: Wed, 23 Nov 2022 01:19:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce.css?ver=1.0
151.101.130.159200 OK 225 B URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce.css?ver=1.0
IP 151.101.130.159:0
Hash 93136d6da3a3ade79955595b5d0074d5
bef28b7847b3d7b917ed618897da9b4dfd809698
99ba23e8b3b5d33addf0af06382b9654e5b2cd892f2294673a5d09ea6c84d961
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/woocommerce.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-287"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.162669,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 225
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type21-styleshop.css?ver=1.0
151.101.130.159200 OK 3.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/woocommerce/type21-styleshop.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1295)
Hash 983d018e5d86cb22cff306dc7eef7ea4
6454d7af754f81ae78334130931c7d87aa1c8b7a
99999e7776f2d12d3a81307a3926f0245cfdaafd74590602d72fdbd7ff5ebec0
GET /wp-content/themes/diaz/css/woocommerce/type21-styleshop.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-6e4f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.162564,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3710
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/magnific/magnific-popup.css?ver=1.0
151.101.130.159200 OK 2.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/magnific/magnific-popup.css?ver=1.0
IP 151.101.130.159:0
Hash 6119ff373399bd5c57ece73d9add7483
ab9be26e590991da86c39567fca684201190cd90
e1b791f5a28da6934579ff0b84269fdd163238a531f911d35e6421bfbcc83416
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/magnific/magnific-popup.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-2435"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.162986,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2658
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
151.101.130.159200 OK 34 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (65447)
Hash 22b0253c0ecce70e41e296d176b0d972
a161c363d2092739db21bfeb2cf23c980ec71580
181967b7928e133789c8edbb8bdcb73d44a0328d884b613f8ebfb182b4c3c52e
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-15db1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.164086,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34060
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/css/custom.css?ver=1.0
151.101.130.159200 OK 6.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/css/custom.css?ver=1.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (861)
Hash 2feac521ea8162677c7fea5b91a6125e
a9774681319a9ff09e8dd24ff345ef04e235896e
6c96894bf9ec1c09fa4b6d5b4965b62bba158499cb7b53fb094109bb4d7ec904
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/css/custom.css?ver=1.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-7ce9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.163192,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6097
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
151.101.130.159200 OK 4.4 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 151.101.130.159:0
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.166112,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a54ccb27cee7db352e269389e279a76c
d62c9f3d2db62114a67e13d0ed23aea091edb4dc
a83b0a3f58c5527d087f1b48f8cb264c405f2839c0598beb372fabee4f63aae9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3562
Cache-Control: max-age=140939
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637e0cda-117"
Expires: Fri, 25 Nov 2022 13:06:12 GMT
Last-Modified: Wed, 23 Nov 2022 12:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
151.101.130.159200 OK 44 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (32006)
Hash d9a91fb9ea055ec37ccb5a1025fd3362
835e445a1b3b2a739e44fcb7aa0e5d10c08b4f23
d1c9a27423aaf9726d6519eb7913c4d25f1c520bc4dbb32d420fd6a79a75be6c
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-1d233"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.163393,VS0,VE9
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 44313
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
151.101.130.159200 OK 49 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
IP 151.101.130.159:0
File type ASCII text, with very long lines (65335)
Hash 910626e0b1d9d5152478e2a9246ffb11
8cec83a836793900d31251c091a3bbcbce192ade
345768985adceb939121796abf67e9b85b6674181c448e82cd65ef7e6994b602
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-1ce81"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.166240,VS0,VE16
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 49065
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48ac0dcd1f6f88596ef87738e0f9cf9e
3502377c8099350206754a6c30df0ffe336fbcdb
aaa789eaae8f94a42f937038badfbb07fcc46386a5d38bdb63de83084212f17a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1462
Cache-Control: max-age=99999
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637d7522-1d7"
Expires: Fri, 25 Nov 2022 01:43:52 GMT
Last-Modified: Wed, 23 Nov 2022 01:19:30 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.19.9
151.101.130.159200 OK 3.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (33489), with no line terminators
Hash 4adee9d5433cfbd3c17a43ad0bc3a996
99a6f2e1c5fe995c694c9419c7484d209dcb8ec2
b18a7f88f6d25bf368d8137a91fe1e3ae0cdd350f88b7a8e47dfa48f6f3f746a
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/advanced-buttons.min.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-82d1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.092383,VS0,VE117
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3908
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
151.101.130.159200 OK 5.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
IP 151.101.130.159:0
File type Unicode text, UTF-8 text, with very long lines (25304)
Hash bacda8d6e93185ed8bb48bfc5604644d
23850fe6bdee46b8edec7f6598be420d200a5d3c
a45e664783e9756fe6eb37e4df0f1234e2c248132b11e2722383e62b64f66208
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-6415"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.233681,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5004
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
151.101.130.159200 OK 21 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 151.101.130.159:0
File type ASCII text, with very long lines (65201), with CRLF line terminators
Hash 804b4f06f1de2b7ec275318025da5e1b
61cfa6a850c5d7710f5c219ff91ca948cf93b4bf
610a171984c51d14cb7699c4ecbfe6517429895d9d0bc20df97363db985abc31
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-104b3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.244233,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 21098
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
151.101.130.159200 OK 43 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 151.101.130.159:0
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash a884b3a7eba9cc6cbec84852a90ff64c
a01d352519d15c46a059deb33441a8c87d829c90
828491543ec180fd75aa0ae31fcf4bbbd9c081d68f301cac21822083ca8449c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-1b6e2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.233861,VS0,VE15
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 42916
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1
151.101.130.159200 OK 3.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (9139)
Hash 6adc2dded401da1afd36ad03d541ef50
c9583f5701bab13e52471b55973bc34c6f9163ca
ca19df714211ac62317a15b433814e74276ec475ad698f0ce4d115bc056b35bf
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Apr 2022 17:35:51 GMT
etag: W/"6266dbf7-253d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.258376,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3678
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8decaadbcb0c69a906c8bf71e6b3c3a4
f44a711439756490b4555f8e370068dfb8678b03
5b9187a2745a33f4a3d2f0f748b62b581536578a12f252712d848dfc5028827a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4330
Cache-Control: max-age=123385
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:13 GMT
Etag: "637dc548-118"
Expires: Fri, 25 Nov 2022 08:13:38 GMT
Last-Modified: Wed, 23 Nov 2022 07:01:28 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.1
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.1
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash e91c0d9e07d0b65efc000488e4832d62
6e20220fe9c4bef168a70ed05f511764a7b13343
ce40552e92ae2538e2a1da8cb33fbec11480bfb7872611ccc6d99ab32150e295
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Apr 2022 17:35:51 GMT
etag: W/"6266dbf7-bdd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.258724,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1145
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/wp-util.min.js?ver=6.0.3
151.101.130.159200 OK 718 B URL HTTP/2 windsorarmshotel.com/wp-includes/js/wp-util.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1305)
Hash 31e7f275636fe6733bafba2b77ce9ec0
9e2f9b8bfc9bf8910f6cc7068ea83ef379c6696f
08685fe4df303f97dd8f256b468000568635d59480e36784a8908a2d18c641e7
GET /wp-includes/js/wp-util.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-53c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.270812,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 718
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
151.101.130.159200 OK 1.2 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (3233)
Hash 09c801d5e9a4ff5dfee70859bde6566b
a247b26728a9a0bd19cf4a56990e8e9bcf37cb9c
60a8914e3399647fa7fc32ab0644c9e8a5696604349fb3a7cd474db3ff5c99dd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-d53"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.286818,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1165
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
151.101.130.159200 OK 7.3 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (25274)
Hash 739e7ba8cb4316cfeeffd577d8d0a0f4
3be7532e69f73a57e22275d35084f43891e806d3
3f9926591f967c5abd9077a93889b8deb464b7caeec0d27bee37ce94502a4413
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-636f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.290214,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7313
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (36560)
Hash 451bc5baa70fdfb648138a320fa3c1cd
8c3f9655750cf7334e4d8b2ed2c219fc32a2c40a
ac5a2b0ef9b2443a4aa4aa8584a3d2e17a95c871b69334b5e0c6e220d9bd28ba
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-8f87"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1669240633.290419,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12055
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/libraries/owl-carousel/owl.carousel.min.js?ver=6.0.3
151.101.130.159200 OK 7.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/libraries/owl-carousel/owl.carousel.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (635), with CRLF line terminators
Hash ec85e093a2c32c5c0967d281f972af38
e825210fd4f51b1d2cfd5e8099974254eb3ee0f9
ccc912e0a94ade17d003b192e24c30ddfc56c3f562f6b3ff7ee087dc06d17528
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-hotel-booking/includes/libraries/owl-carousel/owl.carousel.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-5d80"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.293767,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7167
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/js/select2.min.js?ver=6.0.3
151.101.130.159200 OK 21 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/js/select2.min.js?ver=6.0.3
IP 151.101.130.159:0
File type Unicode text, UTF-8 text, with very long lines (32110), with CRLF line terminators
Hash 181df71684644108d377cd7f33453c70
1b56127804db3da79d2f3958dac0bbeb387cc3b1
de6ddeaaf43159d98509c4bf5fbf6c6bd2c6749ee3e03d9c8033bfbc225489a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-hotel-booking/assets/js/select2.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-fb94"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.293874,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 20693
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.2
151.101.130.159200 OK 3.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.2
IP 151.101.130.159:0
File type ASCII text, with very long lines (10290), with no line terminators
Hash b99d62d2fb6bc5fe0897dec241ac9e9c
423664321c3f406d9b1dfec1fcc915b80c7d86e5
1842739356e1c06a060242d0c4bdf45b8f66e7e4456852ac39062120c2e45ae6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-2832"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.299784,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3892
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.2
151.101.130.159200 OK 2.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.2
IP 151.101.130.159:0
Hash 6592aa642bcbd025955b76f89a7b8651
c2ad48db00887d766a558b32935c60bd3e220698
a511fe6b445809afa09a2ed4580359b4dd4c33cc18ad6b7e948eb80f2627cfdb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-214d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.299857,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2586
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0
151.101.130.159200 OK 1.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1790)
Hash 367b1f7c17dbe9a34c3e6667c96ba2cf
5930ddbe97668bfcb50aa21c1b1c199b7c2df0ce
9f84b187aa4084cb890fee405c79cf126a289524470388ff3d90c5328bd5e390
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-ade"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.309854,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1327
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.9
151.101.130.159200 OK 1.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.9
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (2892), with no line terminators
Hash e7dd1561e3367652f35fe4c5936402c5
82d5a039a8f7e9547e02bfe68ea6f8e80c2b0289
e0634f0064aa2d136dd8789df864121a67cb48eb9cb6998dfebfebd748f20920
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-b4c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.322345,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1453
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.9
151.101.130.159200 OK 6.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (23181), with no line terminators
Hash 582d815179c7824d44af50f7dd4684b0
121680e4f179a746d2b6488644a8dbde8cc7ed38
afe2ccdbd51a46b2c5e42f194d83aa9b7b12f5bf739ad3153620580f4e10949f
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:03 GMT
etag: W/"620e61c7-5a8d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.323269,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6340
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modernizr-custom.min.js?ver=3.19.9
151.101.130.159200 OK 4.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modernizr-custom.min.js?ver=3.19.9
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (9726), with no line terminators
Hash 64367fc40e7b3d06b2688f5eac8a22a7
fc062e93c061d0276daf7e3c10cafaa9ce3a2947
a7419b62665a297c2e6b48c4aa29efae06db996203689653cda78dfde302e9f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modernizr-custom.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-25fe"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.396401,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4554
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/owl/owl.carousel.min.js?ver=1.0.0
151.101.130.159200 OK 14 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/owl/owl.carousel.min.js?ver=1.0.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (31997)
Hash ee25e63e9878087f61cc550377efcab1
8467e1e228cb17ed99ad4ee7fd4a2606859fda41
773f34c6142661b65d070b75458e61548d8255460ed212bc2ae670ba9e354f91
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz-child/owl/owl.carousel.min.js?ver=1.0.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-b434"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.396725,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 13951
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modal-all.min.js?ver=3.19.9
151.101.130.159200 OK 32 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modal-all.min.js?ver=3.19.9
IP 151.101.130.159:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Hash f8dace39ec40bc5b2b4593ed0e8f8c06
766b813928fc0793f2db3f960306bd0396145e02
bd17278726c0be2ab5371aa70e19ec9abef1af396947d9d47a769cd8fa4d4ae9
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/modal-all.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:03 GMT
etag: W/"620e61c7-15037"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.396497,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 31993
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/custom.js?ver=1.0.0
151.101.130.159200 OK 3.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/custom.js?ver=1.0.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (1793)
Hash edea92d2c1cfc1b17ea742e84454511b
a24bbc395afe9a9ac111dfbaca58104389beb4f7
ccbe1da531e3a9e4a9c2883e1d7a6c4e819e74bde688e8721502c7d687b9f695
GET /wp-content/themes/diaz-child/custom.js?ver=1.0.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-2cd9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.397271,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3844
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/modernizr.custom.js?ver=6.0.3
151.101.130.159200 OK 4.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/modernizr.custom.js?ver=6.0.3
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (9990)
Hash e5474dad9e190350e548128d48041df3
55972dff153aeb076b7d1f89f582c03d455083bb
dc1e7c1cf5064ce6072417b2ea249de1cd6b6a3c2feab783a1f09b3740510713
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/modernizr.custom.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-27b1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.397560,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4800
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
151.101.130.159200 OK 5.5 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.398927,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2018/11/WA-Logo.png
151.101.130.159200 OK 10 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/11/WA-Logo.png
IP 151.101.130.159:0
File type PNG image data, 176 x 107, 8-bit/color RGBA, non-interlaced\012- data
Hash ad7193ac1aab38f35a6b4e06182c0f73
ac843b05605f26bfa11a04c3e3596c4f68eae731
e6f8f24a93f8ddba1771cb868be9d207cf77e7f046f7c7233a24b230e229d560
GET /wp-content/uploads/2018/11/WA-Logo.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:30 GMT
etag: W/"620e616a-26ff"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.401795,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 10011
X-Firefox-Spdy: h2
www.opentable.com/widget/reservation/loader?rid=115024&type=standard&theme=standard&iframe=true&overlay=false&domain=com&lang=en-US
104.110.15.18200 OK 1.2 kB URL HTTP/2 www.opentable.com/widget/reservation/loader?rid=115024&type=standard&theme=standard&iframe=true&overlay=false&domain=com&lang=en-US
IP 104.110.15.18:0
File type ASCII text, with very long lines (3125), with no line terminators
Hash 04332fb50b31b018fe7b7e551168f0b9
24551200d76144b2d61d30166b462235848274ba
7fba9dd2147e2d437bb46a64f2a124bfa4957dbdc900566d9185eb8e09c8a73e
GET /widget/reservation/loader?rid=115024&type=standard&theme=standard&iframe=true&overlay=false&domain=com&lang=en-US HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: 32ef72b2-e0b5-4428-8875-9c36295682bd
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: EE21099C-A710-4792-A5ED-02A27017FAC7
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
content-type: application/javascript; charset=utf-8
etag: W/"c35-CtQKwv6Xwiuy5hn3tEX9eFxVh0Q--gzip"
content-encoding: gzip
content-length: 1225
date: Wed, 23 Nov 2022 21:57:14 GMT
vary: Accept-Encoding
set-cookie: otuvid=EE21099C-A710-4792-A5ED-02A27017FAC7; Path=/; Domain=opentable.com; Secure; SameSite=None
OT-Session-Update-Date=1669240633; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:14 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=e0cb8067-3d49-4832-81f9-d7ba820e64d1; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:14 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/accesspress-social-share/js/frontend.js?ver=4.5.6
151.101.130.159200 OK 523 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/accesspress-social-share/js/frontend.js?ver=4.5.6
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash dd2bc8c1d5f39be174e2b14593cefe9c
a0e2447f790df5ed1e8492c15e13513df49371be
d0bce2aa4768757ed4f29eff4e3376cffe3e79b29e3152e2352aa0d19e6c2582
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/accesspress-social-share/js/frontend.js?ver=4.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-390"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.406891,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 523
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8decaadbcb0c69a906c8bf71e6b3c3a4
f44a711439756490b4555f8e370068dfb8678b03
5b9187a2745a33f4a3d2f0f748b62b581536578a12f252712d848dfc5028827a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1716
Cache-Control: max-age=120770
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:14 GMT
Etag: "637dc548-118"
Expires: Fri, 25 Nov 2022 07:30:04 GMT
Last-Modified: Wed, 23 Nov 2022 07:01:28 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
www.opentable.com/widget/reservation/loader?rid=115024&type=standard&theme=wide&iframe=true&overlay=false&domain=com&lang=en-US
104.110.15.18200 OK 1.2 kB URL HTTP/2 www.opentable.com/widget/reservation/loader?rid=115024&type=standard&theme=wide&iframe=true&overlay=false&domain=com&lang=en-US
IP 104.110.15.18:0
File type ASCII text, with very long lines (3121), with no line terminators
Hash 71c05e8d8a1b528e083d1faed3179a02
48fd883103377431861a350fc9772474995b2227
b79e2b10e6a0f9f1b4dc47f3ee376a6e4f2354ee8062aedf1b502485063bf860
GET /widget/reservation/loader?rid=115024&type=standard&theme=wide&iframe=true&overlay=false&domain=com&lang=en-US HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: 526622c7-0c0f-469b-94ba-a2ae5edc2947
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: 122CA8B8-A82E-43BF-9731-A5C26A0EC02A
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
content-type: application/javascript; charset=utf-8
etag: W/"c31-o3kdWz5tiuNAYwTudcxMc/A2EaM--gzip"
content-encoding: gzip
content-length: 1229
date: Wed, 23 Nov 2022 21:57:14 GMT
vary: Accept-Encoding
set-cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; Path=/; Domain=opentable.com; Secure; SameSite=None
OT-Session-Update-Date=1669240633; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:14 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:14 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
151.101.130.159200 OK 2.6 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash cba765ca076cb13c7678f0293fb8a3da
98430a0a3db9c19a16f6940750a6738c4d00f962
f68a3fba394baf3508e7987049a6037d9f3e212dc9698976df9fbeb5703379ab
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-194b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.408486,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2581
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tabs.min.js?ver=6.0.3
151.101.130.159200 OK 2.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tabs.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (3467), with CRLF line terminators
Hash 6d27718f0234d619a1e62bafe1b3a5fc
05a44e06b6e9ed16a419e17742d32053fa0d6e36
e74fb4ebea1e5aad9151e5d4251b12764f99f3c3ed52b9ca233bf97d010d930a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tabs.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-1931"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.409615,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2891
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tipTip.minified.js?ver=6.0.3
151.101.130.159200 OK 2.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tipTip.minified.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (6210), with CRLF line terminators
Hash 58ad9cc705897023d38316bf5ec63ada
5831b8905006544e94980ce88907817de52068b1
87ecc43ea49394c082b04849b90ef679549196e6e864554e554e0a8530f024fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.tipTip.minified.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-1b95"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.409917,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2759
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.inview.js?ver=6.0.3
151.101.130.159200 OK 1.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.inview.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1801)
Hash e0ee86853dc1c6efb1061d96d07c4cb2
45b03d78f738f767c8e48992368c3a87495ecd22
0878768aa117197c9072863c8c274cf5f86601d75c8ba0137ea3800a7aa37f4d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.inview.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-ef2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.409901,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1722
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1
151.101.130.159200 OK 1.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (1668)
Hash 7821acfdb8b6a9b7239c819e511d2037
bdff79427e23f820c2b219dad0d9a6763930c1dc
e8e9806a85797e1392e7d87132fbc9e411ba5e3838bce7ab1a178bc1fd721cfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Apr 2022 17:35:51 GMT
etag: W/"6266dbf7-72a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410496,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1000
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/shortcodes.js?ver=6.0.3
151.101.130.159200 OK 5.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/shortcodes.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1791), with CRLF line terminators
Hash 12fbdbde80756d61a017c21a5a511fcc
dba1082488df8a14f8d87f2a56655eb3b8d9b038
4554003e7357b8b35b58c5ed962e0b0e84ddaac190b12c4e71fa8f91eaca7058
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/shortcodes.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-4dea"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410391,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5641
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/slick.min.js?ver=6.0.3
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/slick.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (32076)
Hash f43c058da40c49c71d0baedbf52c944b
3beb78e610701d1a8ee4af1b162690bbd9b5895c
46f1d3d0fb68822cf80c34c510de065ed5b67afde57472e85f8c21a56a2f4bf3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/slick.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-aadf"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410407,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12473
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/custom-post-types/js/protfolio-custom.js?ver=6.0.3
151.101.130.159200 OK 2.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/custom-post-types/js/protfolio-custom.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1793), with CRLF line terminators
Hash e4b12cde974120dae8b43a894d39646e
30dc147d2b66725eda7202fa2982cb44e62d89b3
da187c64197e2d391e6550c9dccb6a26f356b8f95a70af2e2f0567b3baec8233
GET /wp-content/plugins/designthemes-core-features/custom-post-types/js/protfolio-custom.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-16e3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410386,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2381
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
151.101.130.159200 OK 3.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 166915ea03529ad614e726271e24131f
b7c07cf3db2ac4676ce67733bd14dd01fe3ac012
fba99b39e4202fec3919a140609af8fc0a25a7a19034dee31db57d9a39772470
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 03:21:33 GMT
etag: W/"6254f03d-25f8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.409273,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3484
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/custom.js?ver=6.0.3
151.101.130.159200 OK 4.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/custom.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1793)
Hash ae46deee61293a3216688c4ba598a5fc
1d2d83b59192abcac7b1e0eea8f7a6f377957cbe
f6831814c1f140c192f71a21f52bae3b495d3d14f93fb3106dbf924bff7d4a8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/custom.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-3198"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412794,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4241
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
windsorarmshotel.com/wp-content/themes/diaz/framework/js/theia-sticky-sidebar.min.js?ver=6.0.3
151.101.130.159200 OK 2.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/theia-sticky-sidebar.min.js?ver=6.0.3
IP 151.101.130.159:0
File type HTML document, ASCII text, with very long lines (5088)
Hash db9ee4f223e94d6eb1c70f10974f16ed
56e2544db48751ddff66a52b649cb717efb51db6
6bd896dfa41b7519572ca6b221d15d590538b19276a8b43f41ec59cbd7bf6668
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/theia-sticky-sidebar.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-1b19"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412874,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2742
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/hotel-booking.js?ver=6.0.3
151.101.130.159200 OK 2.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/hotel-booking.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1793)
Hash 238f582758f9fde7acbf4e1044f8ff41
b5375de45181d48757318e1adc839d81abed7e97
34b83149a5111924cb2897081d812995e2f44b8aa50add905b975e2637669dab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/hotel-booking.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-11e1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412855,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2017
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.ui.totop.min.js?ver=6.0.3
151.101.130.159200 OK 3.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.ui.totop.min.js?ver=6.0.3
IP 151.101.130.159:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (5391)
Hash c5cd8e191d002b1e74c1053f8247e5a5
3f374949d23c8d557b73b49fe25986d9b39ba1ad
1d59b25dfa5103422ff55167cfc5c3641b988cb9b7d82f0313c182d0bd9c0e78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/jquery.ui.totop.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-21e4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412972,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3465
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/js/site.min.js?ver=1.10.2
151.101.130.159200 OK 1.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/js/site.min.js?ver=1.10.2
IP 151.101.130.159:0
File type exported SGML document, ASCII text, with very long lines (3076), with no line terminators
Hash 8f58e162b3e20c900467f9afa95c7ddf
a79489f7fca0a6efe09b4a1932a34ffa9c6a841a
69f34cda2cc2987e550837877e118744f757ed4d6d7f9ed5a479ad5a1ae98cab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-hotel-booking/includes/plugins/wp-hotel-booking-extra/assets/js/site.min.js?ver=1.10.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-c04"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.413008,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1208
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/magnific/jquery.magnific-popup.min.js?ver=6.0.3
151.101.130.159200 OK 8.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/magnific/jquery.magnific-popup.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (21877)
Hash a83a940007e6a7ec106dc607b1bcb5f9
abd1dccb6a8671700b4238b512c56ced10566357
7676b77a5167ffec209ecbb4c0698ca1086006007ec51a627081a7f4b55a50eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/magnific/jquery.magnific-popup.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-55f6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412825,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8907
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1
151.101.130.159200 OK 836 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b0099b2baa05980cbc24ac27a8e95be3
f72e3bab79d57be81440a23adcca469cd9f4506a
ed4794d311b177c5847a43b9e13df968a32153f4a45fa72d7ef8c9a0c00a11b1
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Apr 2022 17:35:51 GMT
etag: W/"6266dbf7-85b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.413049,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 836
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/ResizeSensor.min.js?ver=6.0.3
151.101.130.159200 OK 1.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/ResizeSensor.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (2233)
Hash 4af129c61c88b52e711c57dfa1b993f3
6458218cf99dcfc6e4e7bc07f8d8b073364237b6
7229aadd0bde5446b1f62e62a2020c984350d26f0bd596a48288a93db1deab76
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz/framework/js/ResizeSensor.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-fea"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412896,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1922
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1
IP 151.101.130.159:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 25e23a802d20db87fcc1f06b03c1e8a2
f161cebfbad2f5eb07a2a9df1ce49cd7e7b2179b
c2a882653542c39ff9479ce69781d0cae503b3e03727d96ee61cfb203ca5942f
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Apr 2022 17:35:51 GMT
etag: W/"6266dbf7-b7a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.413035,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1086
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/js/hotel-booking.min.js?ver=1.10.2
151.101.130.159200 OK 5.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/wp-hotel-booking/assets/js/hotel-booking.min.js?ver=1.10.2
IP 151.101.130.159:0
File type exported SGML document, ASCII text, with very long lines (18957), with no line terminators
Hash efe197e27f9e893ba561aef01b7e1306
e6301c0771b88041931f60e6806e886d7639a01b
d9e46643dcdef9593fbe6184ca229b3f26f1592f46da78698f6a3e1988a28366
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-hotel-booking/assets/js/hotel-booking.min.js?ver=1.10.2 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-4a0d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412989,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5655
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.visualNav.min.js?ver=6.0.3
151.101.130.159200 OK 3.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.visualNav.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1790)
Hash 71258b930a73cbd1dfefb5f1d9182880
95553298f71f19d395f8f1e2b2e592d999ff194c
51b5b87a1ca5549b11304291b66e4f2377af547ef8bb44cafc2136ed11cb8d9c
GET /wp-content/themes/diaz/framework/js/jquery.visualNav.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:09 GMT
etag: W/"620e61cd-1c1d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412928,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3138
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.animateNumber.min.js?ver=6.0.3
151.101.130.159200 OK 1.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.animateNumber.min.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1790)
Hash 4fc25d2f2f05856a449fcc3c86dc0f8c
eba51e494ca8b23edcd6e4d1d0fc4c73a7516d44
d20d1a336dfe2f4bae0731ae47a656e968b41af1e75d67e07469cc3b3045f56d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.animateNumber.min.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-c47"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410136,VS0,VE6
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1655
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
151.101.130.159200 OK 7.6 kB URL HTTP/2 windsorarmshotel.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 151.101.130.159:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2059fe073bfc62ce84fe8fc1f42d35a9
68038ff5383ffde15542f57782d7a53c8de8bb48
543dbc6a5dd60032fb9d74beef1f7ac5f6cee543b6422b1f0928b9001d050eb8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 08:13:20 GMT
etag: W/"634e6020-4ac6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: 8iypdqt99y
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1669240633.409124,VS0,VE10
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7559
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.plugins.js?ver=6.0.3
151.101.130.159200 OK 54 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz/framework/js/jquery.plugins.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (32032)
Hash c69206b0f8fc0a7a36ee4d34242bdaa0
34ac0465aa534368edaee742399ee462d09fe461
507c1a2655dc72c659ed709fcb9c243619d97c3cfad829536f1d7db0c775b155
GET /wp-content/themes/diaz/framework/js/jquery.plugins.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-2b011"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412942,VS0,VE13
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 53791
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (32004)
Hash 8273affd977800b6a58dc05bec339d1a
321f621c8e1f83b1dc673c293caf58f8474fe27f
af92cd3c43b15857aee144c77245f923ac9cd921cd3a2407f4602af7ba58cffe
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-9288"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.412842,VS0,VE20
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 12069
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.donutchart.js?ver=6.0.3
151.101.130.159200 OK 2.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.donutchart.js?ver=6.0.3
IP 151.101.130.159:0
File type ASCII text, with very long lines (1790)
Hash af59314778798e0c15a1ad1ba54efc33
68a8cdaaebf40304133479f8ba7fab391e6821c1
a2da19aead97e2bf8d6654205ca2ebb7db06f1ace85d0d26aa4e2074ba3bdec8
GET /wp-content/plugins/designthemes-core-features/shortcodes/js/jquery.donutchart.js?ver=6.0.3 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-14a7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240633.410095,VS0,VE30
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2085
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.5.6
151.101.130.159200 OK 347 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.5.6
IP 151.101.130.159:0
Hash b3ef063ba1aa7d1b060174205261789e
a87862053d33aad5862f5b8a6551f765afd23664
f827b836cecdc97b1e7af9efbc2213af8362e9b5d80fd48de89012cd764ff65b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/html5-fallback.js?ver=5.5.6 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 03:21:33 GMT
etag: W/"6254f03d-283"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.505570,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 347
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=3.19.9
151.101.130.159200 OK 12 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (47238), with no line terminators
Hash 14e2eef507ea8091a718723efc819a6c
ad3bae868406a42ee8b45df111104d9c1017732f
c7b8e0995e9887474eec25fdf2d4397831e1e328e8ae50b5e07ad85cb7b4c564
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:03 GMT
etag: W/"620e61c7-b886"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.505894,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 11651
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
151.101.130.159200 OK 7.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (22208)
Hash f5fb5795fecca5f8b7e45d892cdac833
27cb3e1d31e4e1acd4b1365edd3ffb43882fa862
f5a7b3fec2d31b913a3276a5326f7c2788cf4a108da68b388c91901812e1ea45
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-579b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.505758,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7288
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.9
151.101.130.159200 OK 7.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (64385), with CRLF line terminators
Hash eed9ef30dcf72e2c3d9a4109f04e89a7
22961f2a7b35d29fb1c42887b21849e48abe47ad
a2a96635f5a2f9582fbab97e84449d02da3058f40a0055e4cd9e32041d3c97e3
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/animate.min.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-11237"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.096765,VS0,VE445
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7119
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/modal.min.css?ver=3.19.9
151.101.130.159200 OK 2.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/modal.min.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (16042), with no line terminators
Hash c789322a15543474911e1ea99b36a5c4
9616acb0d580db0342efbacbdb646368e0e9ccc7
ee53dba6487e1934b4d235a5e0cd39a6caa4b41d33feac88daf4d1823475ffbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/modal.min.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-3eaa"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.100322,VS0,VE441
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2784
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/blockquote.css
151.101.130.159200 OK 1.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/blockquote.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 4bff9d4eab4477bbcf034dfc2a651726
50aa55644f2f995171be37f98541896ed60d79d7
6aa18bc0f756bd31de51592784a25fe4b98b111b433fd8cf4342db660611ba97
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/blockquote.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-1cb0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.692085,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1787
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/buttons.css
151.101.130.159200 OK 5.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/buttons.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (2940), with CRLF line terminators
Hash 782f673119d96340af838a6a291e4a78
778ed5b442a95884a71ed32906c3d4b270dbb0fc
a015762d956a71f31fa3e1fdfb7ddf6192c7e12db77ab3438496df8ec237e941
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/buttons.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-9849"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.694862,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5616
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/counter.css
151.101.130.159200 OK 3.3 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/counter.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (684), with CRLF line terminators
Hash 98853c11967070d13200b82233d20748
bf4ffa3d357735d0559f067fdf14001c0473c803
009292500eda837423ce334a8b3413968b2a3ecd422c86c36a884301ed5c7010
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/counter.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-485a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.701473,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3261
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/custom-nav.css
151.101.130.159200 OK 3.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/custom-nav.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (363), with CRLF line terminators
Hash bfb541da76bf7fb4c30f14da91562719
218156462766095f9b84f79597f2d26bd23f8854
4062db398bd35b9e859fe6f1f06b3a131c9f28b1b64a1d6a3291c257a77f7601
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/custom-nav.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-5ae6"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.702634,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3151
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/contact-info.css
151.101.130.159200 OK 4.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/contact-info.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (491), with CRLF line terminators
Hash ff6583983f455d65df2ff68731910a7f
e1ef620c7a72aade9ea04128cf5c114b83c67f57
0e3f4a7e61887da456fcfcf21a4f9d7500608a358e088fb28452a75d22ea2f59
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/contact-info.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-5ca4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.699968,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4202
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/donut-chart.css
151.101.130.159200 OK 643 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/donut-chart.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash b08c7886dd307c1468ecfc12a7fac620
a51ac7012fd246f8c449f867df4c92f7adda24bf
392ea7bebfed9916c38b2dadc297c5517a5657a0006903848b534b7aa292c721
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/donut-chart.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-9d3"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.702801,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 643
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/dropcap.css
151.101.130.159200 OK 1.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/dropcap.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (333), with CRLF line terminators
Hash 72b4b2ccde7702ac7ce059b8f261c269
bb7a534f36da92305aeb78f338faf159544e1b79
0f90d0474f7b570ef36f35cd88e618294652fb5911dd7fd43cf9394a64d1aa08
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/dropcap.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-23d0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.703584,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1472
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/fancy-boxes.css
151.101.130.159200 OK 1.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/fancy-boxes.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 6e53a11ea942189ecf8c0c298807ba37
be54e320a70692f4c240f004956dc4cba4005fa0
115726879475db8b5d0af7c5603ba7b583ca6efce5a3d6a2d764e19d3613d9a0
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/fancy-boxes.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-162a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 5
x-timer: S1669240634.703793,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1418
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/newsletter.css
151.101.130.159200 OK 5.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/newsletter.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (615), with CRLF line terminators
Hash 94f911dbd021939cfa00810a62856a7c
dce13e86629d321e14dfebb358cd004a199b177d
03b8cc8869158dd68a06c04f5e7c08be11e567c06e66fda9f0de385f636b6897
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/newsletter.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-7a16"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.704665,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5020
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/icon-boxes.css
151.101.130.159200 OK 7.4 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/icon-boxes.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (1334), with CRLF line terminators
Hash e29df820df35944602af21a9db1776ed
7d05989d57d772292a0ea10a26aaae26c78f1014
421be7395a653b899efd75bc59e9d81bd1e40c91140f1405c478fa07315679e6
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/icon-boxes.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-b393"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.703963,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7444
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-caption.css
151.101.130.159200 OK 4.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-caption.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (1169), with CRLF line terminators
Hash 794252cb8c903b569c574ea64a12fdf9
2498298ab4f3d7431588d1ba4990606a76e2ff15
e616d0afea982fff809967a61f2a44a72bb80fbece8de387c524c6793144ebd2
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-caption.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-652f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.704091,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4499
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/lists.css
151.101.130.159200 OK 2.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/lists.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 5bdfadc96f3c040a431a43f483fa407b
62a0eb6b5c83114ecefb73c19ca2950fc876bf35
ab1af9cbdccc59dfdf1a7943ddabba4b092a27e32a9528d2e36dc6b4fffcfe82
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/lists.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-23da"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.704587,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1955
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/pricing-table.css
151.101.130.159200 OK 3.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/pricing-table.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (1101), with CRLF line terminators
Hash 8a1759cb1a7e94de7b7e02fb62dce229
9f4c1bcfded08c93370cf3ca02dc0f5bc16f4c9f
36b8eea102bf6abb5aec5eb47dec90010cf1216cdb038907928e262d03b2f0f0
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/pricing-table.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-4186"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.705094,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2976
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/event.css
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/event.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (313), with CRLF line terminators
Hash cd3bdd8c340cdb93d2191c95024708c7
17dd91fba1e764863922cca7ec79263be3f25461
8657e3dffe150421b6d66d35167458cd8817bcb84ceae415254cea3051fe2b82
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/event.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-12dc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.703676,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1057
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-flip.css
151.101.130.159200 OK 503 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-flip.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash d1452a73d60a76703e6d98622fd4042a
fad23eda22e46e4fb0855048148ae21afa797955
e3748e63652715529849fd6c4a9707e8960267b3fe4b2487e1675849f3a5b055
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/image-flip.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-611"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.704333,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 503
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/testimonials.css
151.101.130.159200 OK 5.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/testimonials.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (567), with CRLF line terminators
Hash f21a7cfe166930d7e5c1e9f73419f26f
f3f9872e76f9909c830e522971dbddc64b0f017c
4ec9e5c95b26884ee39cef868e661d7cd698ce90feee7b2424e2b65a4df66396
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/testimonials.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-81f9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706012,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5905
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/social-icons.css
151.101.130.159200 OK 2.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/social-icons.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash c5cc258e7a6aeeaf6eeb09e304e2ed7d
bae7f9f69b362486b32bb6eb4b44136cf9fefd66
13238d9ca1a4977e9414d22b993b5405201aa9be63c480098467a9118c70bb30
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/social-icons.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-340d"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706087,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2137
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/progress-bar.css
151.101.130.159200 OK 1.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/progress-bar.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (305), with CRLF line terminators
Hash c503d04f9a0267936dae51d8f18a602a
b858bb1f7368c858616a9c7c7ff65c224400ed30
9cbc5ccfb4f5e93bedde8d6f3eef3e3e7167302e38f38e9c489e1f271558aab7
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/progress-bar.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-1e89"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706115,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1782
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/title.css
151.101.130.159200 OK 4.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/title.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (415), with CRLF line terminators
Hash 66d083afc097f8f12d8bef3dad2bbab4
36f9a284c87868bd150ba777c12a2936f2c3088a
cd8cfabe674c71fd14233ea17745881b234b7028e7117ad8f4525967e3229ca7
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/title.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-5568"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706576,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4093
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/team.css
151.101.130.159200 OK 4.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/team.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (1141), with CRLF line terminators
Hash 821a200d013a5796bdd7ae04171aa927
8871cfdd057a97c3252eddfb1cfb048ed44b771d
99bd75fb7174c220592fd9f93f5b515f10fa7e717ebeae3899f32e186485444d
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/team.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-6161"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706041,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4223
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/toggle-and-accordion.css
151.101.130.159200 OK 2.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/toggle-and-accordion.css
IP 151.101.130.159:0
File type assembler source, ASCII text, with very long lines (507), with CRLF line terminators
Hash b8eff0038b1e129ec9aa5d0b40838373
8c005d42141f3e10acbb7e6bb216d4c5dd8cc97d
42ca2d93b233e43989aeab9a74848a7489803503de4e08c2a4949efff96a3a37
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/toggle-and-accordion.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-33bb"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706565,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2134
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tabs.css
151.101.130.159200 OK 5.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tabs.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (423), with CRLF line terminators
Hash d7a79b13545ce6e9c3d12e7a3dd4c581
21d1e5465bf2ade16899518fd34d569d7836ec54
5c6fb6eadcb1dd55caab3eed38839b567e63f28b68394d84732df5cc3a83ab79
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tabs.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-9d53"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.706060,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5896
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/twitter-feeds.css
151.101.130.159200 OK 465 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/twitter-feeds.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash e89b1329dcc263405ff09ffd6d77f1be
051665f032f9b88af4ef1eb4286f3cedc238c945
5d3ddb36259fe00b1355351b484466123d335cfcc7be4d1c14afcdc632edfcf1
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/twitter-feeds.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-4db"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.709197,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 465
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tooltip.css
151.101.130.159200 OK 601 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tooltip.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 77f005585562a8309914b581c22aee26
ffd21dc25262455d7e0138b394df3427704dccaf
7d1cc6d5af037f07b432ba642d8929a37e9a12128affa18314e4c85fe070a591
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/tooltip.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-768"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.709221,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 601
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/video-manager.css
151.101.130.159200 OK 1.2 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/video-manager.css
IP 151.101.130.159:0
File type assembler source, ASCII text, with very long lines (608), with CRLF line terminators
Hash 3ce59dccc83b364b935d9061bd0e6f59
db97b602218e22ffc5ad1b4e0e9418e297212130
92aff08fb0bfec9cb593d91fde645928d8e4f1dab441b90887faa16acf870b53
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/video-manager.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-e42"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.709179,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1221
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/timeline.css
151.101.130.159200 OK 4.5 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/timeline.css
IP 151.101.130.159:0
File type ASCII text, with very long lines (516), with CRLF line terminators
Hash 7176f2f71a1e284f36e11f52787f39d9
529618fab4e6d75a7b0a659d78a8d961723dafaa
0b1bc33db112b54dc7d73493a677006d987cfdf4a2e454877d9a80ac74ff20b7
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/timeline.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:06 GMT
etag: W/"620e61ca-6b27"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.705988,VS0,VE10
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4526
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/popular-procedures.css
151.101.130.159200 OK 705 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/popular-procedures.css
IP 151.101.130.159:0
File type ASCII text, with CRLF line terminators
Hash 71202b4807291d03c2c3b81fa9cf4037
a0e1ef3c6c6f8dd8f1952e125c40f1064d1f40e1
c487669361b1512705ff6a77b1252ca415cad4a38d70ac229907d5435ac92486
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/popular-procedures.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-9ba"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.705119,VS0,VE18
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 705
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2020/05/WA-Information-Icon.png
151.101.130.159200 OK 745 B URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2020/05/WA-Information-Icon.png
IP 151.101.130.159:0
File type PNG image data, 69 x 69, 8-bit colormap, non-interlaced\012- data
Hash 2243a46882787639c8d0e63c5d24a984
89b6b96403ffaef4f18669ac24e3b2576b1a5e01
627dd33e0335ce3d189c828f62938c08ad9ac86fa7dde4fa98971a4c09d34acf
GET /wp-content/uploads/2020/05/WA-Information-Icon.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:22 GMT
etag: W/"620e6162-2e7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.399245,VS0,VE340
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 745
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/images/room-icons.png
151.101.130.159200 OK 1.1 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/images/room-icons.png
IP 151.101.130.159:0
File type PNG image data, 152 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 277f5c4fe39fc9cfd281525a9c6e1ffa
e434a4e331d2158cb8ac7ad22e1643697bd846e1
0cde4d6c4a08c08e714d0528df6066d1e3d80271275a3b959ce9cced84f834b3
GET /wp-content/themes/diaz-child/images/room-icons.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 18 Feb 2022 19:26:50 GMT
etag: W/"620ff2fa-43f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.401807,VS0,VE338
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1110
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0
151.101.130.159200 OK 6.9 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0
IP 151.101.130.159:0
File type ASCII text, with very long lines (14268)
Hash 01f38b2cfe6ca64f9face7ab26544caa
67c4d89e3b864980d0cedc18bd4e11f8ce629c65
077bce168c2905430087e73c99ceaad5978df024ad6a709ddf4445e4b76f90c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-3920"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240634.505757,VS0,VE333
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 6899
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.9
151.101.130.159200 OK 1.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (3140), with no line terminators
Hash e86f4e6fd314d5c6b17d130733f72947
4602e0ac0c802e4e2fd13555b38821245d4fe6c6
32af3da2bf0dd1f52888b8ee7d1144471bbbce611814b25fbc4e1a043b39ec03
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-c44"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240634.505913,VS0,VE366
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 1560
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.9
151.101.130.159200 OK 2.0 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.9
IP 151.101.130.159:0
File type ASCII text, with very long lines (9312), with no line terminators
Hash d149fa001e2ce2db746094998773e7e8
e82daf02cbd99da16e322a89d09e7853fff8668b
ccc2e642ff0caf4eab12cf70063935e1fd09ec96d5136c8af04d95dd42c2bce7
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.9 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:04 GMT
etag: W/"620e61c8-2460"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.406665,VS0,VE468
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2005
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/fonts/HelveticaNeue.ttf
151.101.130.159200 OK 57 kB URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/fonts/HelveticaNeue.ttf
IP 151.101.130.159:0
File type TrueType Font data, 18 tables, 1st "OS/2", 35 names, Macintosh\012- data
Hash 76fa3e4c9486f5442af85e6377953fec
6bbeae98d93dfaeb0cf465e5156190d907775aaa
4bed3cc8fc368cfe84296df43ee4c19ad2e3c90b67566e8af974424283966319
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/diaz-child/fonts/HelveticaNeue.ttf HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/themes/diaz-child/style.css?ver=1.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Fri, 18 Feb 2022 19:26:50 GMT
etag: "620ff2fa-1f368"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240635.137968,VS0,VE1
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 56814
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KBPGFJP
142.250.74.168200 OK 21 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KBPGFJP
IP 142.250.74.168:0
Hash 97a4feedfcb09e3fea0817b48ea28599
863ee4523889ef8b896342f45b177dcb60322127
cb663fe13fd1bba7957a6717f41f689df17ac65b875d4a68e62bc178d7674182
GET /gtm.js?id=GTM-KBPGFJP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 21:57:13 GMT
expires: Wed, 23 Nov 2022 21:57:13 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49660
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2020/05/home-video-poster.png
151.101.130.159200 OK 3.9 MB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2020/05/home-video-poster.png
IP 151.101.130.159:0
File type PNG image data, 1914 x 873, 8-bit/color RGBA, non-interlaced\012- data
Size 3.9 MB (3854137 bytes)
Hash 41af9bdfe5009855e7344dbdf5a7ef2d
b582241114f2b58ae869bb8ac316aad9132a816a
84b5eb51221e8db0a2bf51d9975521667fc0c620566ed0874d160498d69ea3c0
GET /wp-content/uploads/2020/05/home-video-poster.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:06 GMT
etag: W/"620e6152-3acfa0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:14 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240633.397845,VS0,VE821
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3854137
X-Firefox-Spdy: h2
use.typekit.net/af/7cf50c/00000000000000003b9ae120/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 60 kB URL HTTP/2 use.typekit.net/af/7cf50c/00000000000000003b9ae120/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 60232, version 1.0\012- data
Hash 8058141da23e225eb2f382c3b01d5b3f
ebf4569c6dcbd105cbee90e53fcf8cea0efb2f3f
3447b56c50b79dc93ac640594172338b735b40ebbb9016d33850900d762538ab
GET /af/7cf50c/00000000000000003b9ae120/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://windsorarmshotel.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 60232
etag: "14cd3ef175108bc08ee7e9de8ccfe873c2a8bc9a"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 23 Nov 2022 21:57:15 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/480445/00000000000000003b9adf9b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 226 kB URL HTTP/2 use.typekit.net/af/480445/00000000000000003b9adf9b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 225528, version 1.0\012- data
Size 226 kB (225528 bytes)
Hash 3f75a0457daba03de31d60de58279ab0
7cd24be6fbc9638959776a7ccf989648b9df56bd
f56b45770903fded4d62b38749d41488c43b0eacb530653c7a139e9d37fa47c9
GET /af/480445/00000000000000003b9adf9b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://windsorarmshotel.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 225528
etag: "fd2c61bdd942448c29ca0ce2ce273413e77243bf"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 23 Nov 2022 21:57:15 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fdf09dc4ca56c3a9fd35dc266d47f09
f69bea07bfc3387b0a7ce95a237a2bb149a36e8d
f45dd1103bea1b94a45ad46bdf6fab60aeca5501bf38bd558c209a00300edb8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5634
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:15 GMT
Last-Modified: Wed, 23 Nov 2022 20:23:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
stats.wpmucdn.com/analytics.js
151.139.242.7200 OK 24 kB URL HTTP/2 stats.wpmucdn.com/analytics.js
IP 151.139.242.7:0
File type ASCII text, with very long lines (1925)
Hash 66e020f73ca2ccdcb4ef1b1454e13b98
7c2d30bf730690ed2437db725f3c4de9ca9a9d11
45ec0d06a35d0b222d6d267005f6dce0507055f419aeb22a16b3035e49a7c576
GET /analytics.js HTTP/1.1
Host: stats.wpmucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:57:15 GMT
content-type: application/javascript
content-length: 23826
last-modified: Thu, 10 Feb 2022 17:56:53 GMT
etag: "620551e5-1131c"
expires: Sat, 18 Nov 2023 21:56:24 GMT
cache-control: max-age=31104000
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/themes/diaz-child/images/select-arrow.png
151.101.130.159200 OK 891 B URL HTTP/2 windsorarmshotel.com/wp-content/themes/diaz-child/images/select-arrow.png
IP 151.101.130.159:0
File type PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Hash 34007d16a6c0c4cb1a14e3167ed1bd9a
ea0093ff96ad621bf27a39741680b5c709fd614b
3e6a8742830236ea0c1f6c2130f17698cb17a8e1a089019fdd99bc83d0cbbab7
GET /wp-content/themes/diaz-child/images/select-arrow.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/themes/diaz-child/style.css?ver=1.0
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 18 Feb 2022 19:26:49 GMT
etag: W/"620ff2f9-4a0"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240636.561453,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 891
X-Firefox-Spdy: h2
use.typekit.net/af/846c1f/00000000000000003b9ae11f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.186200 OK 61 kB URL HTTP/2 use.typekit.net/af/846c1f/00000000000000003b9ae11f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 61296, version 1.0\012- data
Hash 9b45a016d7f20a0136a7f94559df9bdb
77de4de101fa56afccf87029e718b6558692925f
c0668ff1c16423b1f6d3f0755470a73dea6574401b723c784a6b145c836c8702
GET /af/846c1f/00000000000000003b9ae11f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://windsorarmshotel.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 61296
etag: "abd26e401f332358bd717dbcae47daa1d0c8bf83"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 23 Nov 2022 21:57:15 GMT
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/fonts/cormorant/H4c2BXOCl9bbnla_nHIA47NMUjsNbCVrFvZUc7Nq6y-r0YrJdw.woff
151.101.130.159200 OK 25 kB URL HTTP/2 windsorarmshotel.com/wp-content/fonts/cormorant/H4c2BXOCl9bbnla_nHIA47NMUjsNbCVrFvZUc7Nq6y-r0YrJdw.woff
IP 151.101.130.159:0
File type Web Open Font Format, TrueType, length 25004, version 1.1\012- data
Hash c9b34479ff0fc95f844deaf448bc65eb
8108155cd88973df6002d2e0b1ee908115868b07
440fa2e635f8d8f5041d4f8ad2829406d80c6d6224df208aecc9fa5d801f10a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/fonts/cormorant/H4c2BXOCl9bbnla_nHIA47NMUjsNbCVrFvZUc7Nq6y-r0YrJdw.woff HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Fri, 01 Jul 2022 20:25:04 GMT
etag: "62bf5820-61ac"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240636.597557,VS0,VE2
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 25004
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2018/12/WA-Eganridgebckg.png?id=12752
151.101.130.159200 OK 517 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/12/WA-Eganridgebckg.png?id=12752
IP 151.101.130.159:0
File type PNG image data, 1889 x 764, 8-bit colormap, non-interlaced\012- data
Size 517 kB (517264 bytes)
Hash ce9ab51e9810f7d487e5a5608addcc1c
0c5906be913af0524cb2190bcb241bb6b1d08fdf
472ef735c550867f7153709675939c172c9fdb632e0d39041fbf736738eff8de
GET /wp-content/uploads/2018/12/WA-Eganridgebckg.png?id=12752 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:15 GMT
etag: W/"620e615b-7e412"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240636.574718,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 517264
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 4b9d957eae6cd690540ad35cd42de9fa
b62eadc506ffb6474dfd9423cb8851146197b9f6
d9d0659ecb14e022b54a1d3662bb4e546128a5f7b661f4165737ae058ab94308
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D0659ECB14E022B54A1D3662BB4E546128A5F7B661F4165737AE058AB94308"
Last-Modified: Tue, 22 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2646
Expires: Wed, 23 Nov 2022 22:41:21 GMT
Date: Wed, 23 Nov 2022 21:57:15 GMT
Connection: keep-alive
silverpay.app/windsorarmshotel-egift
64.235.101.221302 Found 0 B URL HTTP/1.1 silverpay.app/windsorarmshotel-egift
IP 64.235.101.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /windsorarmshotel-egift HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 23 Nov 2022 21:57:15 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-cache, no-store
Expires: -1
Location: https://silverpay.app/windsorarmshotel-egift
Set-Cookie: APP_SLOT=8; path=/; secure; samesite=none
windsorarmshotel.com/wp-content/uploads/2018/12/home1.png?id=13110
151.101.130.159200 OK 451 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/12/home1.png?id=13110
IP 151.101.130.159:0
File type PNG image data, 904 x 815, 8-bit colormap, non-interlaced\012- data
Size 451 kB (450776 bytes)
Hash ff8c865c11cf1de1d87b691429b6224d
1b71f09720ba0ed5893e857a945cf8a49f5a6113
c17afad3e9bee7274f6db4767ca08959fda9953b949179a2e1429aea9337f894
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/12/home1.png?id=13110 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:17 GMT
etag: W/"620e615d-6e04f"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.567548,VS0,VE285
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 450776
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2018/12/WA-Testimonialbckg.png?id=12756
151.101.130.159200 OK 43 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/12/WA-Testimonialbckg.png?id=12756
IP 151.101.130.159:0
File type PNG image data, 1889 x 525, 8-bit/color RGB, non-interlaced\012- data
Hash 3693c82085329e4f761a1337ae660b4b
621da588dec115e1d1157bacf28900277e9ce2a7
79ba26eea9319f1ac7c98eb4265cc5274939d749e207d109b227661154da822f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/12/WA-Testimonialbckg.png?id=12756 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:52:20 GMT
etag: W/"620e6124-ad10"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.561157,VS0,VE326
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 43333
X-Firefox-Spdy: h2
cdn.otstatic.com/reservation-widget-generator/1/js/modaloverlay.min.js
23.53.48.239200 OK 54 kB URL HTTP/2 cdn.otstatic.com/reservation-widget-generator/1/js/modaloverlay.min.js
IP 23.53.48.239:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (46522), with NEL line terminators
Hash 33ac76ea98ede00defb75c7e6160b101
8eff7b7350219866c127a31db43673ad6b1bcca7
4ab5e57a18e2a1ddd1b980cc3e53fb321ef94169924b13f96b84019db5ae437d
GET /reservation-widget-generator/1/js/modaloverlay.min.js HTTP/1.1
Host: cdn.otstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "5512543ba16335ad0395949f628b789f"
last-modified: Tue, 20 Sep 2022 21:38:27 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-amz-id-2: 4z8sD9kJyorq6FoovL5cllxYCEfFT9N0jDTZQqHQUYvRZZ+1zreJaODF5MPSGmGRYFelKUXjoo4=
x-amz-request-id: EA57RM7Q79M7NTT9
content-length: 54083
cache-control: public, max-age=29851424
date: Wed, 23 Nov 2022 21:57:15 GMT
access-control-allow-headers: *
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: https://www.opentable.com, https://www.opentable.com
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=6.0.3
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=6.0.3
IP 142.250.74.10:0
File type ASCII text, with very long lines (57346), with CRLF, LF line terminators
Hash 9df3839608ea3c961563c974087a2671
ae90b2b1e0315525fd14656cc6ee327f6789ac33
ac3b34eb5a74ef971cbfe419672e1b358d1dc75d0e3a4d7008f94cf16c7cd680
GET /css?family=Abril+Fatface%3Aregular&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 21:57:13 GMT
date: Wed, 23 Nov 2022 21:57:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
151.101.130.159200 OK 8.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP 151.101.130.159:0
File type ASCII text, with very long lines (27652), with CRLF line terminators
Hash 28c8b6f0608450f2b6de1833ed618314
07263e3ab0c2a25ab0f121af492580b73b313bb1
88d8ca724802f96c674e8a824fdd8ad1fd86c3eba1a796ce2b717f90e895b7b2
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:10 GMT
etag: W/"620e61ce-6cf5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:15 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240636.919740,VS0,VE3
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8767
X-Firefox-Spdy: h2
www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=standard&overlay=false&domain=com&lang=en-US&r3uid=Nv_vzrQCvS&newtab=false&disablega=false&color=1
104.110.15.18200 OK 2.2 kB URL HTTP/2 www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=standard&overlay=false&domain=com&lang=en-US&r3uid=Nv_vzrQCvS&newtab=false&disablega=false&color=1
IP 104.110.15.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3920)
Hash af02471195ad83ce071b521bdf1fc033
5391df4c807bee2b3bcc049ba511b8abc547ee25
bde44f9096507a1aeeb07bfb9a47ba21edd34342fc6dda041e89ca4d43c313f2
GET /widget/reservation/canvas?rid=115024&type=standard&theme=standard&overlay=false&domain=com&lang=en-US&r3uid=Nv_vzrQCvS&newtab=false&disablega=false&color=1 HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240633; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: b6f8474c-8a8f-4526-8f75-3b797ec42c8b
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: 122CA8B8-A82E-43BF-9731-A5C26A0EC02A
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
content-type: text/html;charset=utf-8
etag: W/"18f1-m8wsILObegUSZftaz3dMRskYfKA--gzip"
x-akamai-transformed: 9 1998 0 pmb=mTOE,2
content-encoding: gzip
date: Wed, 23 Nov 2022 21:57:16 GMT
content-length: 2185
vary: Accept-Encoding
set-cookie: OT-Session-Update-Date=1669240635; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:15 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:15 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=073FEE8D360636637D2E8C1D92049476~000000000000000000000000000000~YAAQpE8kF7KZUXuEAQAAfsJ+phE9Hg1RxHZZU044HzLUrHCcjdDC87HTR1scIOUdmvV2DiBikC2o3qOIL7P+JmhZbWc7WoOH0MxjvRaDUXmetmVv9v/p4eAu4aFcLF6g4+Y/QjO8dsfYLarNx/xqJbqFsOZtZLHEd++PuKMCS92f5xVwnXS6hb69YmBu8bMYLhqBTDi44+C5EbR8hfqEzdLJeNfhXTv8ELsO1m0RRAf671lEk9vsTsoTQcgXW3znPCo0gJXFWDBp0SbyGpwRvGW2UV11+aQ4WM+ji3Gk3cQn28xLLoecHW6tpuHnljwq0lTQft70FwW5g9sjUQMocH4GQtlEn5xN2j4ULZObVcTdvZhD4sM5lYHfmyp8sOiAH+MEhUnBe4ulG31F; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:15 GMT; Max-Age=7199; HttpOnly
bm_mi=9EEECD8FA4BCF98BBCB313EB194E8EBA~YAAQpE8kF7OZUXuEAQAAfsJ+phGb9dTUzz0wIYkC0eGROSWopevSWZrLbFpLOTbjxvYBENnTtoRW50CGsAkuxAR4DYg8T2OxvfKvnBEnvH3Go3qRXQ3xmcKBPKGPldhnFyVN9Z5BPq54vDhRWO2I66oM+oDrWmlswSOxvZmm0eAxv1Fy6RXtY/Vv4u/5n6KKkoEd/szTjGGmy8PqoiLisjqcHqr1paeB0ARx7QtvA6QCoYPJXD0g/Od6wCUbGCY+oOUn6WEpQF1vULpfOyuuZVNiGIHXul+M+hWbYIZS8AYel+YF3hzFi/WlYL1SBdwtYTnJgbu+fOuy18GU6Z4sxM+icIh/unjO0qU=~1; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 21:57:16 GMT; Max-Age=0; Secure
X-Firefox-Spdy: h2
silverpay.app/windsorarmshotel-egift
64.235.101.221302 Found 0 B URL HTTP/1.1 silverpay.app/windsorarmshotel-egift
IP 64.235.101.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /windsorarmshotel-egift HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 23 Nov 2022 21:57:15 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-cache, no-store
Expires: -1
Location: https://silverpay.app/windsorarmshotel-egift
Set-Cookie: APP_SLOT=8; path=/; secure; samesite=none
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
151.101.130.159200 OK 8.6 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP 151.101.130.159:0
File type ASCII text, with very long lines (30608), with CRLF line terminators
Hash 873b1895f0c7f297c1519f423dcfc4a0
6fc7f0275cacd5732e2221a1bdc3db7684158b7f
8646ca7d7f5a2b14b507406128b095e5a0493b1d88e973e94072c9d3a4668c69
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-788c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.916719,VS0,VE121
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8623
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8
151.101.130.159200 OK 8.8 kB URL HTTP/2 windsorarmshotel.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8
IP 151.101.130.159:0
File type ASCII text, with very long lines (27623), with CRLF line terminators
Hash 6ca50e8da24cc07892bc0b120cf25386
49d852db35204cf07198039b665f25936612d7b8
cf895310bffe8bd40e92f3241898e622c20891ae4187051564bb5742a1f47638
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.8 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 14:55:11 GMT
etag: W/"620e61cf-6cdd"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.902405,VS0,VE246
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8771
X-Firefox-Spdy: h2
unpkg.com/masonry-layout@4.2.2/dist/masonry.pkgd.min.js
104.16.125.175200 OK 28 kB URL HTTP/2 unpkg.com/masonry-layout@4.2.2/dist/masonry.pkgd.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (23966)
Hash 2d8d8cd60d05e55d38273bfe36069f2e
b655bb7d6c94df14c9be395e09120c6569f538c4
ac6498186bc782080078f17d8bc89afcb9b40ee0ba7552587231bdaed51ead4f
GET /masonry-layout@4.2.2/dist/masonry.pkgd.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:14 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5e27-0gJSz3bDvorzeoQV0TrTaMditNg"
via: 1.1 fly.io
fly-request-id: 01G4XGYMCFAZH6G0F9BW84YMWS-fra
cf-cache-status: HIT
age: 14687373
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ed28cfbd521bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.otstatic.com/reservation-widget-generator/1/js/oc-client.min.js
23.53.48.239200 OK 3.3 kB URL HTTP/2 cdn.otstatic.com/reservation-widget-generator/1/js/oc-client.min.js
IP 23.53.48.239:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (8945)
Hash 08df682d90fc781ace9e017506bc6284
a95d9ab18638cd4e2eea4dd2cf73fd074d470a70
f1e547aec027c84a840c37583c2a98faf1f889689ba25f3cc403b2501bbf9a21
GET /reservation-widget-generator/1/js/oc-client.min.js HTTP/1.1
Host: cdn.otstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "660af1e636086c8ea668d5a760c3d97b"
last-modified: Mon, 19 Sep 2022 22:24:09 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-amz-id-2: fG/MZlukfshnCaSLxorZ8Xrd7+RmTH/JSuTV0pBD35RtfJ77/D41XsXrRGcOCCNJh4+CaVFaxq8=
x-amz-request-id: RYTJ77SWRV3PV46T
content-length: 3275
cache-control: public, max-age=29934454
date: Wed, 23 Nov 2022 21:57:16 GMT
access-control-allow-headers: *
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: https://www.opentable.com, https://www.opentable.com
X-Firefox-Spdy: h2
www.opentable.com/akam/13/79a41c1c
104.110.15.18200 OK 8.8 kB URL HTTP/2 www.opentable.com/akam/13/79a41c1c
IP 104.110.15.18:0
File type ASCII text, with very long lines (14360)
Hash 91c47e4762cdf29f335db48e9e9c9d50
ace1c038ae2cc0a902d524f908950e02634ef9c6
d3148c74e33bbae25642311037b638ea8f569dd607a3dc53757aaaae0000c2bb
GET /akam/13/79a41c1c HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=wide&overlay=false&domain=com&lang=en-US&r3uid=u60k0cfLgR&newtab=false&disablega=false&color=1
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240635; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:06:59 GMT
etag: "5919d95231bd3a6bc958d84a6a9834cb4030106ea1aaf47e32ebd6e6eb866c9f"
content-type: application/javascript
content-encoding: gzip
unused62: 8096267
content-length: 8798
expires: Wed, 23 Nov 2022 21:57:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 23 Nov 2022 21:57:16 GMT
vary: Accept-Encoding
set-cookie: ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=9E4A5CE0696A196A89BFAD8D4D52F2F0~000000000000000000000000000000~YAAQpE8kF7SZUXuEAQAAM8N+phFlG827qRIuyxt7RSPnPJA6HWTgpsSreVsKYkDFHj8iZzYe5duaj2FyOsuNlkh53/qiorWZTTFsP2EdwUtGxA3NmsRFeObD3buLd7r+tc94j/JvXBm6zdkd878aPFxCLXM7z2KzvevQojobZYk9qldJXvIerNupFgwhA+bsbqsG1OnxuP2rUwG99CXANgQItQhSE8jG80KEJQLkZoht0J5hpoFm1U2stcJo6/31AYpaO26oQ8++ZevcsRTWn5UAmclb4aLlZlztsfydpL1axR5bTR/SDAat3pUYx0G910iwClTWgNft9PZeEzTWxiHO1/qBEH2WZNH7cBTsD+gvdFM2ZKdixpjsxoY4QRWPIeB92fv2gAjN6Abg27E/FKgIax+pQymwQ5SDDzJWt3eYGT3huu39WkCA4M5NsFt4TYO3MfnNAd+LAXfu8OHC71mcJ0yIS7dhZ7UoXs+i7YKq; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:16 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 043cdc8fd68348a98ac43506d1994b9e
648a442ef3373e3f0f07dcd51cdf599adb5ce2b5
c634fe9957aec5aeb1b8341121e693b8d5e6e21c75ffc36963bc2d5ede4ad2aa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92007
Date: Wed, 23 Nov 2022 21:57:16 GMT
Etag: "637d43bd-1d7"
Expires: Thu, 24 Nov 2022 23:30:43 GMT
Last-Modified: Tue, 22 Nov 2022 21:48:45 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vrC47Z8pR_AWKBwhzDVOZZuq4lF0KcZK7Q3o3gJt7EVcygzl8J-3Ag==
Age: 6119
www.opentable.com/akam/13/79a41c1c
104.110.15.18200 OK 8.8 kB URL HTTP/2 www.opentable.com/akam/13/79a41c1c
IP 104.110.15.18:0
File type ASCII text, with very long lines (14360)
Hash 91c47e4762cdf29f335db48e9e9c9d50
ace1c038ae2cc0a902d524f908950e02634ef9c6
d3148c74e33bbae25642311037b638ea8f569dd607a3dc53757aaaae0000c2bb
GET /akam/13/79a41c1c HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=standard&overlay=false&domain=com&lang=en-US&r3uid=Nv_vzrQCvS&newtab=false&disablega=false&color=1
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240635; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:06:59 GMT
etag: "5919d95231bd3a6bc958d84a6a9834cb4030106ea1aaf47e32ebd6e6eb866c9f"
content-type: application/javascript
content-encoding: gzip
unused62: 8096267
content-length: 8798
expires: Wed, 23 Nov 2022 21:57:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 23 Nov 2022 21:57:16 GMT
vary: Accept-Encoding
set-cookie: ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=D8249F6CD35F8A95C773EF6F1C1C5377~000000000000000000000000000000~YAAQpE8kF7WZUXuEAQAAVcN+phHBU4xX1+vz/FDntMx29rUWJpWzJU54P5xq5UbKbIKsMVS4HFj8qaBAZ/OAGidou8tA6uUpHKGP1K7AIocRSiZTQNMm5UySBOGCPu8hnuWSrWm7axnSMrGAgnPn4LtzC6jemnKstPfmvCB2/VmkVYIHZHWvSf7FeaeTQidlO5z+oqLVutVlmf+lgVYBaGZDb9ta3PxQitNmWgci5YX5lOFGpwv0EIwwsJyuCkA7Zulm8H5BvTc0YipoHb2T0AzhXENZ9/UKYdWWBm0bWFHgKBfvTgS4FzSjJ1AjGaAJtudUUuclFKxCAqKGgfofMlYz7tYzAFuaYy7CLWMetiL5lIP7uY/7Hlyjisj9RMeN3IGJ/URGpDngwC9ZxU+axQC3XMf8M9C5TAyX/s3sNpmvgo98bjKMQihPKSG1E+tSupp5/v8r4BAS3a7ICArgF2vhUzBi4LqouUJu//h/Cf9X; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:16 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.11.2/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32047)
Hash 22bf4b68d3eebccf7ea9f53ec67a399a
49421cd353721f9eed9cda0806279e5611f52399
f384c9744b87a36902670bfb5942c862dc63c0d9edb64d45ca9001b75fea947d
GET /ajax/libs/jquery/1.11.2/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 29919
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-176de"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3630470
expires: Mon, 13 Nov 2023 21:57:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww76zYC7vMChzxElxg6rN4Y4wToGFwFqHhEDm1YxA1ThN%2Fzlvg4Rd5%2F4rO%2BMq7dgaHy%2BHxmzMLOY7owBvXrjYL8aBoPtYdkEFm4Z0H3iw2bYOKQsw%2F62CitVPIArAFsTXPzEO9k%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed28d88879b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
components.otstatic.com/components/reservation-widget-standard/5.0.8/assets/css/style.css
23.53.48.239200 OK 10 kB URL HTTP/2 components.otstatic.com/components/reservation-widget-standard/5.0.8/assets/css/style.css
IP 23.53.48.239:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (7089)
Hash b3230fbe485f2b15b80e33609425cf3b
9f0e0e18d07c9c6c13ede687a82aae052b6ab5f1
e278a73c60ed91eef60ca6f2229828003c56ab7861d93c9fb81dbd30b3b70559
GET /components/reservation-widget-standard/5.0.8/assets/css/style.css HTTP/1.1
Host: components.otstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: tUnWc6KWRbqBui/QATSYTgIhNlcNKohLIRhdaztFeyiG/xRf9wFAOGXdaU+sXciC6QPH5DQveqY=
x-amz-request-id: S1RM7P5DP49JE1CH
last-modified: Fri, 16 Sep 2022 16:32:54 GMT
etag: "4788a4c6fb6fe32b851397cf0698c1d6"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 16 Sep 2023 16:32:52 GMT
date: Wed, 23 Nov 2022 21:57:16 GMT
content-length: 9999
access-control-allow-headers: *
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2018/12/wedding.jpg?id=12772
151.101.130.159200 OK 131 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/12/wedding.jpg?id=12772
IP 151.101.130.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1889x915, components 3\012- data
Size 131 kB (131206 bytes)
Hash 9bfaf285b2be15e8598a9e3e49f8c8af
674e17fb388aa06ce6e0a839a9edce6fec8c4134
f7b84cadb49dce897d70762ff56754cc5d6e69646b81c086645b156ba0c5b9fd
GET /wp-content/uploads/2018/12/wedding.jpg?id=12772 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 17 Feb 2022 14:52:40 GMT
etag: W/"620e6138-20383"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.570442,VS0,VE695
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 131206
X-Firefox-Spdy: h2
www.opentable.com/widget/reservation/cookie-check/set
104.110.15.18200 OK 361 B URL HTTP/2 www.opentable.com/widget/reservation/cookie-check/set
IP 104.110.15.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cdd4743e0c53737377c0b460665ca552
71d1088fb35f47e9e02c968db64ec5cd79461aed
5d42533c3aee6bd260ac3f3bdb5820463889c98677e5fad275db676db1b8840c
GET /widget/reservation/cookie-check/set HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240635; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: 1221e701-7c3a-4369-90b3-0e339ee83c39
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: 122CA8B8-A82E-43BF-9731-A5C26A0EC02A
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
content-type: text/html;charset=utf-8
etag: W/"20f-pVtGvO1SLkviS17zm3oVKpT1Oi8--gzip"
content-encoding: gzip
content-length: 361
date: Wed, 23 Nov 2022 21:57:16 GMT
vary: Accept-Encoding
set-cookie: ot-cookie-check=1221e701-7c3a-4369-90b3-0e339ee83c39; Domain=.opentable.com; Path=/; Secure; SameSite=None
OT-Session-Update-Date=1669240636; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:16 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:16 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=27AF4ED1D2015E24C466FA9714C21C5F~000000000000000000000000000000~YAAQpE8kF7aZUXuEAQAAwcN+phHFk2NpucrWDcvjaX5e7CtUiQeZYVjJw63CdE6Z4BLV8vqe5XAi2QXdJIEKCd8uEzxUv8tJXJBTbQSRN5O8SYQRA0a1ur6phbFtieycBVADkM/p4KKgE5AvbapRpJIMCMjGhPGyOLdYrgh4V+qWASSPLHiP4L8LIV6PULWBOKVnVYaIJbQciQSCR/YiPo0iMhuNAJ/i51/TnpWahsNR2WnQxOp12oJZRgDudGk/zEnRZVInXA1R8vJjQvalAa6VTHXyvqGDHJRhi9PT7BVG0ifYTUE3x1yLbweTnc2aHfTzE74I/QyqwZP6b7nnzYZIY46uVObhRn2+K7Xdsr1RHKgpegajpBHXkFh91PWnuXE8qe8stP0L5efj; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:16 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
components.otstatic.com/components/reservation-widget-standard/5.0.8/assets/js/bundle.js
23.53.48.239200 OK 91 kB URL HTTP/2 components.otstatic.com/components/reservation-widget-standard/5.0.8/assets/js/bundle.js
IP 23.53.48.239:0
ASN #1299 Telia Company AB
Hash 65ca5d369612c4e70caf19cf3d257c20
ff3fab30963ba9bded1af5b1eb96bfed3ea49d6f
519d93dba71422790264c122373d6ab34f94b80eee2b74729286f74af86049ca
GET /components/reservation-widget-standard/5.0.8/assets/js/bundle.js HTTP/1.1
Host: components.otstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 3LmfaJRo9IeZ3w4l45HvtglLRnKAujvOG5ZWimpaYEKPQmsdVEKJqJymtKmwKkPk+JigVHRTJv8=
x-amz-request-id: S1RNET732N98MTZ8
last-modified: Fri, 16 Sep 2022 16:32:54 GMT
etag: "360515d7ba9ef4f6d38923f171ec7865"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 16 Sep 2023 16:32:52 GMT
date: Wed, 23 Nov 2022 21:57:16 GMT
access-control-allow-headers: *
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
silverpay.app/windsorarmshotel-egift
64.235.101.221200 OK 13 kB URL HTTP/1.1 silverpay.app/windsorarmshotel-egift
IP 64.235.101.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9056), with CRLF line terminators
Hash 9d6c23928a5b6196758c23c11346feec
9c93265e5ac0d070f455bbabea6e407f704a10ee
7f13a528a33cbb3ee9a7678ba19e7add0b36d678adf7cdaca75ce75439f6718a
GET /windsorarmshotel-egift HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Cookie: APP_SLOT=8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:16 GMT
Content-Type: text/html
Server: Kestrel
Content-Length: 12924
Cache-Control: no-cache, no-store
Expires: -1
Set-Cookie: APP_SLOT=8; path=/; secure; samesite=none
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6334
Cache-Control: max-age=151969
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:16 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 16:10:05 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
windsorarmshotel.com/wp-content/uploads/2019/01/cropped-Crest-32x32.png
151.101.130.159200 OK 2.7 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2019/01/cropped-Crest-32x32.png
IP 151.101.130.159:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 073cd82ea0a1f73ce7506cf85b60864e
2f8b797cdbf436b019cff6603dce95801a98d598
618964462037cc4e5d10758c5bb3e16c54df96cbe9dd4a79ce0789575ac3ce07
GET /wp-content/uploads/2019/01/cropped-Crest-32x32.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:53:13 GMT
etag: W/"620e6159-a64"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240637.641530,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2688
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Zk44JVKrrI7EHbnGkBRaJId/ZOAAIuVWgsatd2YAxYViuHXyi2HgXOyMIYxv6r7iyYGMK42I17qFAh/zjGhueQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 21:57:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6465
Cache-Control: max-age=152101
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:57:16 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 16:12:17 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
windsorarmshotel.com/wp-content/uploads/2018/12/corpo.png?id=13271
151.101.130.159200 OK 689 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2018/12/corpo.png?id=13271
IP 151.101.130.159:0
File type PNG image data, 1889 x 915, 8-bit colormap, non-interlaced\012- data
Size 689 kB (688620 bytes)
Hash 8bb760154c19afa15ec53e2a09115a4d
561d621fdd899ff724cd10487f1a51d7590f7ce9
2c06ed2fc5788a250610d94f0a6527a15214e28be710ca023f8ca6245a293d23
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/12/corpo.png?id=13271 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:52:47 GMT
etag: W/"620e613f-a8108"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240636.571542,VS0,VE1031
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 688620
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2019/02/top.svg?id=14231
151.101.130.159200 OK 2.3 MB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2019/02/top.svg?id=14231
IP 151.101.130.159:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 2.3 MB (2334151 bytes)
Hash 0d4f6b5ced179a7fb5c143f4c29ea218
7286d5ff93c5a7703086f5648e0e55d9ca0f6234
af0b7f2cc4d8234b7cf669b04730ac1c5cec6a9a80b85c67e8264c36ec8e72d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2019/02/top.svg?id=14231 HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Feb 2022 14:52:45 GMT
etag: W/"620e613d-325274"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:16 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240635.125184,VS0,VE1233
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 2334151
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/uploads/2019/01/cropped-Crest-192x192.png
151.101.130.159200 OK 48 kB URL HTTP/2 windsorarmshotel.com/wp-content/uploads/2019/01/cropped-Crest-192x192.png
IP 151.101.130.159:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash d0c883faeabf278aa8599043daeb6d08
a500c51e3a7980ac6f1e8332c03ba9e02717b985
75a5e536159c3dbdec808012d579df98aba9850efb4b746df73c3b470bf2ae4e
GET /wp-content/uploads/2019/01/cropped-Crest-192x192.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 17 Feb 2022 14:52:26 GMT
etag: W/"620e612a-b965"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:17 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669240637.635766,VS0,VE652
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 47494
X-Firefox-Spdy: h2
www.opentable.com/akam/13/pixel_79a41c1c
104.110.15.18200 OK 0 B URL HTTP/2 www.opentable.com/akam/13/pixel_79a41c1c
IP 104.110.15.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /akam/13/pixel_79a41c1c HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2552
Origin: https://www.opentable.com
Connection: keep-alive
Referer: https://www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=wide&overlay=false&domain=com&lang=en-US&r3uid=u60k0cfLgR&newtab=false&disablega=false&color=1
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240636; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; ot-cookie-check=1221e701-7c3a-4369-90b3-0e339ee83c39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Wed, 23 Nov 2022 21:57:17 GMT
set-cookie: ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=CF79E83BF35CCC42D40496EBD92F4CAF~000000000000000000000000000000~YAAQpE8kF7iZUXuEAQAAssl+phHfYmOFQ28cfNzhRO7f68qXeZMtz47jfBFlPwq8ym8qVlG5OfDs1QYR/QzEObpSl58gtmseTZ6zxxXVKFCbC8/GurC0P5bJakpNeMOZ6bBqcCtXzvylKbJeCs9y+m/cHBYN9H+r4xX5fET/A2/ValkXXjaS5rIBIdT7f45Pq3g1wZB1I7Q7sB9t/5ZSNzH+q40wQ/ZtXg3CZfYQXEsSGmLH2YtgwIgF3E4uhyFcM0NrcK/47YpvSQIrb8iO86ymYeTHTutIz9eYG4qLfpvZoK3dpTrHlzZL7GwohwpBEdkLedOT/jt1ewADB6uM0Rxo2Ub8elGaUb/vlBVMmxHSlK+k+LG7JUoSBNdJnLMYjbij2Y6hGMkVVRU6MaRla5I7JC3xrc6e; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:17 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.opentable.com/akam/13/pixel_79a41c1c
104.110.15.18200 OK 0 B URL HTTP/2 www.opentable.com/akam/13/pixel_79a41c1c
IP 104.110.15.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /akam/13/pixel_79a41c1c HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2551
Origin: https://www.opentable.com
Connection: keep-alive
Referer: https://www.opentable.com/widget/reservation/canvas?rid=115024&type=standard&theme=standard&overlay=false&domain=com&lang=en-US&r3uid=Nv_vzrQCvS&newtab=false&disablega=false&color=1
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240636; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; ot-cookie-check=1221e701-7c3a-4369-90b3-0e339ee83c39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Wed, 23 Nov 2022 21:57:17 GMT
set-cookie: ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=DE3A700EBCFBD729576FFCC6E20BA316~000000000000000000000000000000~YAAQpE8kF7mZUXuEAQAAs8l+phFpUki6jtnzL8M3HP2wFAPQkqwTL8rpTH4Y+zvUSzugAaBNWposhAh+9HPl2jmK3GdA62H3lEuXuA4Vleu36n+Xpks/shAl3aAvn6Tyd3H0TnbetsOWR2DkZcz5knpb0Yk05LfKpEkMo/W0hhPgRm4aLw5WwTV5WXFdpZoBLpfsYLn02yM4ctXxPWG/NJZfbiO7UwEHtEmAYXgUxpGkHii29TEb5Uk1ZuWiG4HOemJ0AmiUEnzI3mq/djUNCinrzb5hwQjh76aqsLwsh/XKA43xlEBiTc1blMqnw5uORDN8U0MjX/jmmruyU3cxMP94BdJ7vsScOr3npFbugG2NXgiD8Lx0i89zJBNFi8fA3dqSOH2Vix9LWooX4i9Uc7U8CiN0EjNJ; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:17 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
silverpay.app/runtime-es2015.f8718d2979927aa6a9b4.js
64.235.101.221200 OK 643 B URL HTTP/1.1 silverpay.app/runtime-es2015.f8718d2979927aa6a9b4.js
IP 64.235.101.221:0
File type ASCII text, with very long lines (1440), with no line terminators
Hash 0ce172313bb0a8b0cf196216abea9da5
0f1826c83ca6b8d19ca223d4726206f218cee88a
cc469939917e458192bb14bb0e288e5c5c2e0104c9b7b95065e596a0437be7bc
GET /runtime-es2015.f8718d2979927aa6a9b4.js HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: application/javascript
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br
www.opentable.com/widget/reservation/cookie-check/get
104.110.15.18200 OK 475 B URL HTTP/2 www.opentable.com/widget/reservation/cookie-check/get
IP 104.110.15.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0b6eb3b4ced10588f7ccac600e16ce
8d314209fdfecce1f4cd71a69a155999ec03deea
f618c0139d96a5e268f32b500ec27d6b1c86ed66af4a68dccb6236859a0646ec
GET /widget/reservation/cookie-check/get HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240636; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; ot-cookie-check=1221e701-7c3a-4369-90b3-0e339ee83c39
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: 7270149e-b939-4be1-9bf6-9cf9447eaa11
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: 122CA8B8-A82E-43BF-9731-A5C26A0EC02A
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
content-type: text/html;charset=utf-8
etag: W/"2ee-etTan9gsnSIQXdtHkXPCig+HHzs--gzip"
content-encoding: gzip
content-length: 475
date: Wed, 23 Nov 2022 21:57:17 GMT
vary: Accept-Encoding
set-cookie: OT-Session-Update-Date=1669240637; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:17 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:17 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
ak_bmsc=BD53958FB58F94EDFB4BB2C2E0A6DD25~000000000000000000000000000000~YAAQpE8kF7qZUXuEAQAACcp+phE5DtNojCRvj91x4qUc2T+tbhu++xZ416EHGrowBv7KPw6ACyuzLDFvrcarbPbsrn6C4zF8djcOAnxXSJZsripT3tmpghM0qcthRR1puEFz5x1dlK1DprYGEq5d+eu7+nrA2WIo5mvweZV3sV2U8AMCGRrhyFitiQkRFRbmYhbCmHY8WhZnutu+0dS25XOKXQfobTIHzt32KaBSldZ/V8jSFSICHG6WcWFCNUG8NhjYM3P1dkpfjFM8SdVpBKHyWtrI8YX7lvn7vDQhrVsiq1WZ9gKX5krUCa30ypziAs7ZrEapwRXJkthLz3C6qMTm0GCdOknX0eu4OltYh0CWEJY8bLNtgnwEdwJ2bKn6DrIUfVnbSV63B1fn; Domain=.opentable.com; Path=/; Expires=Wed, 23 Nov 2022 23:57:17 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/img/cross.png
151.101.130.159200 OK 266 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/img/cross.png
IP 151.101.130.159:0
File type PNG image data, 58 x 58, 1-bit colormap, non-interlaced\012- data
Hash 19fe78eb760bbc25d92099a20ee32296
5485e131c726c371b37e565c475accfd03129434
8e98d2964e53e6ef58377d931ebeb00328bc447a40ccbf299e0819a4cbd0c088
GET /wp-content/plugins/Ultimate_VC_Addons/assets/img/cross.png HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/modal.min.css?ver=3.19.9
Connection: keep-alive
Cookie: _pk_id.6123.a5c9=47c44140ab98d068.1669240636.1.1669240636.1669240636.; _pk_ses.6123.a5c9=1; _ga=GA1.2.550028991.1669240638; _gid=GA1.2.1674281921.1669240638; _gat_UA-8357385-1=1; _gat_UA-131215420-4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 18 Feb 2022 19:26:44 GMT
etag: W/"620ff2f4-f7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:17 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240638.976346,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 266
X-Firefox-Spdy: h2
silverpay.app/polyfills-es2015.1e4773e8441aaffc12e5.js
64.235.101.221200 OK 11 kB URL HTTP/1.1 silverpay.app/polyfills-es2015.1e4773e8441aaffc12e5.js
IP 64.235.101.221:0
File type ASCII text, with very long lines (37053), with no line terminators
Hash 66ef44da3b78a9d4469053e52b5ddd40
7117542d81f135a33488176cbabe573a0c626ee8
ece1df66d0270f8afd3e00ac5a51ab55682993f0b3576b320f045d7c66df560d
GET /polyfills-es2015.1e4773e8441aaffc12e5.js HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: application/javascript
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br
silverpay.app/windsorarmshotel-egift
64.235.101.221200 OK 13 kB URL HTTP/1.1 silverpay.app/windsorarmshotel-egift
IP 64.235.101.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9056), with CRLF line terminators
Hash 9d6c23928a5b6196758c23c11346feec
9c93265e5ac0d070f455bbabea6e407f704a10ee
7f13a528a33cbb3ee9a7678ba19e7add0b36d678adf7cdaca75ce75439f6718a
GET /windsorarmshotel-egift HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Cookie: APP_SLOT=8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: text/html
Server: Kestrel
Content-Length: 12924
Cache-Control: no-cache, no-store
Expires: -1
Set-Cookie: APP_SLOT=8; path=/; secure; samesite=none
payments.silverwarepos.com/Assets/JS/silverware-payments-v3.js
64.235.101.238200 OK 14 kB URL HTTP/1.1 payments.silverwarepos.com/Assets/JS/silverware-payments-v3.js
IP 64.235.101.238:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash de0666a58e6756fb87852b6ee7d449f0
d8f5dc99d86b3ab53da15843e3ecd7a886164676
7b32d53e996c22a2bf51dea135607f6af9addb567681aa907bfe3953037e3c8e
GET /Assets/JS/silverware-payments-v3.js HTTP/1.1
Host: payments.silverwarepos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=51840000
Content-Length: 13623
Content-Type: application/javascript
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 21:57:17 GMT
payments.silverwarepos.com/Assets/JS/silverware-payments-v3.js
64.235.101.238200 OK 14 kB URL HTTP/1.1 payments.silverwarepos.com/Assets/JS/silverware-payments-v3.js
IP 64.235.101.238:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash de0666a58e6756fb87852b6ee7d449f0
d8f5dc99d86b3ab53da15843e3ecd7a886164676
7b32d53e996c22a2bf51dea135607f6af9addb567681aa907bfe3953037e3c8e
GET /Assets/JS/silverware-payments-v3.js HTTP/1.1
Host: payments.silverwarepos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=51840000
Content-Length: 13623
Content-Type: application/javascript
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 21:57:18 GMT
silverpay.app/styles.6837f1267579d6077f25.css
64.235.101.221200 OK 20 kB URL HTTP/1.1 silverpay.app/styles.6837f1267579d6077f25.css
IP 64.235.101.221:0
File type ASCII text, with very long lines (65324)
Hash 5d07b74651fdafcd576644fd4cac2f47
0499ae7fd196983b4dc203d70109ca62e2917a8b
6a1ba614d64028de77ebf9094055bc76dc08bc2689eb04c3103baa06d524a8d3
GET /styles.6837f1267579d6077f25.css HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: text/css
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br
www.opentable.com/widget/reservation/public/js/cookiecheck.min.js
104.110.15.18200 OK 689 B URL HTTP/2 www.opentable.com/widget/reservation/public/js/cookiecheck.min.js
IP 104.110.15.18:0
File type ASCII text, with very long lines (1321), with no line terminators
Hash 9ad66db9d88136f42d71f1284cfdbbef
600fd0858d8983bf98cae8a76bfe3c1cb504143f
efcddd65777ff2a2e02c56fc46e7908928e4237bad42d94031d017936e0bce03
GET /widget/reservation/public/js/cookiecheck.min.js HTTP/1.1
Host: www.opentable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.opentable.com/widget/reservation/cookie-check/get
Cookie: otuvid=122CA8B8-A82E-43BF-9731-A5C26A0EC02A; OT-Session-Update-Date=1669240637; OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; ot-cookie-check=1221e701-7c3a-4369-90b3-0e339ee83c39
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
ot-requestid: fb6001be-9b13-42f1-94e8-573e65bfe242
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
ot-anonymousid: C05296DF-7D37-4B0E-A92A-6C35311691EA
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS, PUT, POST
accept-ranges: bytes
last-modified: Tue, 22 Nov 2022 00:17:52 GMT
etag: W/"529-1849cb2c380--gzip"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
content-length: 689
cache-control: public, max-age=0
date: Wed, 23 Nov 2022 21:57:18 GMT
vary: Accept-Encoding
set-cookie: OT-Session-Update-Date=1669240638; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:18 GMT; Max-Age=1800; Secure; SameSite=None
OT-SessionId=16e81139-5fea-497e-9ca9-39718f07967d; Path=/; Domain=opentable.com; Expires=Wed, 23-Nov-2022 22:27:18 GMT; Max-Age=1800; Secure; SameSite=None
ha_userSession=lastModified=2022-05-04T19%3A40%3A53.000Z&origin=prod-sc; Secure; SameSite=Strict
X-Firefox-Spdy: h2
silverpay.app/polyfills-es2015.1e4773e8441aaffc12e5.js
64.235.101.221200 OK 11 kB URL HTTP/1.1 silverpay.app/polyfills-es2015.1e4773e8441aaffc12e5.js
IP 64.235.101.221:0
File type ASCII text, with very long lines (37053), with no line terminators
Hash 66ef44da3b78a9d4469053e52b5ddd40
7117542d81f135a33488176cbabe573a0c626ee8
ece1df66d0270f8afd3e00ac5a51ab55682993f0b3576b320f045d7c66df560d
GET /polyfills-es2015.1e4773e8441aaffc12e5.js HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:18 GMT
Content-Type: application/javascript
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br
www.facebook.com/tr/?id=296202441030132&ev=PageView&dl=https%3A%2F%2Fwindsorarmshotel.com%2F&rl=&if=false&ts=1669240638114&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669240638113.1687721726&it=1669240637639&coo=false&rqm=GET
157.240.200.35200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=296202441030132&ev=PageView&dl=https%3A%2F%2Fwindsorarmshotel.com%2F&rl=&if=false&ts=1669240638114&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669240638113.1687721726&it=1669240637639&coo=false&rqm=GET
IP 157.240.200.35:0
File type gzip compressed data, from Unix\012- data
Hash ff9c770d1977044bad58a211d2c41f91
e66a57e8fc935d1aefdde662b3f14b15322e0c31
cdb57c513f171f351ed57b163460eaed8e1b3d856abcc32225290f2dc9edeaf0
GET /tr/?id=296202441030132&ev=PageView&dl=https%3A%2F%2Fwindsorarmshotel.com%2F&rl=&if=false&ts=1669240638114&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669240638113.1687721726&it=1669240637639&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 23 Nov 2022 21:57:18 GMT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.0.3
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.0.3
IP 172.64.133.15:0
GET /releases/v5.5.0/css/all.css?ver=6.0.3 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:13 GMT
content-type: text/css
x-amz-id-2: AtAlRlAdcAbR55kFZwG45w/leZJ5ClLZbbmFzoDSDH925UfN5fDVFsa8VxBHbDO+vdWm13J5BpA=
x-amz-request-id: QR5F819WWEV2PH3W
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 515197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK8XN8nPyf1GnCDEESG8%2FI3sY4vT1iHj6uA3wIJ3IRatYpxoPY0oyS1TaDQZoBdzvfS410IUTKM20cc5qCFYHNWdUzaT0e9aKLhQadywqufReZmU%2FsuvRL3bx791Wuc2AnvZUWBh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ed28c7786b06bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
silverpay.app/main-es2015.6bc5391746761aaad633.js
64.235.101.221200 OK 0 B URL HTTP/1.1 silverpay.app/main-es2015.6bc5391746761aaad633.js
IP 64.235.101.221:0
GET /main-es2015.6bc5391746761aaad633.js HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: application/javascript
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:57:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 14687387
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76ed28ca4a560af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/carousel.css
151.101.130.159200 OK 0 B URL HTTP/2 windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/carousel.css
IP 151.101.130.159:0
GET /wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes/carousel.css HTTP/1.1
Host: windsorarmshotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://windsorarmshotel.com/wp-content/plugins/designthemes-core-features/shortcodes/css/shortcodes.css?ver=6.0.3
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Feb 2022 14:55:05 GMT
etag: W/"620e61c9-3b79"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: 8iypdqt99y
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 21:57:13 GMT
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669240634.699759,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3086
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Open+Sans&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 21:57:13 GMT
date: Wed, 23 Nov 2022 21:57:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js?ver=6.0.3
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/masonry-layout@4/dist/masonry.pkgd.min.js?ver=6.0.3
IP 104.16.125.175:0
GET /masonry-layout@4/dist/masonry.pkgd.min.js?ver=6.0.3 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://windsorarmshotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 21:57:13 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /masonry-layout@4/dist/masonry.pkgd.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJK7XEC8YYDGN24X1P83F7R3-fra
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ed28c88ade1bfa-OSL
X-Firefox-Spdy: h2
silverpay.app/main-es2015.6bc5391746761aaad633.js
64.235.101.221200 OK 0 B URL HTTP/1.1 silverpay.app/main-es2015.6bc5391746761aaad633.js
IP 64.235.101.221:0
GET /main-es2015.6bc5391746761aaad633.js HTTP/1.1
Host: silverpay.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverpay.app/windsorarmshotel-egift
Cookie: APP_SLOT=8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:57:17 GMT
Content-Type: application/javascript
Server: Kestrel
Cache-Control: public,max-age=2592000
Transfer-Encoding: chunked
Content-Encoding: br