r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2938
Expires: Sat, 14 Jan 2023 06:39:33 GMT
Date: Sat, 14 Jan 2023 05:50:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16673
Expires: Sat, 14 Jan 2023 10:28:28 GMT
Date: Sat, 14 Jan 2023 05:50:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6845
Expires: Sat, 14 Jan 2023 07:44:40 GMT
Date: Sat, 14 Jan 2023 05:50:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 05:42:01 GMT
content-type: application/json
age: 514
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UPVKzykr8OqUwVvvU7oNXRC89Cn/o5eeemWLNL51xmMYd0euupIFIqw1UxzY/5qk+GKYroob7mo=
x-amz-request-id: 61KM648A4WM7TV3T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 04:54:48 GMT
age: 3347
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 05:50:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
paradisecharterfishing.com/eligendi-quia/documents.zip
50.87.147.174301 Moved Permanently 270 B URL HTTP/1.1 paradisecharterfishing.com/eligendi-quia/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc00f33ee486edd42a0e06425bec8fc5
b418acb2424b7c5ee0b7caf0dcd2e1a5df8de418
7a2d7d69c4a3879869f391483dccc2286876bfeabcc1ec5345272cb06ed0ca9d
Analyzer Verdict Alert fortinet Malware
GET /eligendi-quia/documents.zip HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 14 Jan 2023 05:50:36 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Expect-CT: max-age=7776000, enforce
Location: https://paradisecharterfishing.com/eligendi-quia/documents.zip
Cache-Control: max-age=0
Expires: Sat, 14 Jan 2023 05:50:36 GMT
Content-Length: 270
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 05:33:45 GMT
age: 1011
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5766
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:36 GMT
Last-Modified: Sat, 14 Jan 2023 04:14:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.101.241101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.101.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: szmBtBu7NEQ1rMKAK6oRBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VnfcthlBXHRD38sqI4yeDNYDhD0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d09f88265a8758f21f4a3bcb7ace3ef
e3487e87e33c4f76d092bbee3c75af53f617167a
6221341e2226676506a4fcd238533272fc8c716c9fa76a19718ec3d1ca56e2d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6221341E2226676506A4FCD238533272FC8C716C9FA76A19718EC3D1CA56E2D0"
Last-Modified: Thu, 12 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Sat, 14 Jan 2023 11:50:02 GMT
Date: Sat, 14 Jan 2023 05:50:36 GMT
Connection: keep-alive
paradisecharterfishing.com/eligendi-quia/documents.zip
50.87.147.174301 Moved Permanently 0 B URL HTTP/2 paradisecharterfishing.com/eligendi-quia/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /eligendi-quia/documents.zip HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Sat, 14 Jan 2023 06:50:37 GMT
cache-control: max-age=3600
x-redirect-by: redirection
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
location: https://paradisecharterfishing.com/
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 05:50:36 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paradisecharterfishing.com/
50.87.147.174200 OK 38 kB URL HTTP/2 paradisecharterfishing.com/
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26352)
Hash d19927b9f1dba77dba4d6952bcb8564d
08e7b6bbb10997fc45c0f0530f97181603ece947
8e7f4538cc2ad0ff3f1fdadd7f01354803f3e695004a39105e3e9d977224300d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
last-modified: Sat, 14 Jan 2023 04:22:39 GMT
accept-ranges: bytes
content-length: 38441
cache-control: max-age=0
expires: Sat, 14 Jan 2023 05:50:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-D7K18PZHCT
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-D7K18PZHCT
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 70f40be1d74ae39339a4efd1c1cef06f
427aac54782fcf1bab4ff6f0ead34d5b4b14869a
a6dca8906eb138c0ae234bd8d575a26ac8d5579b7eb7e39d0b0efdeebeb34ab1
GET /gtag/js?id=G-D7K18PZHCT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 05:50:37 GMT
expires: Sat, 14 Jan 2023 05:50:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-PREGFZQBK3
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-PREGFZQBK3
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 3d45a09adbbf67237262496fa541ef28
ab8aa786330019bea16f24cb214c50b88eba248b
1982f386d3d8a0b42af09dff8f4f7645a5d2acd18dde35bf4bec29c621fad5a4
GET /gtag/js?id=G-PREGFZQBK3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 05:50:37 GMT
expires: Sat, 14 Jan 2023 05:50:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.23
50.87.147.174200 OK 4.1 kB URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.23
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19513), with CRLF line terminators
Hash 479b06f4835f5645015c034bc75a03c2
cc62bb73add87b76a1e93e2fd3b490201cce93f0
b82652e2995fde9013d4111c180365b1f5f432556a32edd92c8a6e9a1efb5b4b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dg-carousel/styles/swiper.min.css?ver=2.0.23 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 18:36:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 4080
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.23
50.87.147.174200 OK 626 B URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.23
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 7f3b0cb942122b099026dcc5ad45b81a
eb240b8712b877b34b3f7cbe58dd90f18f778523
f314db4e8fe6dcaafb86df9501829a392677fa1e90c9f233c84e10feb804a935
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dg-carousel/styles/light-box-styles.css?ver=2.0.23 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 18:36:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 626
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/et-cache/18/et-divi-dynamic-tb-23-tb-112-18.css?ver=1673322979
50.87.147.174200 OK 8.5 kB URL HTTP/2 paradisecharterfishing.com/wp-content/et-cache/18/et-divi-dynamic-tb-23-tb-112-18.css?ver=1673322979
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6470)
Hash 3d06375deeb0c2c4348f960beb2f768e
4161b2fd4fe51501d4cad0add115a86cdbef4202
be562a863207d312ea5a11abf29cd1d7d031332199a53a24d5ee828d0e748cad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/18/et-divi-dynamic-tb-23-tb-112-18.css?ver=1673322979 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 03:56:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 8519
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-18.min.css?ver=1673322979
50.87.147.174200 OK 472 B URL HTTP/2 paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-18.min.css?ver=1673322979
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1113), with no line terminators
Hash 17c03b1827bf9e5f2921bf055037fcdf
f1819aee45e292ed33c80289754c5f2bb2bc1108
0216a6675761ffd5f884de7646601f3bf563554c88d932d7812f28f423325b34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/et-cache/18/et-core-unified-18.min.css?ver=1673322979 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 03:56:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 472
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980
50.87.147.174200 OK 4.5 kB URL HTTP/2 paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (22742), with no line terminators
Hash 84de08a43a4a41c4d5016e0387788232
d7e4995d10db0467d95d6f0b10b3c3d64b024b1d
b010e0c91be81fb0f9b7ac38e0f9b7ee0987f2f48926b7994ad1dd66727b2e08
GET /wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 03:56:20 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 4519
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
50.87.147.174200 OK 3.9 kB URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 13 Jan 2023 06:33:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 3861
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.23
50.87.147.174200 OK 4.2 kB URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.23
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20092), with no line terminators
Hash bbb5559620e8d311d34837e4d30c285f
1c51373c05f345975a98033f4aaefd7bafe80c42
5d6f5dc07455ff91fbf80bda47437ebba5c223c0b2d53c7ec94768dbab2f0676
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dg-carousel/styles/style.min.css?ver=2.0.23 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 18:36:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 4247
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69c011429c0b1f8a0c091474b207c240
fe2c5e1854a65d8a2b669fc54aa0c827f07e428b
409f967eeebf5472cb0d2a917b9285e52b21950f672c6c37a19285d3375edc7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paradisecharterfishing.com/wp-content/uploads/2021/03/Trip-A-1280x862.jpg
50.87.147.174200 OK 147 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/03/Trip-A-1280x862.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1280x862, components 3\012- data
Size 147 kB (147025 bytes)
Hash 1dabcde62b0b31ce69099bd8832654e2
1ef0d0af1c449a18775d59ff50a26e52178a5d29
2dbf086a82e483e00abbb2e37e0c4ccc77171444c6cc69e4879307a69d60a1a7
GET /wp-content/uploads/2021/03/Trip-A-1280x862.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 15:37:01 GMT
accept-ranges: bytes
content-length: 147025
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22648, version 1.0\012- data
Hash 6cad9967814c821174259b5dfa364550
92d688d34e496a5717593bccc7f3a0df78f1be0c
f684d0da0d6fe90b95711213a5bc9431580b0ebecb864f8f8de30ad70eb64559
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 11:27:31 GMT
expires: Fri, 12 Jan 2024 11:27:31 GMT
cache-control: public, max-age=31536000
age: 152587
last-modified: Wed, 11 May 2022 19:24:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/03/Trip-B-1280x862.jpg
50.87.147.174200 OK 145 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/03/Trip-B-1280x862.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x862, components 3\012- data
Size 145 kB (145120 bytes)
Hash a01b813eb6f9459f9c4b2240466e16fb
8787ee68c57d2d967f773c722adca6dc61909f2b
00da9968272c12cceb2e8cc23830c5de9b6b99291d057a364e6eb0811ef6b4d3
GET /wp-content/uploads/2021/03/Trip-B-1280x862.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 145120
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9967
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 05:50:38 GMT
Connection: keep-alive
paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.4
50.87.147.174200 OK 3.8 kB URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6322)
Hash 20551913b80e20d5504d89048edbf647
82f016134c8aee88672562d17bcfdc8af10fa74f
98317e82de562f4c08eed874853b54de34fd1f02920cc4271e5d488dd16d5251
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.19.4 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 3750
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.19.4
50.87.147.174200 OK 10 kB URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.19.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21184)
Hash 3969e7198114811bc37fcf3aac06f7e1
810da761f17398a947bffbd581622de23496d956
86e9cda79a00e8a4cac32bb6dbeb059ca6bf9629d25b65d43e0eb7e65087aa8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.19.4 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 10528
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paradisecharterfishing.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.23
50.87.147.174200 OK 3.5 kB URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.23
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9646), with no line terminators
Hash baff46c7d0725f1445c2417e76ddb242
66ea980442ed784cc5c28069a024d7998c0f4af0
0a11ef53c6f0232c570e8900c603982ff75a40ae368df340378f1a6f84eee34e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dg-carousel/scripts/frontend-bundle.min.js?ver=2.0.23 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 18:36:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 3506
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsQ.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 24264, version 1.0\012- data
Hash e6e2be7a45e76c63f825a247fb98edba
b7fb162e98e13cbca4ebf53c9366694d07243a19
8a0cbf1a36332ebf51dfb5077afe15d4cab4be8f37211f9386aeda31bc3d4fab
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic0CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 07:28:45 GMT
expires: Sat, 13 Jan 2024 07:28:45 GMT
cache-control: public, max-age=31536000
age: 80513
last-modified: Wed, 11 May 2022 19:24:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
50.87.147.174200 OK 4.6 kB URL HTTP/2 paradisecharterfishing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 4618
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff
142.250.74.35200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 28944, version 1.1\012- data
Hash f9bdf9b7f08ecd9c2484ca884b96acd7
0bc221b83468b1b6fc5ef05327135d6935813843
d6dbc44a1a982409179b0192e186eb43b0fb3be6e199c149684a767531bd996c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc-.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28944
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 19:57:00 GMT
expires: Wed, 10 Jan 2024 19:57:00 GMT
cache-control: public, max-age=31536000
age: 294818
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14f17eb27938efbfade5b80646ffc881
dd23bfbd068f380d7bbd2459921570c63c46cce3
0695aef5736c7c63fb3c45383182824db19045b4eba186feb9da198ac7b9a124
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: e5a7bd4f-2d64-44c4-815f-8deae16fd5e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pbGdOIAMFToA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-283396d9346608cf01ef52e6;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VSKRl2CvP9rNmEn6arD63QK0yFGvMnAjfyS3cVrHlylTjuXKAyZYVg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:14 GMT
age: 28884
etag: "dd23bfbd068f380d7bbd2459921570c63c46cce3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4
50.87.147.174200 OK 1.4 kB URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash 2d905d32c99cbef154be9f4b757ceec3
5f25c460642fe3f21dafb25f398c357a8b346601
e46b2b59365bbc46271571aabad27a64d2917a969acdae5ca4aff80a98812103
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.19.4 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 1389
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3443.563581468712!2d-87.13586658450353!3d30.33492908177756!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8890c5e78c83ef31%3A0x5647a48d19e8d39!2s21%20Via%20De%20Luna%20Dr%2C%20Pensacola%20Beach%2C%20FL%2032561%2C%20USA!5e0!3m2!1sen!2sph!4v1615356055563!5m2!1sen!2sph
216.58.211.4200 OK 919 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3443.563581468712!2d-87.13586658450353!3d30.33492908177756!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8890c5e78c83ef31%3A0x5647a48d19e8d39!2s21%20Via%20De%20Luna%20Dr%2C%20Pensacola%20Beach%2C%20FL%2032561%2C%20USA!5e0!3m2!1sen!2sph!4v1615356055563!5m2!1sen!2sph
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1571)
Hash 2b60e71d7710e9b97d451496755031f8
1a41819790e04651845d798d352940d80b9cbe56
19740f8769474f9210c0ab6238f86fa3071b3a850a47db7d04015b597f55bb61
GET /maps/embed?pb=!1m18!1m12!1m3!1d3443.563581468712!2d-87.13586658450353!3d30.33492908177756!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8890c5e78c83ef31%3A0x5647a48d19e8d39!2s21%20Via%20De%20Luna%20Dr%2C%20Pensacola%20Beach%2C%20FL%2032561%2C%20USA!5e0!3m2!1sen!2sph!4v1615356055563!5m2!1sen!2sph HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 05:50:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Sm0y0DGh3eYJad0ed70rYg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 919
x-xss-protection: 0
server-timing: gfet4t7; dur=191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 56837
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4
50.87.147.174200 OK 572 B URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 163c85c033bf0089450e91dfcae120ee
dade9e2c0b826a6e73d0fa3ad2382e8d905e4407
54ba512214b521dfd7696e42b786875789d9be13bb336ebf52a984cf5b19243d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.19.4 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-length: 572
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2363dbe7bb6a459853d8d19cab50e70b
ded76de1dd453e40dbf6eaa8607cf19fac7f71a4
f96da6354cec52143768014c36ba2b298224a58b0bf38bd2aa5f3bfce69d8670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0a5cc8b-8d62-447a-a39c-733e1afdd415.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7447
x-amzn-requestid: dd3543b7-4e6b-4605-acea-a21d39af02ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qSFjAIAMF7HQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce41-56e2ccc63669032d70cba0ba;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AYaeawnEmwHkyx3h-yliVx-ARcRB3W5kbtFH5tARnL3YMD6e4WYAQw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 28897
etag: "ded76de1dd453e40dbf6eaa8607cf19fac7f71a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22560, version 1.0\012- data
Hash 1dfb815c0e707ba03fb3486d94881ca4
26c19605a4ebf47cc1bbfa8223cc1d598a401f3c
8c445c283da9a171eb4841f32cb343627ef480ed8c80c6dca83ef8287687e62f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 14:35:46 GMT
expires: Fri, 12 Jan 2024 14:35:46 GMT
cache-control: public, max-age=31536000
age: 141292
last-modified: Wed, 11 May 2022 19:24:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 29633
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22580, version 1.0\012- data
Hash 1c44e440b54050bdb9c8f4cf048163bc
285209cc8e5df99937d360909021a7501269f6ac
59fb185692872a1d0060ebdb9d6f8664b499b8812e80dc59755ec2f68887450f
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 07:39:20 GMT
expires: Mon, 08 Jan 2024 07:39:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:59 GMT
content-type: font/woff2
age: 511878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69cd0f59-3b24-4742-958c-e856dc02789f.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69cd0f59-3b24-4742-958c-e856dc02789f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7055d5db8f2f9c89dfab16c4fe3f11a5
29566fe8eb5c9d12b0584642dac170c93ba80b90
6510cf0eda1d062df3b81b2b797e9bfca73040cac874e80ae9b8ff70b0407302
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69cd0f59-3b24-4742-958c-e856dc02789f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 28db68a0-ab23-4bef-b415-54120d187f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0gWEF6IAMFT7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3468-23b24e4a2c863aed25e0c81e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:11:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lkGbybdV4gBs1HNNzdVIBzyA5Akcx2T4YZX9Q1kR847Q33pG8sJ67w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:15:41 GMT
age: 30897
etag: "29566fe8eb5c9d12b0584642dac170c93ba80b90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/03/Banner.jpg
50.87.147.174200 OK 253 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/03/Banner.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x700, components 3\012- data
Size 253 kB (252582 bytes)
Hash 0e0d965aa76892b140ba2dfe1e493d92
408acf91906d63b6b9fbf300f421583d4f204621
c051ed9d9050ce9271ceb0a997639ac9e8100ab3e7c6c67fe4d4c0e81a98f3fa
GET /wp-content/uploads/2021/03/Banner.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 27 Oct 2021 15:43:34 GMT
accept-ranges: bytes
content-length: 252582
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc9.ttf
142.250.74.35200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc9.ttf
IP 142.250.74.35:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Hash 072d6f80d26e2572efcab49864b1b01c
df27be5d80212550fbd9867119649393a590ff69
d0921102cd41f532839030a5c222afebe785ac6b2a0401e80c660a3dde0f4af0
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc9.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30061
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 00:06:35 GMT
expires: Fri, 12 Jan 2024 00:06:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/ttf
age: 193443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-D7K18PZHCT>m=2oe1a1&_p=820567889&gdid=dZGIzZG&cid=297044264.1673675421&ul=en-us&sr=1280x1024&_s=1&sid=1673675421&sct=1&seg=0&dl=https%3A%2F%2Fparadisecharterfishing.com%2F&dt=Home%20-%20Paradise%20Charters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-D7K18PZHCT>m=2oe1a1&_p=820567889&gdid=dZGIzZG&cid=297044264.1673675421&ul=en-us&sr=1280x1024&_s=1&sid=1673675421&sct=1&seg=0&dl=https%3A%2F%2Fparadisecharterfishing.com%2F&dt=Home%20-%20Paradise%20Charters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D7K18PZHCT>m=2oe1a1&_p=820567889&gdid=dZGIzZG&cid=297044264.1673675421&ul=en-us&sr=1280x1024&_s=1&sid=1673675421&sct=1&seg=0&dl=https%3A%2F%2Fparadisecharterfishing.com%2F&dt=Home%20-%20Paradise%20Charters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://paradisecharterfishing.com
date: Sat, 14 Jan 2023 05:50:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=ph&callback=onApiLoad
216.58.207.234200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=ph&callback=onApiLoad
IP 216.58.207.234:0
File type ASCII text, with very long lines (2436)
Hash 807d4d5990550e9ca56ab3a29d62e693
29b2cb1c4e2c54b26b85f40369f58ef001186300
172653416874e481e89f08b5472d8de55e0518fe582c4408dbc8841e87f4cd8c
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=ph&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56524
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Sat, 14 Jan 2023 05:39:03 GMT
expires: Sat, 14 Jan 2023 06:09:03 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 695
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/02/paradise-charters-blurb-bg.jpg
50.87.147.174200 OK 59 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/02/paradise-charters-blurb-bg.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 900x599, components 3\012- data
Hash 24df498685fd59b010c7bd9ed774d007
6ecfb35d138a52cd794ee7f2ce2e6cc2d69984a7
c54eb0f7087382b42fc6b01fa4ee38514942d971658e61c48134635296667b3a
GET /wp-content/uploads/2021/02/paradise-charters-blurb-bg.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 59238
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/03/Red-Snapper-Haul-min.jpeg
50.87.147.174200 OK 81 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/03/Red-Snapper-Haul-min.jpeg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 459x640, components 3\012- data
Hash 3190e380efc08e9154fc6a546bb074d0
56a529777b549f0ba65fce58cd5f46774d917bf2
523c7236ac0c374d2d45a236a49e70d913b1ea9abb6718b9a6219b180e23bdeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/03/Red-Snapper-Haul-min.jpeg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 81141
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/03/sea-blurb.png
50.87.147.174200 OK 249 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/03/sea-blurb.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1476 x 289, 8-bit colormap, non-interlaced\012- data
Size 249 kB (248966 bytes)
Hash c0bd640d18159799856a7c816c5db57a
b4e795c12babfaf5a764353e864f76b6af0c0fb2
235b5a79820221b85675b0b4539ec5ae05f5e858170413605339ed1264280efb
GET /wp-content/uploads/2021/03/sea-blurb.png HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/wp-content/et-cache/18/et-core-unified-tb-23-tb-112-deferred-18.min.css?ver=1673322980
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 16:03:46 GMT
accept-ranges: bytes
content-length: 248966
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/02/paradise-charters-logo.jpg
50.87.147.174200 OK 12 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/02/paradise-charters-logo.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 250x262, components 3\012- data
Hash 84e78ca58033d6ff16737600d05b399c
910fcc1974b46e3de7891017bc4ece741aade47d
ae2315017c6933997cb87c7d9168d734dde3be27a416f29f9704f5bb483ecb01
GET /wp-content/uploads/2021/02/paradise-charters-logo.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 11599
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 05:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/5/init_embed.js
142.250.74.99200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/5/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2599)
Hash 3b38dae0a22ba85304bbd1ccc52f824f
7e7fc5d0a6497b36fb61f41c27d6c45809a78a96
45c770bc2fad26fe42afed3baabed5fe1e2557e2942fdd2a97d0f5c675137cea
GET /maps-api-v3/embed/js/51/5/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 70281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 18:55:11 GMT
expires: Thu, 11 Jan 2024 18:55:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 03:06:00 GMT
content-type: text/javascript
age: 212127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/02/cropped-paradise-charters-logo-192x192.jpg
50.87.147.174200 OK 7.8 kB URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/02/cropped-paradise-charters-logo-192x192.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 1\012- data
Hash d838c8640fce82ec7f4743c142b871dc
b6b0d0fec3dd5ce884da595fc2afac586dc3cb70
3c792e705fcb633d5fedf755fc554be1cb0ad43b195f028a9972666d94192d11
GET /wp-content/uploads/2021/02/cropped-paradise-charters-logo-192x192.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421; _ga_PREGFZQBK3=GS1.1.1673675421.1.0.1673675421.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 7787
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/uploads/2021/02/cropped-paradise-charters-logo-32x32.jpg
50.87.147.174200 OK 583 B URL HTTP/2 paradisecharterfishing.com/wp-content/uploads/2021/02/cropped-paradise-charters-logo-32x32.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, components 1\012- data
Hash 26382f29c8bf7231be426a9a1c2feae7
2782080ffbdfd5aa58908d3b1ff9b6e4417ac151
60d404a7d1787341de49bc5ca83165e2a36cc25183670069d37aeeb57c6f31cd
GET /wp-content/uploads/2021/02/cropped-paradise-charters-logo-32x32.jpg HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421; _ga_PREGFZQBK3=GS1.1.1673675421.1.0.1673675421.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 21 Mar 2021 18:47:55 GMT
accept-ranges: bytes
content-length: 583
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 2c5e576c986fa3babe2c32f4a7ca3f3c
2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 209806
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:51:59 GMT
expires: Thu, 11 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 251921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e40d5007919bd7f226664e3b1fa1339
73293ca2143a4ca1cbd17317fbab0aeac401df1b
5396d28bba05d0775a803107ce2aef6a28cbd29bcc211dcc5e1d10326aa9dcb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11798
x-amzn-requestid: 69dd4065-86d7-41cc-916c-c4a98167123c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eg8H3HSeoAMFt3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bd0d65-5c1f9f743324cabe37606cd3;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 07:01:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Zbt_rmVn5g0_o5LcFpn8LPnjgfz5d6Rvipe07Q4ZQVAiOsNYJDj_iQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 07:48:51 GMT
age: 79313
etag: "73293ca2143a4ca1cbd17317fbab0aeac401df1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4.woff2
142.250.74.35200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4.woff2
IP 142.250.74.35:0
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paradisecharterfishing.com
Connection: keep-alive
Referer: https://paradisecharterfishing.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 11:38:40 GMT
expires: Fri, 12 Jan 2024 11:38:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 151918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.23
50.87.147.174200 OK 0 B URL HTTP/2 paradisecharterfishing.com/wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.23
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/dg-carousel/scripts/swiper.min.js?ver=2.0.23 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 24 Dec 2021 18:36:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4
50.87.147.174200 OK 0 B URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.19.4 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
50.87.147.174200 OK 0 B URL HTTP/2 paradisecharterfishing.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 02 Nov 2022 06:31:21 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 05:50:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 05:50:37 GMT
server: Apache
X-Firefox-Spdy: h2
paradisecharterfishing.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
50.87.147.174200 OK 0 B URL HTTP/2 paradisecharterfishing.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: paradisecharterfishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paradisecharterfishing.com/
Connection: keep-alive
Cookie: _ga_D7K18PZHCT=GS1.1.1673675421.1.0.1673675421.0.0.0; _ga=GA1.1.297044264.1673675421
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 17 Dec 2022 06:28:02 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 05:50:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-type: font/ttf
date: Sat, 14 Jan 2023 05:50:38 GMT
server: Apache
X-Firefox-Spdy: h2