r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12917
Expires: Mon, 26 Sep 2022 22:44:18 GMT
Date: Mon, 26 Sep 2022 19:09:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 18:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NDj4uWG31bHUIt_kOz_CAvm6Fc4K6WXy1375NAqShXJ6Y7pBVUuQlQ==
Age: 3222
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6oKtUhzi6SX00eGbvP7RZ7yevex6B3nQM4l8eQR-UsipimgBQ5FqA==
age: 52426
X-Firefox-Spdy: h2
www.peeryhotel.com/
35.199.146.174301 Moved Permanently 162 B IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 19:09:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.peeryhotel.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 18:10:46 GMT
Expires: Mon, 26 Sep 2022 18:33:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NOjXEXLr-al1YBFDgc9RA0I5cVmIvAGwerqT4dLOyOtC0BAjbvMwMQ==
Age: 3496
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4249
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:02 GMT
Last-Modified: Mon, 26 Sep 2022 17:58:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uqRTq+GM9qOVZ/RwhIRieQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /rXaZc677twp/QeiZs681tYu6+4=
api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.css?ver=6.0.2
54.230.216.182200 OK 1.8 kB URL HTTP/1.1 api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.css?ver=6.0.2
IP 54.230.216.182:0
File type ASCII text, with very long lines (713)
Hash 64eefd7b16b7fbe66b6a04f7950c5aaa
3ce56aa191738d4a578c4100f8b920301bdc6bad
012503ea5b08c79a098f8c6cc0badb9e0e0bd020bd9a1a82b9d2db6c06e8ab59
GET /mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.css?ver=6.0.2 HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 07 Sep 2022 05:17:16 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "d374066a94412eb1fb583e97516223bd"
Last-Modified: Sun Jan 21 2018 01:32:52 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TkDrDfBt38zQw5nCDibWpw1IF1-m3nSvroi8VuBssTEuAVkvP7CoCg==
Age: 1691506
api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.css?ver=6.0.2
54.230.216.182200 OK 5.6 kB URL HTTP/1.1 api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.css?ver=6.0.2
IP 54.230.216.182:0
File type ASCII text, with very long lines (1797)
Hash 7e08669296a7c895e89aa7bfdcdacca9
9fb6d1ccfa69701727f39c3e97bec50fa2ad9887
a230b270f59b24514a18eed716f49015b2699b7a7d9a4c3ee6e156faa057ec53
GET /mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.css?ver=6.0.2 HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 03 Jun 2022 17:15:30 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "5435d92479e98a64a894804312f2339b"
Last-Modified: Mon Feb 06 2017 22:51:36 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B_EyDyulXB_Ko4lvOPdPWTsg5n0HUWTloykUtF5Z6ltWQtti9FUiCQ==
Age: 9942812
api.tiles.mapbox.com/mapbox-gl-js/v0.43.0/mapbox-gl.css?ver=6.0.2
54.230.216.182200 OK 11 kB URL HTTP/1.1 api.tiles.mapbox.com/mapbox-gl-js/v0.43.0/mapbox-gl.css?ver=6.0.2
IP 54.230.216.182:0
File type ASCII text, with very long lines (13302)
Hash f3cd57b03dff96f4fd352cdf699d225d
51e6523c0ea96c166969636d7f3f027f0bc48441
01f40ddde7514e16254874085104b368d84354e9c0aff80ac0ae3a6ffff77fbb
GET /mapbox-gl-js/v0.43.0/mapbox-gl.css?ver=6.0.2 HTTP/1.1
Host: api.tiles.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 12 Aug 2022 01:05:24 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "4132c77347d7de2f481bf57f2761191f"
Last-Modified: Thu Dec 21 2017 19:36:40 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lpIxmQOld-0A-mEd3FQsfrYe0t_iq5LRiJaqdX4oW_8zH0dxjgX0Tw==
Age: 3953018
api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.min.js?ver=6.0.2
54.230.216.182200 OK 22 kB URL HTTP/1.1 api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.min.js?ver=6.0.2
IP 54.230.216.182:0
Hash 557280c8b125d27f5fd65d5384308361
15f114d9bf7af19757192a43928609b7adaacf3c
1e8862decd6d072432ef354a3e91b3af5b5365f7549d9c0b8bfb52d3a482f91b
GET /mapbox-gl-js/plugins/mapbox-gl-geocoder/v2.2.0/mapbox-gl-geocoder.min.js?ver=6.0.2 HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 09 Jul 2022 04:50:42 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "7c194ab0be2e2c139b5cd1be79d04076"
Last-Modified: Sun Jan 21 2018 01:32:52 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 00WG3NF_OlKYRpslHitFxrTC5ovH_Klve-39hfHQn_oe66fLrM9eiw==
Age: 6877100
api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.js?ver=6.0.2
54.230.216.182200 OK 51 kB URL HTTP/1.1 api.mapbox.com/mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.js?ver=6.0.2
IP 54.230.216.182:0
File type ASCII text, with very long lines (856)
Hash ea283f6e48bd66f0653365aeb66d3a39
662361b4b02e97660437b79fa77260fee824729a
98483b81d4dde1c07c02b8944fb091f9bc354b481d25a433e00027f89aa38570
GET /mapbox-gl-js/plugins/mapbox-gl-directions/v3.1.1/mapbox-gl-directions.js?ver=6.0.2 HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 25 May 2022 01:05:58 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "777a916f2b3e955a4287828e17a17763"
Last-Modified: Mon Feb 06 2017 22:51:36 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v__gO4Gy3N7bkUBZuiA15iUyIffXKCH0ghHHYJfkoTFzwhVB1ygLow==
Age: 10778584
api.tiles.mapbox.com/mapbox-gl-js/v0.43.0/mapbox-gl.js?ver=6.0.2
54.230.216.182200 OK 176 kB URL HTTP/1.1 api.tiles.mapbox.com/mapbox-gl-js/v0.43.0/mapbox-gl.js?ver=6.0.2
IP 54.230.216.182:0
File type ASCII text, with very long lines (6683)
Size 176 kB (175779 bytes)
Hash 734e14198021ac838b5b6cad91f3dd91
198920e434c6bbf37e2bfc6b06ae6cd596f4c13f
6c68362b38b885dfbb6178de66dbed9815fc792664c65d1ee3ea10f26ea44800
GET /mapbox-gl-js/v0.43.0/mapbox-gl.js?ver=6.0.2 HTTP/1.1
Host: api.tiles.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 24 Jun 2022 01:29:06 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "820fdf73b05ff067637e35bed2434dbf"
Last-Modified: Thu Dec 21 2017 19:36:38 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3VI34m0418e58SfYU7cierdQGfd-mlVRDZBt8oIyNmNJBD3y9NoAFA==
Age: 8185196
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
23.38.200.237200 OK 119 kB URL HTTP/2 assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32720)
Size 119 kB (118601 bytes)
Hash d272c081a0983bc54f57ca8233f45ced
a2c054c0f086be8ee5a8b32210894e76c798d571
bbab78134276478f7752b8aee189d634214012ce8537d125be95032b902fcbb9
GET /launch-EN02272261e0b845508227acf3ca0c37de.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "843992bf66562a4d8cdab067a83c7d11:1663950389.526215"
last-modified: Fri, 23 Sep 2022 16:26:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 118601
cache-control: max-age=3600
expires: Mon, 26 Sep 2022 20:09:02 GMT
date: Mon, 26 Sep 2022 19:09:02 GMT
access-control-allow-origin: https://www.peeryhotel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=SUPERreCaptcha&render=explicit&ver=6.0.2
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=SUPERreCaptcha&render=explicit&ver=6.0.2
IP 142.250.74.164:0
File type ASCII text, with very long lines (909), with no line terminators
Hash 4113cc3d2bd84b8334747854dd718360
85564b3fa469db001c0aaedc36de78b849c9f147
f4945d15f24481f193da3cdcfdc9d69a11d13f985c6f8e3df9c4fe380a088d31
GET /recaptcha/api.js?onload=SUPERreCaptcha&render=explicit&ver=6.0.2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 26 Sep 2022 19:09:02 GMT
date: Mon, 26 Sep 2022 19:09:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/
35.199.146.174200 OK 85 kB IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 22a44f74736ab6b589ad54abe487fbc6
f4d9a9fda8858647fb718200cc46eafbc2ad5790
174ce397e213e67a9f4be888083855a0872ae9253c01fec2dfb7209d3783a759
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
set-cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595; expires=Mon, 26-Sep-2022 19:35:55 GMT; Max-Age=1800; path=/
link: <https://www.peeryhotel.com/wp-json/>; rel="https://api.w.org/", <https://www.peeryhotel.com/wp-json/wp/v2/pages/117>; rel="alternate"; type="application/json", <https://www.peeryhotel.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
assets.adobedtm.com/launch-EN5b5c6a9c5e27495c810755084520795c-development.min.js
23.38.200.237200 OK 118 kB URL HTTP/2 assets.adobedtm.com/launch-EN5b5c6a9c5e27495c810755084520795c-development.min.js
IP 23.38.200.237:0
Size 118 kB (117624 bytes)
Hash 19ba7e3048e364f6bbf9864fc4ee55d0
6af117e8cc9f4e2e6db79a3c63d584d5f2325c8c
f6f59d2ba3bd6fc682a9abce936930b2080a40dd24d27ee78247ec54b9729265
GET /launch-EN5b5c6a9c5e27495c810755084520795c-development.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "154e39b6e2abc06d9699fc0b91f970aa:1663949981.635342"
last-modified: Fri, 23 Sep 2022 16:19:41 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Mon, 26 Sep 2022 19:09:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 26 Sep 2022 19:09:02 GMT
access-control-allow-origin: https://www.peeryhotel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.peeryhotel.com/wp-content/uploads/SLCPS_Horizontal_Color_c.png
35.199.146.174200 OK 9.9 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/SLCPS_Horizontal_Color_c.png
IP 35.199.146.174:0
File type PNG image data, 1000 x 245, 8-bit colormap, non-interlaced\012- data
Hash d7cbe1251d96e6363324eee2421eea00
22316fa9670053dacc7f7714b9f89022c2b684ec
a86b0bdb6de392d4f2651d51aae5e310f6a721bdedcc4e881eb5df223127c565
GET /wp-content/uploads/SLCPS_Horizontal_Color_c.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/png
content-length: 9947
last-modified: Mon, 06 Jan 2020 17:51:10 GMT
etag: "5e13738e-26db"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/SLCPS_Logo_white.png
35.199.146.174200 OK 11 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/SLCPS_Logo_white.png
IP 35.199.146.174:0
File type PNG image data, 1000 x 245, 8-bit colormap, non-interlaced\012- data
Hash a44355959b52f72a8bab2642530a90ac
d1c062753f03173e62369595464019034c0cd2c9
12b4709da89593cb99982b98cc0df8171aa1f6567a407a0c7db67be90fa07c39
GET /wp-content/uploads/SLCPS_Logo_white.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/png
content-length: 11215
last-modified: Mon, 06 Jan 2020 17:50:59 GMT
etag: "5e137383-2bcf"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/includes/views/c-icon.png
35.199.146.174200 OK 3.6 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/includes/views/c-icon.png
IP 35.199.146.174:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 50ea8b4ff4d97a04bde5bdfaa6806f88
ad3e5b9ae3c1dce16a165382d78c985fb2ab64c4
1afc32f65af694df55e3638703d58e8a09f1a368abe76fe812bf9744e6cb8ee2
GET /wp-content/plugins/booking-widget/includes/views/c-icon.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/png
content-length: 3637
last-modified: Thu, 19 Sep 2019 19:10:48 GMT
etag: "5d83d2b8-e35"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/One-Queen-Bed-1.jpg
35.199.146.174200 OK 37 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/One-Queen-Bed-1.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x684, components 3\012- data
Hash d3ef4b91beee3530ce12cba4f7be60ce
6246888129531cd534264a64bfa222006c165683
7b2dc519d48d4cd9e11ef77eaf3000df66c168a699494a845a8d6b6a04435c97
GET /wp-content/uploads/One-Queen-Bed-1.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 37357
last-modified: Tue, 10 Dec 2019 08:43:32 GMT
etag: "5def5ab4-91ed"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/Accessible-Queen-1.jpg
35.199.146.174200 OK 42 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/Accessible-Queen-1.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x684, components 3\012- data
Hash 5cce162e1908d9358977162d5c4eda32
ae7e4be161fb7284cba107804064db3ec565a382
86a8324c2d4d6bfa862ff78773b8d4434b427be2dcb9c6e1d316fc12a177b746
GET /wp-content/uploads/Accessible-Queen-1.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 42062
last-modified: Tue, 10 Dec 2019 08:47:11 GMT
etag: "5def5b8f-a44e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/One-King-Bed-a.jpg
35.199.146.174200 OK 112 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/One-King-Bed-a.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1024x684, components 3\012- data
Size 112 kB (112152 bytes)
Hash 3909b8d4e748074e69b41b90f1cbf1bc
3bf47519c152b93634b1588e2db65e1557ccf92f
fd5db2514188cc60e2bb9ca4dcdb4d1ca0ac268f6c4e54c0a63a6e5ae4793f6f
GET /wp-content/uploads/One-King-Bed-a.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 112152
last-modified: Mon, 06 Jan 2020 19:14:03 GMT
etag: "5e1386fb-1b618"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/Two-Queen-Beds-a.jpg
35.199.146.174200 OK 129 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/Two-Queen-Beds-a.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1024x684, components 3\012- data
Size 129 kB (128964 bytes)
Hash 0972d4dc66e24f2ab7f189985e50fa54
855828d7f4241d4d1feaaa9b93104896b0f12344
c2d89e1f152db871565415dc92e7d6d94b179db7304ead2a87682eec55526a1a
GET /wp-content/uploads/Two-Queen-Beds-a.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 128964
last-modified: Mon, 06 Jan 2020 19:16:18 GMT
etag: "5e138782-1f7c4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/One-King-Bed-Junior-Suite-a.jpg
35.199.146.174200 OK 122 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/One-King-Bed-Junior-Suite-a.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1024x684, components 3\012- data
Size 122 kB (121483 bytes)
Hash 3b5940e9875dd962a3e329860123f73e
8190bc00800b7df5555d6d4d00960f20ce21d641
5a3746487a8f5aea6aa88acae7ce4194f81345f22b336f59e889e3defc46053c
GET /wp-content/uploads/One-King-Bed-Junior-Suite-a.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 121483
last-modified: Mon, 06 Jan 2020 19:14:46 GMT
etag: "5e138726-1da8b"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.peeryhotel.com/wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.2.4
35.199.146.174200 OK 10 kB URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.2.4
IP 35.199.146.174:0
File type ASCII text, with very long lines (32338)
Hash b465a371efaeb00d1d44794249894d4c
90573e8e54195cde0de4902757af2afe9fdd3ea7
0b69d3b7191415c75c2f65b37607c19af9442991ffa7717a0ef6b7e0af5c3409
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-97b1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.4.19
35.199.146.174200 OK 9.4 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.4.19
IP 35.199.146.174:0
Hash b5ca712684abac4781a8dd5d19bcdbd6
123b630998aed571dc71b754a7944b3be1174e4b
158b9b1f7b5cb6a64624217c66f48d65eac3731fa6a2a504a62d8113a5136418
GET /wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.4.19 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:11:51 GMT
etag: W/"5e541ff7-d86"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/backbone.min.js?ver=1.4.1
35.199.146.174200 OK 16 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/backbone.min.js?ver=1.4.1
IP 35.199.146.174:0
File type ASCII text, with very long lines (23894)
Hash fd6eb00b05ee5841037ac2e6537efe25
5a8afaa6612719486ca2e72e9adb58f82afbbbc2
e92cf8af932cf1b1db1c80faa9143fcb17f420b0b609c9fde4944b2a4d7bf4df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 17:17:22 GMT
etag: W/"6255b422-5d79"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 430685
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.4.19
35.199.146.174200 OK 10 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.4.19
IP 35.199.146.174:0
File type ASCII text, with very long lines (31771), with no line terminators
Hash bbee2369c52fa1f40f71a905319440e3
794dc20f5a1ca23a3622fc8a256eda77b969dfa4
ac9d9e95b546c1fa7a88acf27d77c9b7b639821ee3152f9f01ab9f952c4f4576
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.4.19 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:11:51 GMT
etag: W/"5e541ff7-7c1b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 354526
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=1.8.6
35.199.146.174200 OK 47 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=1.8.6
IP 35.199.146.174:0
Hash 2ae7b88285cd046eeddc0cd0879d51d5
454cc22bfede02f671ffc5cae3c385778bf3003b
09df2c73a5176735a9f0ab3ed3e2bd449f2703d43f71773d3d85b1d9ff65c47e
GET /wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=1.8.6 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:11:59 GMT
etag: W/"5e541fff-8e4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 430685
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14
35.199.146.174200 OK 2.3 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14
IP 35.199.146.174:0
File type Unicode text, UTF-8 text, with very long lines (3601)
Hash 2e24f3245e07bac8f8b6246499cb4bf8
f9f31381583fc0907e6808243c7066c13cb092d9
ca5173f996b98c046d88f8042b44fa7dbc721629f6fc1eb5cbc87b747343b77a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:27 GMT
etag: W/"5d8020b3-15b3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
142.250.74.163200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 22:19:01 GMT
expires: Tue, 19 Sep 2023 22:19:01 GMT
cache-control: public, max-age=31536000
age: 593403
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15734
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 19:09:04 GMT
Connection: keep-alive
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 430685
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15734
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 19:09:04 GMT
Connection: keep-alive
www.peeryhotel.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
35.199.146.174200 OK 39 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 35.199.146.174:0
File type ASCII text, with very long lines (65266)
Hash bbfdc40853a0ce1e2cd8100e50698dfd
32c999e544fc2d69c5774736246c06ec9201377c
51cfd51c18195b45f034dc9687e020c862f1d2c28992afd56e1d68c5a5a48f3a
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"5f735862-267aa"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 76273
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.2
35.199.146.174200 OK 14 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (10019)
Hash 72657cea970b59375a6e21d31f7c8fa2
560ad6c4b85a7d8c774feb18722e6efff6ccc539
7fc8551cb75fe2ec58965772a61cee9148b35932774b8c41d27c798d5d881f47
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-4824"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 75528
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:02:10 GMT
age: 76014
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.3.0
35.199.146.174200 OK 9.3 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.3.0
IP 35.199.146.174:0
Hash e0e4fa4ef04f788668ca6a8885803463
ff8254e20f28c960caf02841427874637b9eb9a2
e032d93ebaac3fdcd91f42efa5d853ea03d87d09537af9a41ae7fbb6cd4a3221
GET /wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.3.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:22 GMT
etag: W/"5d8020ae-8b6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/underscore.min.js?ver=1.13.3
35.199.146.174200 OK 20 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 35.199.146.174:0
File type ASCII text, with very long lines (18876)
Hash 6dfeb7821d47f43dba0e7ca545f19e76
80fe166a946bc936dd966af67f514dfb24652598
5263d178bb218c7b95d3ab78c4030e6a2b1185d6071bc8058c435b10db1cd20e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
etag: W/"62695599-49df"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.peeryhotel.com/wp-content/themes/phlox-pro/css/fonts/fontastic/auxin-front.woff
35.199.146.174200 OK 131 kB URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/fonts/fontastic/auxin-front.woff
IP 35.199.146.174:0
File type Web Open Font Format, CFF, length 131252, version 1.0\012- data
Size 131 kB (131252 bytes)
Hash 49c64231fa6b7e6e8378706018a2b7e8
2b34a86455bfe6e14e1d0e2024bb5c5d3ca49844
1633f19adcd05d4a57f79797f2506b14f37feebcdac949004da0a64a678da8cd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/css/fonts/fontastic/auxin-front.woff HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.2.4
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:04 GMT
content-type: font/woff
content-length: 131252
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: "5d801ecf-200b4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/shortcode.min.js?ver=6.0.2
35.199.146.174200 OK 77 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/shortcode.min.js?ver=6.0.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (2616)
Hash b8c29b33945abffeee4ac24490ed8c4c
74eea68b59a58923e3e36f647a499a77577a3a4b
51899dfba3bd032f62785d9c4cfa8689bc6cd1bdfe61a869e139d2da930ed311
GET /wp-includes/js/shortcode.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-a5b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
35.199.146.174200 OK 80 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 35.199.146.174:0
Hash 862931d3e4134378f7fe7a4719cfd80c
0920531b605ee9eb34a09a200cc460e6833c3beb
8bb577fa8bffd7862358277c25ce9fbe118af993c0c4a17a4a5c560d9cdd6a1b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 10 Apr 2020 22:44:38 GMT
etag: W/"5e90f6d6-3868"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/FullImage_cropped.png
35.199.146.174200 OK 470 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/FullImage_cropped.png
IP 35.199.146.174:0
File type PNG image data, 1349 x 665, 8-bit colormap, non-interlaced\012- data
Size 470 kB (469696 bytes)
Hash beba5038c3a449d39060a2fbb9c49151
cc3fe025f3536e39f953f1f20eea47579c5141ee
534cfece3e1022e97592b2c8779a0cf4751d3a9c7c2aaf6ee937737154bae307
GET /wp-content/uploads/FullImage_cropped.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/uploads/elementor/css/post-117.css?ver=1661211536
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:04 GMT
content-type: image/png
content-length: 469696
last-modified: Fri, 10 Apr 2020 22:44:44 GMT
etag: "5e90f6dc-72ac0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/wp-backbone.min.js?ver=6.0.2
35.199.146.174200 OK 331 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/wp-backbone.min.js?ver=6.0.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (3004)
Size 331 kB (331010 bytes)
Hash 9f6ce21705825dafb6ef8d3b74f618f4
62619d6a55395ea69180c61a861476d82d3ba5a2
43b4da30aa014e4567575d806f3372a4afebbba88b94aad6e13de48378c250e9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-backbone.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-bdf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
23.38.200.237200 OK 8.8 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
IP 23.38.200.237:0
File type exported SGML document, ASCII text, with very long lines (24999)
Hash 6f56f25549f094ee43918a26715f4c6b
0b75d52207556fa7879017f81a9445006a637047
57a0cc8a8dfd7a1ab1aa40a84c53b0db4caf025c5c5499bea095b91924139a96
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8753
expires: Mon, 26 Sep 2022 20:09:04 GMT
date: Mon, 26 Sep 2022 19:09:04 GMT
cache-control: no-cache
access-control-allow-origin: https://www.peeryhotel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9db1f7fbae22b465976f879e76c41f64
6706c2bd24888fbf1227a312c523ee9f0812ebb7
b4631a13ab094149b194b6e83636c3f44c2b56e85680057a64da768ae2d37ce9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2109
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:04 GMT
Last-Modified: Mon, 26 Sep 2022 18:33:55 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.peeryhotel.com/wp-content/uploads/footer-main-1.png
35.199.146.174200 OK 450 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/footer-main-1.png
IP 35.199.146.174:0
File type PNG image data, 1920 x 589, 8-bit colormap, non-interlaced\012- data
Size 450 kB (449871 bytes)
Hash f4cbd95cd3d85a8554a281a0d1aeb2bb
6bb32febb992056ed7a46cee69ec90577c9e9935
6a483762239c73c747f936352fc6cf406506ac0e4d6985e8c6fe84b5bcd17605
GET /wp-content/uploads/footer-main-1.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/uploads/phlox-pro/custom.css?ver=9.3
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:04 GMT
content-type: image/png
content-length: 449871
last-modified: Mon, 06 Jan 2020 17:51:45 GMT
etag: "5e1373b1-6dd4f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/One-King-Bed-One-Bedroom-Suite-a.jpg
35.199.146.174200 OK 14 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/One-King-Bed-One-Bedroom-Suite-a.jpg
IP 35.199.146.174:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash ba2345ffc1bb53360f5fa8ba644755d0
e75f227e98ab5a1318612f6d0ed101c8aa7316af
093d0cefff530a1f96b6a3a898eb2a495fa028eb79c094d25c0974a8dea237dd
GET /wp-content/uploads/One-King-Bed-One-Bedroom-Suite-a.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: image/jpeg
content-length: 100172
last-modified: Mon, 06 Jan 2020 19:15:32 GMT
etag: "5e138754-1874c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434
3.248.125.227302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434
IP 3.248.125.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.peeryhotel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v043-0e6599244.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=29983821626950479540721375688557760872; Max-Age=15552000; Expires=Sat, 25 Mar 2023 19:09:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: FyEs5nnmSQc=
Content-Length: 0
Connection: keep-alive
consent.trustarc.com/notice?domain=hiltongdpr_test.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
143.204.55.80200 OK 4.2 kB URL HTTP/2 consent.trustarc.com/notice?domain=hiltongdpr_test.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
IP 143.204.55.80:0
File type ASCII text, with very long lines (2911)
Hash 7ae1527dfc3966267950ad51113b0304
7964e1d0c02bd60319425d83a83818368724f9f1
a1457ac385ade7333ae1fb95f33aca4d88f7e21cebe6196677ead6ef1fa7a3cc
GET /notice?domain=hiltongdpr_test.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 4182
date: Mon, 26 Sep 2022 19:09:04 GMT
server: nginx
content-encoding: gzip
expires: Mon, 26 Sep 2022 20:09:04 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k2uxWlhOo_XMy8oBlW3li3UeHluOL4VNvcBXKV--9538CsOEk8Hrzg==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434
3.248.125.227200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434
IP 3.248.125.227:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1664219342434 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.peeryhotel.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.peeryhotel.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.peeryhotel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-0b13e47e5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: RgVa3QYfQ4Q=
Content-Length: 124
Connection: keep-alive
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/d135da66383e/RCe267924711084c2ea517049a0a0b2543-source.min.js
23.38.200.237200 OK 786 B URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/d135da66383e/RCe267924711084c2ea517049a0a0b2543-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (1191)
Hash d57491e9b896f693ea5598146459a554
34840005a8a2bae9494c46c853e8dae1d6e6021a
31bf8530595cc04acac69537ce01ed87afa7ad5001560f591172b9684cb081a0
GET /5e68f1ab8856/6f5249f15557/d135da66383e/RCe267924711084c2ea517049a0a0b2543-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a75349ffe516c182ef614cf5c7751cfe:1663949982.432729"
last-modified: Fri, 23 Sep 2022 16:19:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 26 Sep 2022 20:09:04 GMT
date: Mon, 26 Sep 2022 19:09:04 GMT
content-length: 786
access-control-allow-origin: https://www.peeryhotel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
consent.trustarc.com/log?domain=hiltongdpr_test.com&country=no&state=&behavior=expressed&c=9615
143.204.55.80200 OK 43 B URL HTTP/2 consent.trustarc.com/log?domain=hiltongdpr_test.com&country=no&state=&behavior=expressed&c=9615
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /log?domain=hiltongdpr_test.com&country=no&state=&behavior=expressed&c=9615 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Mon, 26 Sep 2022 19:09:04 GMT
server: nginx
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xKvXDhEZl5013EgJ8mkwCeJGs_1SiuUM3gG27XhKdHRi8Kv6tTw0Gg==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/elementor/css/post-117.css?ver=1661211536
35.199.146.174200 OK 30 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/elementor/css/post-117.css?ver=1661211536
IP 35.199.146.174:0
File type Unicode text, UTF-8 text, with very long lines (41423), with CRLF, LF line terminators
Hash 7286bdd66836617c98308335dc781e92
2db32de2032424448f08e0db3b7dc9e51f9d9258
b01638429b39de2f5faa742b99c774aa0b03541a4e5c2e13cf28584a1e5f8757
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-117.css?ver=1661211536 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 22 Aug 2022 23:38:56 GMT
etag: W/"63041390-dbb8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/loading.gif
143.204.55.116200 OK 2.6 kB URL HTTP/2 consent-pref.trustarc.com/images/loading.gif
IP 143.204.55.116:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /images/loading.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2608
server: nginx
accept-ranges: bytes
last-modified: Mon, 25 Jul 2022 08:11:42 GMT
date: Mon, 26 Sep 2022 08:14:13 GMT
etag: W/"2608-1658736702000"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cv63kV11Ko3P03ZMAslA17HZ3KUhIqCmLQP9HFjVi7u1qSmrI1lMWg==
age: 39291
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/masterslider/includes/modules/elementor/assets/js/elementor-widgets.js?ver=3.2.14
35.199.146.174200 OK 835 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/masterslider/includes/modules/elementor/assets/js/elementor-widgets.js?ver=3.2.14
IP 35.199.146.174:0
Hash c2851a23d5766bc558ded0c30b7acf60
20b5748e770f79bff34dfbf9369642b210bd65ec
830f6696d17790fbc3b43a65752affcf5d1ac6040a176d5180b456460fa9c3ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/masterslider/includes/modules/elementor/assets/js/elementor-widgets.js?ver=3.2.14 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:27 GMT
etag: W/"5d8020b3-2c7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
35.199.146.174200 OK 1.9 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 35.199.146.174:0
File type ASCII text, with very long lines (5477)
Hash 4d0d8cbb5945ee32813a498b60cb75c2
2c2b669963f2b6858724d209611184d20d635538
319d5dc9ce3a5bb958e332bfe989cf7076732205a5bbf1e111fd5cdaba86a27e
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: W/"5ee520a7-15fd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
143.204.55.27200 OK 44 kB URL HTTP/2 4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
IP 143.204.55.27:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f3ad04d5664f735aa24d7e0edaba9bc
58a49ac7174c8b5f35bd0f2cecf7b30ec97c72b4
512fe246d8ed4c1057ea82d74ac3bdf05477f9b6bee648f10714f5b8c2565a49
GET /sn/4dc2aa82bc5e/script.js HTTP/1.1
Host: 4dc2aa82bc5e.cdn4.forter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 21 Aug 2022 14:29:57 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
last-modified: Sun, 21 Aug 2022 14:29:57 GMT
expires: Sun, 21 Aug 2022 14:34:57 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/16022430179
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RO-bioh-nUJCiRx2PtTH8I1R83DaJC6WqAz4gM0VvLbhbmHvHUftXA==
age: 3127147
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=2.9.2
35.199.146.174200 OK 13 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=2.9.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (56994)
Hash e3ab5dc5ece305a7926f2ccbc4c7f588
ee5355a0b7fea7f9abbc20cf4f510d2238d153b3
79233204bf0ee1772d08ef4a96fb80f57ca9918f1cde04d8f9d2b679a0ad7298
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-df5c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/masonry.min.js?ver=4.2.2
35.199.146.174200 OK 8.4 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (23966)
Hash c0b7ad649001deef444aa84f4facf3a8
05c5286a08439f70428879c106b44e2cd084ca89
91528aa886e10f3ca9a73115cb2bf6f19552b733b296eee05996b3a392ac3c27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: W/"5ee520a7-5e4a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/custom.js?ver=6.0.2
35.199.146.174200 OK 1.1 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/custom.js?ver=6.0.2
IP 35.199.146.174:0
Hash 95807d0f9a7f1c53a9c93d76ed0b7d8b
0451bd001225b517cfdc1c3b86489ce6888bbe8c
a614b0e28be171219b0062d0a6dd5513151a1358e36b39c66c7615c23782b6bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/js/custom.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 17 Dec 2019 20:03:53 GMT
etag: W/"5df934a9-443"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.3.0
35.199.146.174200 OK 1.1 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.3.0
IP 35.199.146.174:0
Hash 52e2cfe516dcc3ef4635ca2eb4b23f0c
60e3ffe7c361a055ae48a70c55883b44fa953ab7
dd8e5429409863a4fa704c490f2193b4184368049e756ef6dbc9a2790f4b5c3a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.3.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:22 GMT
etag: W/"5d8020ae-488"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash ac0cb76d0d1db94243b0423256eca5b4
389280efa9addcd3fb81ebb352cdb4f9cd8fe29c
28da94ff2ba236a431965cc6b16a9f7801ca05a93f152c34e6dfc590b09af5b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2291
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:04 GMT
Last-Modified: Mon, 26 Sep 2022 18:30:54 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 727
site.viewabl.com/api/js
35.192.171.18200 OK 2.1 kB IP 35.192.171.18:0
Hash 02548827fd5a4a660109193299081a42
1fa745171d5c4f3103ec9bd8b9abc0d44598b5e0
24d215894b44b0e031b555afddaa48cbb6a232e809ac89c49ce64cf437e9978c
GET /api/js HTTP/1.1
Host: site.viewabl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/plain;charset=UTF-8
Content-Length: 2058
Connection: keep-alive
Cache-Control: public
Date: Mon, 26 Sep 2022 19:09:04 GMT
Last-Modified: Mon, 15 Jul 2019 07:04:26 GMT
Content-Disposition: attachment; filename=api.js
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Accept, Authorization, X-Requested-With, Application
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkdodWR1dHdhS0hIR2o4ZktOVzh4Mnc9PSIsInZhbHVlIjoiOW1wNWUweHFmMFFJXC92ZDhkcmdLSDhSUDRHcFJPUjRGUUR4RWNhYk4rMmhSOXRpaXd2bStsbzdQZGNrT3oyZkoiLCJtYWMiOiI1MjczNzQzODU4YWRlYTJlYTBjN2MzMzM5M2M1MDFmOTQwMDlhNmNkNWNlNDVmODA0NDdjYzI2MjgyY2Y4OWI5In0%3D; expires=Mon, 26-Sep-2022 21:09:04 GMT; Max-Age=7200; path=/
viewabl_session=eyJpdiI6IkZIQW9MU2lVUE1PUnMwNkJ4Z0RJWFE9PSIsInZhbHVlIjoiV0xyc3ZiUjZCSjMybXQ4RndWWG1tTUFsVXcyTDJaa2RUd2MyRXY5UGQ4b1loOTN3QUNzUGdnMVZOQzZVUzVYWiIsIm1hYyI6ImVlNTIzMjU3M2U4YzRjZTk3NTMyYzNjOTcxZTc0ZmEzYzllNmZlOTg1Y2U2YjZiMTcxY2JlZTI5NDkxYmJlNTkifQ%3D%3D; expires=Mon, 26-Sep-2022 21:09:04 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security: max-age=31536000; includeSubdomains
www.peeryhotel.com/wp-content/themes/phlox-pro/css/portfolio.css?ver=1.8.6
35.199.146.174200 OK 10 kB URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/portfolio.css?ver=1.8.6
IP 35.199.146.174:0
File type ASCII text, with very long lines (22560), with no line terminators
Hash 63afbaf8450b8f8cc845ed58abc25cd6
4fca1413bbdb3324d298c93bf052a2305729f212
db8089d2fe6afdbd37a775fde437966443863e8482f426fdc0e674dcb24a45b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/css/portfolio.css?ver=1.8.6 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 23:24:46 GMT
etag: W/"5d840e3e-5820"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
peeryhotel.wpengine.com/wp-content/uploads/Ribs.jpg
35.199.146.174301 Moved Permanently 162 B URL HTTP/2 peeryhotel.wpengine.com/wp-content/uploads/Ribs.jpg
IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/Ribs.jpg HTTP/1.1
Host: peeryhotel.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: text/html
content-length: 162
location: http://www.peeryhotel.com/wp-content/uploads/Ribs.jpg
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/css/other/third-party.css?ver=5.2.4
35.199.146.174200 OK 310 B URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/other/third-party.css?ver=5.2.4
IP 35.199.146.174:0
Hash 54fb4caad0e757930c034fb750433235
fceb33f3e348cc94677cf9f6599e03221a28c0f8
f58beada05d622c26396bed68dd01f500452ea046a0618ef89a3857ede65559c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/css/other/third-party.css?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-2ae"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.199.146.174200 OK 32 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.199.146.174:0
File type ASCII text, with very long lines (65447)
Hash 5fad67f2e1280eb9a10eb777002adcd1
b570ba12b22f252c9f78d47839eee62e5ce66105
b3da689054aa9722cd9e824cc7f269068363c988c21125438cd7f4827c77c65e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: W/"6048e0ac-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
35.199.146.174200 OK 17 kB URL HTTP/2 www.peeryhotel.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (43771)
Hash 3be144adea187a8c361b987fabbb171a
12db0ee2f4c79b9bbbd11ca0b46fc8c258e87dd4
55585fb13e96230085f251d8ba51a1574b35420ca180f2aa9069d0600b4d62a5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: W/"62c2d8bd-15b64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/main.css?ver=6.0.2
35.199.146.174200 OK 2.9 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/main.css?ver=6.0.2
IP 35.199.146.174:0
Hash 08c6887bec1bc00a022d4da642548412
b3d17091c5b05358ca79b2a86969d44926c1c233
bfb82574abf803c62566c248e0896abbdd37133cd892985facf0a5499671f5e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/css/main.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 19:49:44 GMT
etag: W/"5d83dbd8-1923"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ajax-loader.gif
35.199.146.174200 OK 4.2 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ajax-loader.gif
IP 35.199.146.174:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ajax-loader.gif HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=1.8
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595; AMCV_F0C120B3534685700A490D45%40AdobeOrg=1176715910%7CMCIDTS%7C19262%7CvVersion%7C5.4.0; forterToken=c2bf80ca0616438c9e253b5bc2e89941_1664219342465__UDF4_9ck; notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/gif
content-length: 4178
last-modified: Tue, 25 Feb 2020 19:44:27 GMT
etag: "5e55791b-1052"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.240
35.199.146.174200 OK 13 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.240
IP 35.199.146.174:0
File type ASCII text, with very long lines (55951), with CRLF line terminators
Hash 7d8918552442fabcae63e52c1d5854e8
6812b11c2c59d545c08168059e44fce48333572d
26a90334355f672e3f1b263027261314d9d99679a387a2eb2bb59a3e78500f33
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-db4c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0
35.199.146.174200 OK 12 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0
IP 35.199.146.174:0
File type ASCII text, with very long lines (55567)
Hash 2400381bcf40f0f31d637e335b32a82f
74bf8fd66df671a4e8a618d42bd33dae1e3d9e56
87ce02e688c54f83670dee617473b558f8eca6dbd1f76d1474e38eb32fd63667
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.12.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-d9c9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CPoppins%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CRaleway%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=9.3
142.250.74.10200 OK 2.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CPoppins%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CRaleway%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=9.3
IP 142.250.74.10:0
Hash 8601ca2d66cb5fc3e4fca6175830ec7a
f6aaeea040242df16d339509e7e2e6d8609f49ef
42833f08504ad5f9f1fde418029bce9c0871b1d478e777472ed973978667d47d
GET /css?family=Montserrat%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CPoppins%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CRaleway%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=9.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 19:09:02 GMT
date: Mon, 26 Sep 2022 19:09:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
peeryhotel.wpengine.com/wp-content/uploads/c2.jpg
35.199.146.174301 Moved Permanently 162 B URL HTTP/2 peeryhotel.wpengine.com/wp-content/uploads/c2.jpg
IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/c2.jpg HTTP/1.1
Host: peeryhotel.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: text/html
content-length: 162
location: http://www.peeryhotel.com/wp-content/uploads/c2.jpg
X-Firefox-Spdy: h2
peeryhotel.wpengine.com/wp-content/uploads/c.jpg
35.199.146.174301 Moved Permanently 162 B URL HTTP/2 peeryhotel.wpengine.com/wp-content/uploads/c.jpg
IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/c.jpg HTTP/1.1
Host: peeryhotel.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: text/html
content-length: 162
location: http://www.peeryhotel.com/wp-content/uploads/c.jpg
X-Firefox-Spdy: h2
peeryhotel.wpengine.com/wp-content/uploads/s1.jpg
35.199.146.174301 Moved Permanently 162 B URL HTTP/2 peeryhotel.wpengine.com/wp-content/uploads/s1.jpg
IP 35.199.146.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/s1.jpg HTTP/1.1
Host: peeryhotel.wpengine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: text/html
content-length: 162
location: http://www.peeryhotel.com/wp-content/uploads/s1.jpg
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/utils.min.js?ver=6.0.2
35.199.146.174200 OK 1.9 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/utils.min.js?ver=6.0.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (1831)
Hash 47c323d6c6438e2970262e43929083e1
aa54d2caead028078445df17ae620b49afbc6a46
63bbdc487661647ed2f6905c3005fd7417ef2f9b52fcbd0e1bc78e2cd4066c4e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/utils.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-74a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/Ribs.jpg
35.199.146.174200 OK 47 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/Ribs.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 6ff632405492c5e311d5736d7c536d43
0aafb1539dc86aa4f96050aba9b1dd87141bf4c8
da3efd4007acdfd20e4530123c9ddab2c9d714240eb13f52a9d5a8025e463502
GET /wp-content/uploads/Ribs.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 47262
last-modified: Mon, 06 Jan 2020 17:50:32 GMT
etag: "5e137368-b89e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/s4.jpg
35.199.146.174200 OK 64 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/s4.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 770x655, components 3\012- data
Hash 22ea15ee76fc579f318f1b936af8311f
bca5185add66475ebc5f79381c3868803693c223
7351780e6d1ac4bd9b04be5b59bafd069c8912b93421272c0e6ee4d6a39d7c84
GET /wp-content/uploads/s4.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 64126
last-modified: Thu, 14 Nov 2019 11:25:05 GMT
etag: "5dcd3991-fa7e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.8.4
35.199.146.174200 OK 2.1 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.8.4
IP 35.199.146.174:0
File type ASCII text, with very long lines (6595), with no line terminators
Hash 4ea7f3daa6e42f154e92d2c48536b108
d31c2fc9211288f3ac25b14a8e86a4b68c701ae6
529d95f5813be18ed512e1a918e0e8be07d72e5ed90a2b14bcf1d047ead1ac4f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.8.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 20:10:08 GMT
etag: W/"5e557f20-19c3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/s3.jpg
35.199.146.174200 OK 83 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/s3.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 770x655, components 3\012- data
Hash 8916b43a8f2099e6cd074fc9e207add4
dd592b63fd35d804aee1e41d9597a097164638cd
5e90d2a084d4cb5f57256c5cb1f2568c7a329e76e88944ce6c51d14f5e9b5fd1
GET /wp-content/uploads/s3.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 82637
last-modified: Thu, 14 Nov 2019 11:24:49 GMT
etag: "5dcd3981-142cd"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/s5.jpg
35.199.146.174200 OK 32 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/s5.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 3949c5ba919903052a3872e691e201e0
554e68de8fb45ea391e11f5712135d2e9963a5f9
1343e6c52e1cd5115a037996d28d13ee68f2a24b10143c8cfcb66379ea8b9866
GET /wp-content/uploads/s5.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 31966
last-modified: Mon, 06 Jan 2020 17:49:33 GMT
etag: "5e13732d-7cde"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/s2.jpg
35.199.146.174200 OK 26 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/s2.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 6acd44471402bc27081ea9106c34e011
d0639c875df6125dcb99e926fec795c61174de0e
0d211ccd9e5605a23959b9f46e510134f68bbc526757183e06562fe77cc46ac9
GET /wp-content/uploads/s2.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 26245
last-modified: Mon, 06 Jan 2020 17:49:44 GMT
etag: "5e137338-6685"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/c.jpg
35.199.146.174200 OK 30 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/c.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 3e023cae85aef3dbc625fa64c8bdb7b6
894641a60f518c8abb93bf84a924f7a12e10e483
0405062fea88d21f31a4c6ecda78c95bad8af007361559d38c0355ef100e42d1
GET /wp-content/uploads/c.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 30343
last-modified: Mon, 06 Jan 2020 17:50:02 GMT
etag: "5e13734a-7687"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/c2.jpg
35.199.146.174200 OK 34 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/c2.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 291f887d93834ed416cab4da9face82f
c566b6475048bf988f6814be0b6b97b8d0e84350
76963c31cf1f00bdc599ca1f51bed8bf2ea89ad3a5f583069658c43e9e1547f7
GET /wp-content/uploads/c2.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 34448
last-modified: Mon, 06 Jan 2020 17:50:23 GMT
etag: "5e13735f-8690"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/css/images/svg/symbols.svg
35.199.146.174200 OK 5.1 kB URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/images/svg/symbols.svg
IP 35.199.146.174:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1030)
Hash f880cab081c300f34ad409405c222535
f59206074fea9c02a198bcf6c76615b1af63b580
763105221b56c96a3554584778e8cd3bc353cdb54f23629a435573b6efba054b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/css/images/svg/symbols.svg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/themes/phlox-pro/css/main.css?ver=5.2.4
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595; AMCV_F0C120B3534685700A490D45%40AdobeOrg=1176715910%7CMCIDTS%7C19262%7CvVersion%7C5.4.0; forterToken=c2bf80ca0616438c9e253b5bc2e89941_1664219342465__UDF4_9ck; notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-8b8e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/s1.jpg
35.199.146.174200 OK 67 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/s1.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 770x655, components 3\012- data
Hash 35b4999da8bcd27eee7766cdb0410fec
7b0fafebc3fe49931f59052c18cb7ffc63fa54f5
9db32cc8c5cbdad04b73532297a97097a9808672f2eb172a0101c17b51039233
GET /wp-content/uploads/s1.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 67400
last-modified: Thu, 14 Nov 2019 11:24:10 GMT
etag: "5dcd395a-10748"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
35.199.146.174200 OK 5.1 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 35.199.146.174:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash e012c4462a10bf3dead6e2c09bf505f0
0ed68fc0507448b6594ebb64b5cd0f4291e16894
818a9766e02a9ca0227064ca52c33e5d6414e71c428ff2c04c49d8824bdb6978
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"5f735862-2bf8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/masterslider/custom.css?ver=1.2
35.199.146.174200 OK 893 B URL HTTP/2 www.peeryhotel.com/wp-content/uploads/masterslider/custom.css?ver=1.2
IP 35.199.146.174:0
Hash da2c0a7152b415b49dacb7583f49cb8c
7b88633155a91b2ba5e6c0a5357fdf078a7ddabe
cf91d8c8cf8c7c3ae6303df943cfaf0eab27b253f14085f7e29a0f10ec83aed6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/masterslider/custom.css?ver=1.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:56:05 GMT
etag: W/"5d802115-9ab"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/css/base.css?ver=5.2.4
35.199.146.174200 OK 20 kB URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/base.css?ver=5.2.4
IP 35.199.146.174:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash e3abed4a2f4ccf386c1c4cd1d86860ca
9764b0e8134924274eada421a3b8655599c0dc4c
d0517e82c24f8d42266889a4a5e370b2e5642f14941138240645276d84fbe154
GET /wp-content/themes/phlox-pro/css/base.css?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-284a5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/c1.jpg
35.199.146.174200 OK 31 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/c1.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 770x655, components 3\012- data
Hash 1cc57a5cc2593015190b4a730e98d71a
91c610315702a007874f0be81b19b9e4a026bb90
368390b48bbfdeaba4aab296e790407854ae40246a31550b9cafa1c29ad4dfd9
GET /wp-content/uploads/c1.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: notice_behavior=expressed,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:05 GMT
content-type: image/jpeg
content-length: 31037
last-modified: Mon, 06 Jan 2020 17:50:15 GMT
etag: "5e137357-793d"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=47549090035328143730293014875526887670&ts=1664219343913
3.248.125.227200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=47549090035328143730293014875526887670&ts=1664219343913
IP 3.248.125.227:0
File type JSON data\012- , ASCII text, with very long lines (5446), with no line terminators
Hash 57c897bf54c59c555ee4a367f6303ccc
df956671584ed6a881f60121c7da239602ebc709
0c756c644d1a0eabd6863f230442c5969189e0a18bd42774b89c3e175424a6f8
GET /id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=47549090035328143730293014875526887670&ts=1664219343913 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.peeryhotel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-0a7d2760b.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=47525502896670457380295083353752111545; Max-Age=15552000; Expires=Sat, 25 Mar 2023 19:09:05 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: yymdReFVSE8=
Content-Length: 1716
Connection: keep-alive
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.116200 OK 4.6 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.116:0
File type Unicode text, UTF-8 text, with very long lines (16700), with no line terminators
Hash 5011d39b4893ab944d3bc51958069119
b1b15180983a8bc0c41af711cd802909d7773bc2
b9819f27213e955cc8aadc4b88ba816cf3d6be03ea09e6b4b267252d119dc7ed
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: BD20927918984A4C65C7FF88FF25908E
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 251
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 4634
date: Mon, 26 Sep 2022 19:09:05 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JaWpsgsuvXrXdU_CKqkk3QdgB9o_CJBrdbSIr8p6yCtAksp28wQwLA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
smetric.hilton.com/b/ss/hiltonglobaldev/10/JS-2.21.0-LCUM/s45733898935060?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F8%2F2022%2019%3A9%3A4%201%200&d.&nsid=0&jsonv=1&.d&mid=47549090035328143730293014875526887670&aamlh=6&ce=UTF-8&pageName=Homepage&g=https%3A%2F%2Fwww.peeryhotel.com%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&products=%3BSLCPSUP&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SLCPSUP&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c8=peeryhotel&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&c15=R&c16=D%3Dv49&v17=D%3Dv18&c24=www.peeryhotel.com&v24=en&v25=Logged-out&v27=Homepage&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2022-9-26%2019%3A9%3A4&v59=hi&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fwww.peeryhotel.com%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
15.236.176.210200 OK 5.9 kB URL HTTP/2 smetric.hilton.com/b/ss/hiltonglobaldev/10/JS-2.21.0-LCUM/s45733898935060?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F8%2F2022%2019%3A9%3A4%201%200&d.&nsid=0&jsonv=1&.d&mid=47549090035328143730293014875526887670&aamlh=6&ce=UTF-8&pageName=Homepage&g=https%3A%2F%2Fwww.peeryhotel.com%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&products=%3BSLCPSUP&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SLCPSUP&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c8=peeryhotel&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&c15=R&c16=D%3Dv49&v17=D%3Dv18&c24=www.peeryhotel.com&v24=en&v25=Logged-out&v27=Homepage&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2022-9-26%2019%3A9%3A4&v59=hi&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fwww.peeryhotel.com%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type ASCII text, with very long lines (5902)
Hash 8a20c52a4850d242a8b1cf8f984a98f0
de6053b3ea0549cf01c5d8343b9117803564348f
9b3522e52d020a0c68540d37707a1758225d70aa8e9b505c509a15da1b244bd6
GET /b/ss/hiltonglobaldev/10/JS-2.21.0-LCUM/s45733898935060?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F8%2F2022%2019%3A9%3A4%201%200&d.&nsid=0&jsonv=1&.d&mid=47549090035328143730293014875526887670&aamlh=6&ce=UTF-8&pageName=Homepage&g=https%3A%2F%2Fwww.peeryhotel.com%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&products=%3BSLCPSUP&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SLCPSUP&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c8=peeryhotel&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&c15=R&c16=D%3Dv49&v17=D%3Dv18&c24=www.peeryhotel.com&v24=en&v25=Logged-out&v27=Homepage&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2022-9-26%2019%3A9%3A4&v59=hi&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fwww.peeryhotel.com%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C47549090035328143730293014875526887670; s_ecid=MCMID%7C47549090035328143730293014875526887670
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Mon, 26 Sep 2022 19:09:05 GMT
expires: Sun, 25 Sep 2022 19:09:05 GMT
last-modified: Tue, 27 Sep 2022 19:09:05 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C47549090035328143730293014875526887670; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Wed, 25 Sep 2024 19:09:09 GMT; SameSite=None; Secure
etag: 3573883831504109568-4619863737181131184
vary: *
dcs: dcs-prod-irl1-1-v043-0800e3d85.edge-irl1.demdex.com 7 ms
x-aam-tid: lCqnkTF5RZw=
content-type: application/x-javascript;charset=utf-8
content-length: 5903
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
consent.trustarc.com/get?name=Powered-By-TrustArc.png
143.204.55.80200 OK 2.6 kB URL HTTP/2 consent.trustarc.com/get?name=Powered-By-TrustArc.png
IP 143.204.55.80:0
File type PNG image data, 94 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d608a9a7baa821f03e83350569975d9
793e7171ac7cd78e2970b887f0264696f94dac06
407d40651225e9ce7c887f32e1d10213df4aba24a4fc4ffbee407d26573eab89
GET /get?name=Powered-By-TrustArc.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2639
date: Mon, 26 Sep 2022 18:56:43 GMT
server: nginx
pragma: public
expires: Wed, 26 Oct 2022 18:56:43 GMT
cache-control: max-age=2592000
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YaTf6KbKZeyzBA8JsC_Z2zvukevpDamgux-dWK8tEEYN_2OebvEHog==
age: 742
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=6.0.2
35.199.146.174200 OK 35 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=6.0.2
IP 35.199.146.174:0
Hash ca2cb9b1549d1ffee5c084653ce89973
c9ee178ad51d495cbd5585d5edd71e9db0c9297a
bf0b7ba5c0a039799e6b203ae38fd66306a384e9232dd052c1187e8796cb962c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
last-modified: Mon, 24 Feb 2020 19:11:51 GMT
etag: W/"5e541ff7-6d"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
hilton.demdex.net/dest5.html?d_nsid=0
34.249.106.217200 OK 2.8 kB URL HTTP/1.1 hilton.demdex.net/dest5.html?d_nsid=0
IP 34.249.106.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: hilton.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 26 Sep 2022 19:09:06 GMT
DCS: dcs-prod-irl1-1-v043-00bf07c32.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 26 Sep 2022 13:41:04 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: aXO2SElsSf8=
Content-Length: 2791
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j97&a=811148416&t=pageview&_s=1&dl=https%3A%2F%2Fwww.peeryhotel.com%2F&ul=en-us&de=UTF-8&dt=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1694728065&gjid=1972741817&cid=1366538413.1664219344&tid=UA-83016037-1&_gid=476941531.1664219344&_r=1>m=2ou9l0&z=1058420944
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=811148416&t=pageview&_s=1&dl=https%3A%2F%2Fwww.peeryhotel.com%2F&ul=en-us&de=UTF-8&dt=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1694728065&gjid=1972741817&cid=1366538413.1664219344&tid=UA-83016037-1&_gid=476941531.1664219344&_r=1>m=2ou9l0&z=1058420944
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=811148416&t=pageview&_s=1&dl=https%3A%2F%2Fwww.peeryhotel.com%2F&ul=en-us&de=UTF-8&dt=The%20Historic%20Landmark%20Peery%20Hotel%20%7C%20Downtown%20Salt%20Lake%20City%2C%20Utah&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1694728065&gjid=1972741817&cid=1366538413.1664219344&tid=UA-83016037-1&_gid=476941531.1664219344&_r=1>m=2ou9l0&z=1058420944 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.peeryhotel.com
date: Mon, 26 Sep 2022 19:09:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/colorpicker.css?ver=4.9.240
35.199.146.174200 OK 4.4 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/colorpicker.css?ver=4.9.240
IP 35.199.146.174:0
File type ASCII text, with very long lines (1338), with CRLF line terminators
Hash aaeb61a7b8bea2e757a6bde412dff71f
07b94385f1e0085eb7048a1b4415354ddf3ca420
62459a8066e860b9f926f0a40663e46b8c9841d0a3f0543f73b33c3b748fda93
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/frontend/colorpicker.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-3c44"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.iframe-transport.js?ver=4.9.240
35.199.146.174200 OK 19 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.iframe-transport.js?ver=4.9.240
IP 35.199.146.174:0
File type ASCII text, with CRLF line terminators
Hash 3f68a20b2c760a3bc6cb43a15cbadd41
acc3d3bf9a8f92d14cd3d380ee0e2d6d3d2854da
facb9cd6c18ca494171475ab0961e9942ec0228d40b7292b794f3f61b4821894
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.iframe-transport.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-2aa4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/responsive.css?ver=6.0.2
35.199.146.174200 OK 4.0 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/responsive.css?ver=6.0.2
IP 35.199.146.174:0
Hash 258f58f78cf4b1d4ac71b38f69a29a00
e5063e3ae441d3858a3e0ebe8151f99e06a6414d
56dda80dfdf515e77db2b8c5329bea887f30fa74a0d877ec20b0c5227a86a6d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/css/responsive.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2019 16:34:37 GMT
etag: W/"5d88f41d-8cb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ad1c07ee55773b49304b8af2727fa28f
a00d06cf00b535b306fb89e7b0e4cb16935cd399
4a3ede623795e424d468ed86d920fcc65891999eee13907ee8202826f3be1858
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 19:09:06 GMT
Last-Modified: Mon, 26 Sep 2022 19:00:51 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ti0UEwgQfXP6jvqq1_3FidmlAdAN8dPfIdlPaBTg1MpdC-0C2PYuyA==
Age: 495
cm.everesttech.net/cm/dd?d_uuid=47525502896670457380295083353752111545
52.215.56.149302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=47525502896670457380295083353752111545
IP 52.215.56.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=47525502896670457380295083353752111545 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Mon, 26 Sep 2022 19:09:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzH40gAAAJHgpwOJ; Domain=.everesttech.net; Expires=Tue, 26-Sep-2023 19:09:06 GMT; Path=/
everest_session_v2=YzH40gAAAJHgqAOJ; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
Server: AMO-cookiemap/1.1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6008
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Last-Modified: Mon, 26 Sep 2022 17:28:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Mon, 26 Sep 2022 19:09:06 GMT
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2
143.204.55.49301 Moved Permanently 2.0 kB IP 143.204.55.49:0
File type gzip compressed data, from Unix\012- data
Hash 69c38f0d7c58f381447a885e3b35b7f4
2514f021bdc90e9dfd1c6358b7bc50de51625aed
7136d08e0eb12e29ae7f090d003e7e6779dfef094f232cb10642a3fbacafbdaa
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: eyJyIjowLjIzMTI1MTk2MTU1MTY0MjQsInUiOiJjMmJmODBjYTA2MTY0MzhjOWUyNTNiNWJjMmU4OTk0MSIsInMiOiI0ZGMyYWE4MmJjNWUifQ==
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/2dbd08cd344a7f2a3d22b31c18ad0eecf9e69c0e2dda4337ebe43457b6cdc615ac7f4bc8671556eedaf44cd0a677
date: Mon, 26 Sep 2022 19:09:05 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HeiDpr9_KYFa7GhTPK4EAVWKa70O1d9pA-nfK5g2OirTOk8kjnZfzA==
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/cropped-PRH-Favicon_New-32x32.png
35.199.146.174200 OK 2.2 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/cropped-PRH-Favicon_New-32x32.png
IP 35.199.146.174:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 476d451086e4787014454f3e8ec560b2
dc119b1117367c04fa460dbabe20f41a0884592f
a3f6543666aa4b9b8cf395f151de5258f1ee8fe857f3d9ec8bcad901d47a4429
GET /wp-content/uploads/cropped-PRH-Favicon_New-32x32.png HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595; AMCV_F0C120B3534685700A490D45%40AdobeOrg=1176715910%7CMCIDTS%7C19262%7CMCMID%7C47549090035328143730293014875526887670%7CMCAID%7CNONE%7CMCOPTOUT-1664226544s%7CNONE%7CMCAAMLH-1664824144%7C6%7CMCAAMB-1664824144%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.4.0; forterToken=c2bf80ca0616438c9e253b5bc2e89941_1664219342465__UDF43_9ck; notice_behavior=expressed,eu; ftr_ncd=6; ftr_blst_1h=1664219343607; AMCVS_F0C120B3534685700A490D45%40AdobeOrg=1; gpv_v9=Homepage; s_cc=true; TMS=web%3D17836316%2Cweb%3D14342019%2CWeb-app%3D19485237%2Cweb-app%3D15300019%2Cweb-app%3D21881915%2Cweb-app%3D24568600; aam_uuid=47525502896670457380295083353752111545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:06 GMT
content-type: image/png
content-length: 2237
last-modified: Wed, 18 Dec 2019 19:32:43 GMT
etag: "5dfa7edb-8bd"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
142.250.74.34302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 19:09:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=14089747
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 26-Sep-2022 19:24:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.240
35.199.146.174200 OK 22 kB URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.240
IP 35.199.146.174:0
File type ASCII text, with very long lines (536), with CRLF line terminators
Hash 735b88576e9094a5e4965bc04a31b077
e75799d9773a9e9cb4a9c8b784ad0143b7fb6ada
1fd56023154549d638d272587304f1b0ee0a2b9ddb5d06e762c688c237209a58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-2a77a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Last-Modified: Mon, 26 Sep 2022 18:01:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3296
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Last-Modified: Mon, 26 Sep 2022 18:14:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1696d83624fd9a9994ba9df39e7bb1d2
283084d7a090c5f9af1edd54bc0fff749c41c8e2
02064041ec8fc1a204871f925327d4aa41a24870883c61484d7bd408427d30da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4208
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Last-Modified: Mon, 26 Sep 2022 17:58:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=14089747&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=14089747&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=14089747&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hilton.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 19:09:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
35.199.146.174200 OK 1.6 kB URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 35.199.146.174:0
File type ASCII text, with very long lines (3233)
Hash eb097e992047a930abc790614a2cfa7b
82073ca399263d5b927ddc39f3e0ac0873479350
ed1c0c275ce70e6d4fb6ad231015d5707f13f4d5b7b910ebb182132c5e1c2e7c
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-d53"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.720.720a/s320x320/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=f451a6f92e077c285eb437d10c0aed57&oe=5F157C2B
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/c180.0.720.720a/s320x320/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=f451a6f92e077c285eb437d10c0aed57&oe=5F157C2B
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e15/c180.0.720.720a/s320x320/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=f451a6f92e077c285eb437d10c0aed57&oe=5F157C2B HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcJXvFmBF2amZ1ZAPCw4KgHpsiG56-GLoy3R_OXMHem5lhCjGsAZ1k2uiaYU1Yr4C-fkusHaAJNffCh5"; e_fb_vipaddr="AcKp_K9nwB2ZISwbTHWPsNf6giXfzWd7beu1JJg5zEBgG3n3ziP2Qo70I4MQynxw24pJ0GE"; e_fb_builduser="AcLqcgDIjtBfaUhDKuOYiy9aEhmXInxb9S-lxXG3W07n9NvR_PYtEuMZbr5asUxLlXA"; e_fb_binaryversion="AcJnQB25F9KGn0EQ1F9OEr2As9Wu6bqqz-J6oxqTip9Go1PaVbSP8Ks2HRTCBpLyp7iZaPf8fWMFPKbHLkxRsgpsLGDbBnfy2-0"; e_proxy="AcKyR1JpMVx2Sdt6q_KR4_OOiHdb_QGblHXrmWNjZs7vkI_ky4sKiNa49FzJAZ5FT_78PSoGLkCP3BE"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/s320x320/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=cfd251c1b2e094f9daee9c33c0ee5a8c&oe=5F153EED
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/s320x320/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=cfd251c1b2e094f9daee9c33c0ee5a8c&oe=5F153EED
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e35/s320x320/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=cfd251c1b2e094f9daee9c33c0ee5a8c&oe=5F153EED HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcIRpbRKOrAjhjo52cxwzhGj75aaABLoJNymTugqspVYw-MjYypY2I78ibawQtK3E8w0MKH-xkfO_AeW"; e_fb_vipaddr="AcKgd4i5v0CF_c2_N99lsQ6iYxnELwdNLlQFqNq2RFEhUoV262s349nENGTe8vguJN9CHgw"; e_fb_builduser="AcIESSKbb7uJlogjNwyqe1IWJ0cxNe17UCg8vg-I6bHsuI8YPHX951XcMkMiZY4gB1o"; e_fb_binaryversion="AcLEqN-7rGbWC2q83RdGcI_qNBT5Wfaz5jrzz3MrIUS4DJznV7QfnZEXvPxgp3rm50QS-coUSo9DI0DufbQSEk_X8VozyuCDVvU"; e_proxy="AcKQbXnJsAgPWwXxedf3RRTxUzH7BF0AS1FJEqjxQuO7k_jRi3hvnwhPsniLZMcjC1B2ZJodrvZdGkk"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f307.svg
192.0.77.48200 OK 1.1 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f307.svg
IP 192.0.77.48:0
Hash 0bde4beab524be63f68e4fe8546b02fb
7004083c11ec3234d525510368f87515befea7bf
c1c0f3ad2683744afa8883ab47e1792199fa1576dd6bdfbdc25b54664b4fc0ec
GET /images/core/emoji/14.0.0/svg/1f307.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/s320x320/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=de4db8684d4771c747dc4d13c3452cba&oe=5F14BEAE
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/s320x320/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=de4db8684d4771c747dc4d13c3452cba&oe=5F14BEAE
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e15/s320x320/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=de4db8684d4771c747dc4d13c3452cba&oe=5F14BEAE HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcL2RscJyh8PuOwk-lbXVgJaIg1O_j-YOfYephEnQq58gpYiYAGhTOmhS5fWVXmeHME6-J5XYtzgTLVU"; e_fb_vipaddr="AcK95ALdiBIxS-7ftJpH8MvNmzfkG3TiRSSJHJ7XfV8faUSuPG-5SJtl-a-_6WOKqCasSZA"; e_fb_builduser="AcKTaaKLbzKuicel-gZaJgvt4ly8m6y2rUUJxZLVsozJk7ZSQPAxOvwsIJAIF6KSUf4"; e_fb_binaryversion="AcLZIzOokMJYjq6YZQ5h40xQX3scCrssnpwXL-3w7wj6okIJ7k9J1a0ybVheEc47kJYQYPaaXCbUZc43brVlef7_KpfCSudzxc0"; e_proxy="AcIp_s9qSHpx6cOnqcz4rezzhME2ho_JOJO2eMjb-2R45e_0MsgzdPbPMH4U-3Wv7qJPHvj7DZz1TYM"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/s320x320/93679479_688224291952044_8284225208905014929_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=UMV2ByG0PSoAX-Qc5s9&oh=f81f020d9ee6e7a0e304dac03e124770&oe=5F122DF9
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/s320x320/93679479_688224291952044_8284225208905014929_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=UMV2ByG0PSoAX-Qc5s9&oh=f81f020d9ee6e7a0e304dac03e124770&oe=5F122DF9
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e35/s320x320/93679479_688224291952044_8284225208905014929_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=UMV2ByG0PSoAX-Qc5s9&oh=f81f020d9ee6e7a0e304dac03e124770&oe=5F122DF9 HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcJM-rYpEVmI4o8a04Wxw0Z1UG-EsiBjvW-XOqPOSJNFQ6BGIyLAPxTXykYjXG3WoZkg8uiep2DFU-D8"; e_fb_vipaddr="AcIlbhGQrUl2canZJDNHr0Wiz3BLQUcQ4CXpZG5FPVoB0l1SnajkUBcHF9DtLGGaMH3zmlg"; e_fb_builduser="AcJP1HH64ZLQQViLYgXA_MZ4CEHGSBa0chVNTmTLnPW6i1bH62CGYFNtcngM0089NFQ"; e_fb_binaryversion="AcKwM2C6Z-8gSYWZFD6O_TJg5vPGp9h99swOMbRTVkJwCHTGqEIgP9dpy8dALNwuq89t6mbNvOVgTAdZN1WZxkNLWwuP4r-ywLA"; e_proxy="AcLTplMWwMXVDBzb5yXfP_kwuc-YnH99SJl5mpdeKhLO7duZeD77F161NUUo-2bQZRWnmD0Yn4ramJk"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
143.204.55.80200 OK 7.3 kB URL HTTP/2 consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
IP 143.204.55.80:0
File type PNG image data, 250 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash dbc4b43931159b7030d2af90eb66551f
503e74b93a7bb48d4e6b067762bead98891a91cc
d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5
GET /get?name=HiltonLogo_Black_HR250.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7323
date: Mon, 26 Sep 2022 18:28:32 GMT
server: nginx
pragma: public
expires: Wed, 26 Oct 2022 18:28:32 GMT
cache-control: max-age=2592000
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O-6Fnvbqe178Gh8DTc09cyIvi54PnLVS4JedGI14Hj0G-bYOTi5Yxw==
age: 2434
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent.trustarc.com/get?name=TrustArc_150.png
143.204.55.80200 OK 5.2 kB URL HTTP/2 consent.trustarc.com/get?name=TrustArc_150.png
IP 143.204.55.80:0
File type PNG image data, 150 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 90705ec7315c703582ec815467adeb64
e35447ea051f33249c012efcd57402bf496234a6
3bc343d7069637ca735ac9e3be0676594545aedffbd81524c880bc9753ee2ee0
GET /get?name=TrustArc_150.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5215
date: Mon, 26 Sep 2022 19:08:33 GMT
server: nginx
pragma: public
expires: Wed, 26 Oct 2022 19:08:33 GMT
cache-control: max-age=2592000
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x3WGcFzTgmUVbvLuuXgy63RzqYBN9ne7xZXlOn3Um89F4E76kS3OEQ==
age: 33
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.116200 OK 734 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.116:0
File type ASCII text, with very long lines (2318), with no line terminators
Hash aac0ced58c913c44381c05f6cad12cb6
15491299fa05576c65a01b7f4087bb8e5565c209
8c490cf4aa7b6b1958416f73dbd781973bc61a198c86cdfb42351d74aa4f959f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: BD20927918984A4C65C7FF88FF25908E
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 290
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 734
date: Mon, 26 Sep 2022 19:09:06 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HWkUWtMTzyI3HZlkiwa9VKQps_oqBO-mnzD_kSWh5_1S6pBySnb7YA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/c181.0.717.717a/s320x320/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fce28a59b6c5dfa539c13a377a95d127&oe=5F12486D
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e15/c181.0.717.717a/s320x320/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fce28a59b6c5dfa539c13a377a95d127&oe=5F12486D
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e15/c181.0.717.717a/s320x320/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fce28a59b6c5dfa539c13a377a95d127&oe=5F12486D HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcJI2BFhN4WbDrtUftdjafzEeYUcqjTYnFrMx8xvAGqsyDQy1gFirAsmTn_InOu41frCeHXtxy2-2FaZ"; e_fb_vipaddr="AcKDd8l2hG5-2w5Yc6Tz7PQMm0UQaaWJ7iLChtJ8tsqf6wYJ4wJbzMq0fSyZYUsdjX5j7X0"; e_fb_builduser="AcLDeb7t3-w94g1rfQs5McF2nBmUWMQSRho07Hkp_Zn_psTmJvPPUv_ca8JBE0eBXqM"; e_fb_binaryversion="AcLGtE6uZMht7guNlSjwHXxrnhZWDnfGKOKYWXq2etNU-0AlTWJbJpSLmj-_OL3zvlc0hgOMcHRcMLCD649iTkOkcVJSbpu_Xjw"; e_proxy="AcJ95Q0vr3aWo0BE0mIb_DBuZY_8Gy-okQ6Akj_TW2D7a66OVLlUbD6YfHqgonVJKDWI6N_ZYzjls6g"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=af5790935be5067d8588518013fc5ca7&oe=5F14391F
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=af5790935be5067d8588518013fc5ca7&oe=5F14391F
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/fr/e15/s1080x1080/96376452_1152051661808788_1708729488744630769_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=104&_nc_ohc=4YdVfj27SxoAX9KBGAq&oh=af5790935be5067d8588518013fc5ca7&oe=5F14391F HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKWZpSKCOKmClFJDrWafsiFWiTygsXiXX2IOdAqmDMjy7Lucey9YJAcSPnPsKIiA1P-m_LOu8od8MV5"; e_fb_vipaddr="AcIwFdj5FMHURriThGkUnQE71U1MHJgR_I9lMkT5ikCFP1zPObJ9-cmiJXL2RCj6bKu1jqc"; e_fb_builduser="AcKC8fVW26Sp3E760GhVkpHI6rWYooURXRGZiSaTVBldu1n5rXfCkzUjU5atvoKK1uc"; e_fb_binaryversion="AcLMJqdzOuvDMHpVT13GsLtv3WFmJUepCWIH0dqNckr9pET6RYyjVI1oSPWZwBLd_c75oJ9BRjXRn0_1E1OhegAicJ03pvJ3GPM"; e_proxy="AcIex4Xel8b7qd2AqPaUl04I8yqjx76n0j5WFclTPdx8xvG01cWI_UYC8o8r62Sa1_oQTwRXF5vfdeY"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/css/dashicons.min.css?ver=6.0.2
35.199.146.174200 OK 36 kB URL HTTP/2 www.peeryhotel.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 35.199.146.174:0
File type ASCII text, with very long lines (58981)
Hash 715030f0eaf6fd15b3ed99fa78f7f6d4
32e2f1f8b065165b1c4fff24542c487a53f55a5b
5706ccd46658542812e4b8c091cb50ba2cf79ce32394a6be56d087252249ce03
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: W/"603ffca6-e688"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/loader.gif
143.204.55.116200 OK 1.7 kB URL HTTP/2 consent-pref.trustarc.com/images/loader.gif
IP 143.204.55.116:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash e059607cc5e3ff4a629d51ae66b995ff
8608a5a355aa2906eed6cbc9524686301d2f670f
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
GET /images/loader.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Cookie: token_test=Mon Sep 26 2022 19:09:04 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1737
date: Mon, 26 Sep 2022 08:14:16 GMT
server: nginx
accept-ranges: bytes
etag: W/"1737-1658736702000"
last-modified: Mon, 25 Jul 2022 08:11:42 GMT
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6v9Mr5PJeBvefzW9QZ1IlkONYtAp1b8fLBGlu8mdR4M0SFyVFB4VsA==
age: 39290
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.116200 OK 8.2 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.116:0
File type Unicode text, UTF-8 text, with very long lines (37061), with no line terminators
Hash 90c670f30ae7e235e5ad0202d65bee6a
31d5895fad61176be0dd58f9e46dca9d21a67962
df0974a39afadf7b22165ae3f5701f74e97478c255d18ca48e0aa9d0cde68c31
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: BD20927918984A4C65C7FF88FF25908E
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 399
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Cookie: token_test=Mon Sep 26 2022 19:09:04 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 8181
date: Mon, 26 Sep 2022 19:09:06 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w8z9YrCFIhW-QMqjVGV-MLsfYIUrlHlBGGY85tBjT-iubth0D63AdQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=2dea37eb73a5191f0fb425c45ce1950e&oe=5F14DEAC
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=2dea37eb73a5191f0fb425c45ce1950e&oe=5F14DEAC
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e35/95469096_3330902220272604_4622995875129282063_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=KqmC0Q3HVqgAX_v0Xxa&oh=2dea37eb73a5191f0fb425c45ce1950e&oe=5F14DEAC HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKZmkczF4wY4FU2Gob0zY0tg_QhOJwt9ND0TQSJKGMPdyVYH6R1irtIuTel1XnEb4nilB0xAVY_2m-w"; e_fb_vipaddr="AcIKdOkvn2PVXLgIWtyNWZK2VOc1haUc-uccGlY0ifiRw7Qqaq5bu5Ugv5I7iWA1p1HSQ-g"; e_fb_builduser="AcI0m9QZ-dJc7Upz7cW7FZRTXMSxGf-qm86o43YAJ_Q0HWekeWb68P39DWMgjFhLS0s"; e_fb_binaryversion="AcK3v0Yvq-XfOHH-nimGuh8Ds6EXAAiERbJlMEKY2tmHScabnC9G4vE4OVXJIUPQcO1wxhFV-JdHkEBa8Kv69I-U3-43P4Osr_w"; e_proxy="AcJCIYnAAboBQJYf0g33_KwenloVrVT04DKe9adxU6fZO6YCjglNnOvotmwA0SPUyi05f0-fMfoA_xo"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/94977933_2603658776558758_7466483501427586822_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=110&_nc_ohc=fSryAby7VscAX8574td&oh=174a7dc2d0af371085d45ffa49042ba5&oe=5F1335B6
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/e35/94977933_2603658776558758_7466483501427586822_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=110&_nc_ohc=fSryAby7VscAX8574td&oh=174a7dc2d0af371085d45ffa49042ba5&oe=5F1335B6
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/e35/94977933_2603658776558758_7466483501427586822_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=110&_nc_ohc=fSryAby7VscAX8574td&oh=174a7dc2d0af371085d45ffa49042ba5&oe=5F1335B6 HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKSyCIWL_VXDvTaI_WkSGAlJKQCWejjALOHfBEWrLaYikhXte7mHk_xamYjtf4lQZWVbcTG3lQvlhHU"; e_fb_vipaddr="AcLEOmu6ZUSRnoJwCXC4Ndxp5tETL06ccoMAD1eT583B96BMz74HLe9Yr6vVWRUdms4ZTP8"; e_fb_builduser="AcL3fC_nyf5_mRAfzNyOXuxWR8OS4lv9hEnFKCP3p3xAjTFcjTpkbLaeO8IdQe3Mu8E"; e_fb_binaryversion="AcL44KqQwESvaWLNiEuprHgl_3mln6Mlj3xTC16P28hWJZ9GrhAFkcMsbeMGckuGGmMEuMDSaNZTdohsKqtab7ea9vCFwWCS2uU"; e_proxy="AcINfWVE_lEGqKVsffV1zwrnIryxf0ENMIfU8HcVSh979nF4U92q9JTl7fxIQiuYRmMZcEJqI4ft9_4"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=56c1fa416e90eaec5f592ee9c417901b&oe=5F136D62
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=56c1fa416e90eaec5f592ee9c417901b&oe=5F136D62
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/fr/e15/s1080x1080/94224933_3091623764496098_289537551479503732_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=eV98tjzKsbMAX85TQUh&oh=56c1fa416e90eaec5f592ee9c417901b&oe=5F136D62 HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcLUiQwDMLGCMhe6It8TBMvYNeYEXsAhfWFb8G2yREziHOhavAEpMG9uDDMAm2DExs0kyUSt5L3PioGB"; e_fb_vipaddr="AcJ82cOovSGF-MBFEWDA1MZ-1PyHM9EChTNEy_HHC0sv2K7I4U-yAXBUi0RWppd15bZwESI"; e_fb_builduser="AcKRRX73QTHKNJZxv-2bX25JiAtNG6upCh9WRSG0YqOqHlZcR2GA_Wy9NDXcRexj_nw"; e_fb_binaryversion="AcLeYdXopA0YE5RBFERsivdp7b1ydNpBX5ETdCdZpeYZ9f2VRzVEb767kRCYIJS3zygXsiIVmcQ6kqtQvX4FfAkNMR9x5witor4"; e_proxy="AcLtxyMZzqmC1Hix7NWwhyw4IGeNpkKYLZ8tK8CdLSneca9JEngPdyxTQX3mN-5D4a9AjKm2gwGEdmg"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
consent-pref.trustarc.com/cookie_inneriframe.html
143.204.55.116200 OK 887 B URL HTTP/2 consent-pref.trustarc.com/cookie_inneriframe.html
IP 143.204.55.116:0
Hash 2e35ea18ecb73861ee3391b013d7e825
17881e0ccc01e6ca8701530b8cb37529680226e4
a3b1232cb0c8c48f22b429b1067fecfecefd402a5529314cc5fd72905c6ac584
GET /cookie_inneriframe.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://prefmgr-cookie.truste-svc.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 09:45:07 GMT
server: nginx
etag: W/"2008-1658736702000"
last-modified: Mon, 25 Jul 2022 08:11:42 GMT
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uNgreLmD-OQMk-6jmRKdsMmX-z_rwMMEb_-Nm8THV472t6YgDaPELA==
age: 33839
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fa27ad9f2099ad8db2d63dfca694709b&oe=5F13BD12
31.13.65.52403 Forbidden 21 B URL HTTP/2 scontent-atl3-1.cdninstagram.com/v/t51.2885-15/fr/e15/s1080x1080/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fa27ad9f2099ad8db2d63dfca694709b&oe=5F13BD12
IP 31.13.65.52:0
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.2885-15/fr/e15/s1080x1080/93777737_2662206384062019_1124849368967390899_n.jpg?_nc_ht=scontent-atl3-1.cdninstagram.com&_nc_cat=103&_nc_ohc=8Gwug72sVtYAX94QXiR&oh=fa27ad9f2099ad8db2d63dfca694709b&oe=5F13BD12 HTTP/1.1
Host: scontent-atl3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcIVOmYYYWExgLYNr_KAhBNW3HbrQAe7h2u6LHM-LC1KgDQBa3ZZpwriBWyZqODtOgsvX5YYZEJ67N5T"; e_fb_vipaddr="AcJb3hw0fQ_GeOGZwxVlXnEvoYgGimze8ag23rrzd2sf5cKhbFzItDMiBi0tHlbkNxunIZ8"; e_fb_builduser="AcJIfgQw1PNndb2-30776-xw9gcaJdPv05K8C9G05lYzVQT_30bO-iOrrPWBj_1YwqY"; e_fb_binaryversion="AcLXp8TIoQrq0fwhc1XzE8l9znfetSOjLb-TOTdtO9cwdZwzOSpQdkcvjt9dfr5nES38HoxowvEfFwUshA0yrp2yTR1Nzjryekg"; e_proxy="AcIJlXbozQBly6I7PqHzMLJ7N5B6rtPL9k6HS634fA9crkGhkwC6KkHAbmbuokwVWPC8dCBO5CPjtaQ"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 2087493949
date: Mon, 26 Sep 2022 19:09:06 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
3.248.125.227302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
IP 3.248.125.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=YzH40gAAAJHgpwOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.peeryhotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v043-001036e69.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=57946201487242205911201222527217250778; Max-Age=15552000; Expires=Sat, 25 Mar 2023 19:09:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4ZpC7O5dTP8=
Content-Length: 0
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83016037-1&cid=1366538413.1664219344&jid=1694728065&gjid=1972741817&_gid=476941531.1664219344&_u=YEBAAUAAAAAAAC~&z=1355857170
64.233.162.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83016037-1&cid=1366538413.1664219344&jid=1694728065&gjid=1972741817&_gid=476941531.1664219344&_u=YEBAAUAAAAAAAC~&z=1355857170
IP 64.233.162.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83016037-1&cid=1366538413.1664219344&jid=1694728065&gjid=1972741817&_gid=476941531.1664219344&_u=YEBAAUAAAAAAAC~&z=1355857170 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.peeryhotel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 19:09:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
3.248.125.227200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzH40gAAAJHgpwOJ
IP 3.248.125.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzH40gAAAJHgpwOJ HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.peeryhotel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v043-0d1f20c88.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 0Mu/TqKCRuY=
Content-Length: 59
Connection: keep-alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb42bda993ae2072917c1068113800e
e63e7ef1bee5192e177a35e415859c324a150fed
bc4be1bf7b07ded8ff1a01a1dab2c85976925d69fa9cf7dab0575658a1d3a532
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3957
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:09:07 GMT
Last-Modified: Mon, 26 Sep 2022 18:03:11 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
c2bf80ca0616438c9e253b5bc2e89941-4dc2aa82bc5e.cdn.forter.com/prop.json
54.81.184.157200 OK 2 B URL HTTP/1.1 c2bf80ca0616438c9e253b5bc2e89941-4dc2aa82bc5e.cdn.forter.com/prop.json
IP 54.81.184.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: c2bf80ca0616438c9e253b5bc2e89941-4dc2aa82bc5e.cdn.forter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 19:09:07 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 12:05:38 GMT
ETag: "2-5e91aa57c1b5a"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.peeryhotel.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
www.peeryhotel.com/wp-content/uploads/img_4.jpg
35.199.146.174200 OK 248 kB URL HTTP/2 www.peeryhotel.com/wp-content/uploads/img_4.jpg
IP 35.199.146.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 845x778, components 3\012- data
Size 248 kB (248122 bytes)
Hash 2f97bd4a6226e8c566a7b0d4a7fa524b
d523a5513974f65540a66b5a7d26dc107c0f7800
60aa4ea63561953c55e83885e68522af97318958e2799872971fbd82ddccff57
GET /wp-content/uploads/img_4.jpg HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595; AMCV_F0C120B3534685700A490D45%40AdobeOrg=1176715910%7CMCIDTS%7C19262%7CMCMID%7C47549090035328143730293014875526887670%7CMCAID%7CNONE%7CMCOPTOUT-1664226544s%7CNONE%7CMCAAMLH-1664824144%7C6%7CMCAAMB-1664824144%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19269%7CvVersion%7C5.4.0; forterToken=c2bf80ca0616438c9e253b5bc2e89941_1664219342465__UDF43_9ck; notice_behavior=expressed,eu; ftr_ncd=6; ftr_blst_1h=1664219343607; AMCVS_F0C120B3534685700A490D45%40AdobeOrg=1; gpv_v9=Homepage; s_cc=true; TMS=web%3D17836316%2Cweb%3D14342019%2CWeb-app%3D19485237%2Cweb-app%3D15300019%2Cweb-app%3D21881915%2Cweb-app%3D24568600; aam_uuid=47525502896670457380295083353752111545; _ga=GA1.2.1366538413.1664219344; _gid=GA1.2.476941531.1664219344; _gat_gtag_UA_83016037_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:07 GMT
content-type: image/jpeg
content-length: 248122
last-modified: Mon, 06 Jan 2020 18:10:18 GMT
etag: "5e13780a-3c93a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
df45ay5pw60dy.cloudfront.net/logo_large.gif?1664219345990&-linkd-32.
54.230.245.34200 OK 43 B URL HTTP/2 df45ay5pw60dy.cloudfront.net/logo_large.gif?1664219345990&-linkd-32.
IP 54.230.245.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /logo_large.gif?1664219345990&-linkd-32. HTTP/1.1
Host: df45ay5pw60dy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 03:02:59 GMT
cache-control: max-age=1296000
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jFJ4QgIqUtJyMG--VLAEdoV96xGqcdSog4IL8mIYWj0g4dkVJBEUdQ==
age: 490215
X-Firefox-Spdy: h2
df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1664219345990&refererPageDetail=
54.230.245.34200 OK 43 B URL HTTP/2 df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1664219345990&refererPageDetail=
IP 54.230.245.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /logo_medium.gif?check=1664219345990&refererPageDetail= HTTP/1.1
Host: df45ay5pw60dy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 05:45:24 GMT
cache-control: max-age=1296000
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YjIw1w7HvEt4gK1ArqyH2frmKIT39IOto0uCe6u5e_sMiqd9C538QQ==
age: 753950
X-Firefox-Spdy: h2
df45ay5pw60dy.cloudfront.net/logo_small.gif?check=1664219345990&popunder=
54.230.245.34200 OK 43 B URL HTTP/2 df45ay5pw60dy.cloudfront.net/logo_small.gif?check=1664219345990&popunder=
IP 54.230.245.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /logo_small.gif?check=1664219345990&popunder= HTTP/1.1
Host: df45ay5pw60dy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 00:41:37 GMT
cache-control: max-age=1296000
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y5wcK-4S13NnWagSJI33lcrTmKuRb_Fstna93BQ0yFWo_xWCVgfQiA==
age: 844991
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 18:14:05 GMT
age: 3305
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=2.9.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-3acf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/elementor/css/global.css?ver=1586558865
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/uploads/elementor/css/global.css?ver=1586558865
IP 35.199.146.174:0
GET /wp-content/uploads/elementor/css/global.css?ver=1586558865 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 10 Apr 2020 22:47:45 GMT
etag: W/"5e90f791-7b19"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/moxie.min.js?ver=1.3.5 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-155de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.8.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.8.4
IP 35.199.146.174:0
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.8.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 20:10:08 GMT
etag: W/"5e557f20-1e422"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/4.cache.js
143.204.55.116200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/4.cache.js
IP 143.204.55.116:0
GET /defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/4.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 03 Aug 2022 01:28:23 GMT
server: nginx
etag: W/"43996-1658736720000"
last-modified: Mon, 25 Jul 2022 08:12:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hC5lrK9EvTG1YeJj7YyAHSvG5HUTPEYASxrYSj-ymj_QajB5HI-Oag==
age: 4729243
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=2.9.2
IP 35.199.146.174:0
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-684e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-fe99"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/wpsisac-public.js?ver=1.8
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/wpsisac-public.js?ver=1.8
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/wpsisac-public.js?ver=1.8 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 19:44:27 GMT
etag: W/"5e55791b-b7e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-1c4bb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/media-views.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/media-views.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/media-views.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-1aeea"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/media-editor.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/media-editor.min.js?ver=6.0.2
IP 35.199.146.174:0
GET /wp-includes/js/media-editor.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-2a96"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/bootstrap.min.js?ver=1
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/bootstrap.min.js?ver=1
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/js/bootstrap.min.js?ver=1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 16:55:29 GMT
etag: W/"5d83b301-8fd6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/api-request.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/api-request.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/api-request.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-3ff"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f60b.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60b.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f60b.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: W/"62551487-48b9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.6 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-29c7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 10 Apr 2020 22:44:38 GMT
etag: W/"5e90f6d6-6d2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:27 GMT
etag: W/"5d8020b3-13d61"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: W/"5cfaccce-105a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/carousel.css?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/frontend/carousel.css?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/frontend/carousel.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-122a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/EuPreferenceManager.css
143.204.55.116200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/EuPreferenceManager.css
IP 143.204.55.116:0
GET /EuPreferenceManager.css HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Mon, 25 Jul 2022 08:11:42 GMT
content-encoding: gzip
date: Mon, 26 Sep 2022 19:09:05 GMT
expires: Mon, 26 Sep 2022 19:09:04 GMT
cache-control: no-cache
etag: W/"29043-1658736702000"
x-cache: RefreshHit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R59mwj__NM7xKpYCUs-8W1hvmzdfj9BkDFrpvLT-Mvt8XWDK1kg6jg==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-1daee"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-1f2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.6.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.6.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.6.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:04 GMT
content-type: font/woff2
content-length: 80132
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: "5e5421f7-13904"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
IP 35.199.146.174:0
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-4a7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/wp-util.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/wp-util.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-util.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
etag: W/"60d5ed52-53c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/masked-currency.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/masked-currency.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/masked-currency.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-6388"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
143.204.55.116200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP 143.204.55.116:0
GET /?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 26 Sep 2022 19:09:04 GMT
server: nginx
etag: W/"5147-1658736702000"
last-modified: Mon, 25 Jul 2022 08:11:42 GMT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oLLvaIFex-aix1zyUNrJWhXssZQaXIA10F4lwlA9kb-mcSfnQZb0vQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 35.199.146.174:0
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-636f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/phlox-pro/custom.css?ver=9.3
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/uploads/phlox-pro/custom.css?ver=9.3
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/phlox-pro/custom.css?ver=9.3 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 22:22:38 GMT
etag: W/"632a3d2e-1bb1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8
IP 35.199.146.174:0
GET /wp-includes/js/imgareaselect/imgareaselect.css?ver=0.9.8 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 25 Apr 2012 21:49:57 GMT
etag: W/"4f987185-316"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.8.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.8.4
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.8.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 20:10:08 GMT
etag: W/"5e557f20-30c4e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-e976"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 19:09:02 GMT
date: Mon, 26 Sep 2022 19:09:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-4ac6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 35.199.146.174:0
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: W/"625596ef-27ee"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-8f87"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/date.css?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/date.css?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/css/date.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 16:55:29 GMT
etag: W/"5d83b301-981f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=1.8
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=1.8
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=1.8 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 19:44:27 GMT
etag: W/"5e55791b-6b0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.1.7
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.1.7
IP 35.199.146.174:0
GET /wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.1.7 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:13:12 GMT
etag: W/"5e542048-435c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-48c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=1.8
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=1.8
IP 35.199.146.174:0
GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=1.8 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 19:44:27 GMT
etag: W/"5e55791b-a76f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f303.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f303.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f303.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=3.8.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=3.8.4
IP 35.199.146.174:0
GET /wp-content/plugins/elfsight-instagram-feed-cc/assets/elfsight-instagram-feed.js?ver=3.8.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 15 Nov 2019 00:18:07 GMT
etag: W/"5dcdeebf-4e980"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/media-audiovideo.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/media-audiovideo.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/media-audiovideo.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-2f3c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/css/media-views.min.css?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/css/media-views.min.css?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/media-views.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Nov 2021 23:11:02 GMT
etag: W/"61a40c86-b5cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/colorpicker.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/colorpicker.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/frontend/colorpicker.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-140db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick-slider-style.css?ver=1.8
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick-slider-style.css?ver=1.8
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick-slider-style.css?ver=1.8 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Feb 2020 19:49:24 GMT
etag: W/"5e557a44-3886"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/plupload.min.js?ver=2.1.9 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-3cfc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/plupload/wp-plupload.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/plupload/wp-plupload.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/wp-plupload.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-1758"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/clipboard.min.js?ver=2.0.10
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/clipboard.min.js?ver=2.0.10
IP 35.199.146.174:0
GET /wp-includes/js/clipboard.min.js?ver=2.0.10 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 17:17:22 GMT
etag: W/"6255b422-22cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/css/main.css?ver=5.2.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/main.css?ver=5.2.4
IP 35.199.146.174:0
GET /wp-content/themes/phlox-pro/css/main.css?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 19:59:59 GMT
etag: W/"5d83de3f-c6796"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:54:27 GMT
etag: W/"5d8020b3-28aa6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 35.199.146.174:0
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-9cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/uploads/phlox-pro/custom.js?ver=5.6
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/uploads/phlox-pro/custom.js?ver=5.6
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/phlox-pro/custom.js?ver=5.6 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 22:22:38 GMT
etag: W/"632a3d2e-117"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-1ad55"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=2.9.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-a4b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/1.cache.js
143.204.55.116200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/1.cache.js
IP 143.204.55.116:0
GET /defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/1.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 15 Aug 2022 03:08:23 GMT
server: nginx
etag: W/"19848-1658736720000"
last-modified: Mon, 25 Jul 2022 08:12:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CNYhjavJ-wVSvPDSWMxyA1tXXMjfyE3FUx4W5QsPvsM6iWbStlgGGg==
age: 3686442
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/bootstrap.min.css?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/css/bootstrap.min.css?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/booking-widget/assets/css/bootstrap.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 16:55:29 GMT
etag: W/"5d83b301-1deb0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/backend/tooltips.css?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/backend/tooltips.css?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/backend/tooltips.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-195f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.12.0 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-295"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-50eb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.2.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.2.4
IP 35.199.146.174:0
GET /wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-a371"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.2.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.2.4
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-6204"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/timepicker.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/timepicker.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/timepicker.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-92e2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f60d.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60d.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f60d.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/iban-check.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/iban-check.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/iban-check.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-4dd7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-132e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-validate.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-validate.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-validate.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-1107"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: W/"60083196-38a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
cdn3.forter.com/events
3.217.199.178200 OK 0 B IP 3.217.199.178:0
POST /events HTTP/1.1
Host: cdn3.forter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 1408
Origin: https://www.peeryhotel.com
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:09:05 GMT
access-control-allow-origin: https://www.peeryhotel.com
vary: Origin
access-control-allow-credentials: true
timing-allow-origin: *
cache-control: private, no-cache, no-store
expires: -1
pragma: no-cache
strict-transport-security: max-age=86400; includeSubDomains
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/backend/simpleslider.css?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/css/backend/simpleslider.css?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/css/backend/simpleslider.css?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-4ff"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/date-format.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/date-format.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/frontend/date-format.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-d21a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-4292c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.2.4
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.2.4
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.2.4 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Sep 2019 23:46:23 GMT
etag: W/"5d801ecf-6b48a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:20:23 GMT
etag: W/"5e5421f7-3e7e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/carousel.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/carousel.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/frontend/carousel.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-7740"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/masked-input.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/masked-input.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/frontend/masked-input.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-3a9f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.199.146.174:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/date-picker.js?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/booking-widget/assets/js/date-picker.js?ver=6.0.2
IP 35.199.146.174:0
GET /wp-content/plugins/booking-widget/assets/js/date-picker.js?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 19 Sep 2019 16:55:29 GMT
etag: W/"5d83b301-b22ef"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-mapbox-gl-js/public/js/wp-mapbox-gl-js-public.js?ver=918
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-mapbox-gl-js/public/js/wp-mapbox-gl-js-public.js?ver=918
IP 35.199.146.174:0
GET /wp-content/plugins/wp-mapbox-gl-js/public/js/wp-mapbox-gl-js-public.js?ver=918 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 22 Feb 2020 00:32:48 GMT
etag: W/"5e5076b0-17f7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/10.cache.js
143.204.55.116200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/10.cache.js
IP 143.204.55.116:0
GET /defaultpreferencemanager/deferredjs/BD20927918984A4C65C7FF88FF25908E/10.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr_test_ssccm&layout=gdpr&site=hiltongdpr_test.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 03 Aug 2022 01:28:21 GMT
server: nginx
etag: W/"259500-1658736720000"
last-modified: Mon, 25 Jul 2022 08:12:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iVe3ffqfmdAFKwSNhq3x8B6ZvCkG-pfQ_3jQqmCO6vYJL3MEdyBQzg==
age: 4729244
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-process.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-process.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/frontend/jquery-file-upload/jquery.fileupload-process.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-189f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.1.7
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.1.7
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.1.7 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:13:12 GMT
etag: W/"5e542048-1f86"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-includes/css/buttons.min.css?ver=6.0.2
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-includes/css/buttons.min.css?ver=6.0.2
IP 35.199.146.174:0
GET /wp-includes/css/buttons.min.css?ver=6.0.2 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 15 Nov 2021 23:22:02 GMT
etag: W/"6192eb9a-16de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/backend/simpleslider.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/backend/simpleslider.js?ver=4.9.240
IP 35.199.146.174:0
GET /wp-content/plugins/super-forms/assets/js/backend/simpleslider.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-3c4e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/wp-mapbox-gl-js/public/css/wp-mapbox-gl-js-public.css?ver=2.0.5
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/wp-mapbox-gl-js/public/css/wp-mapbox-gl-js-public.css?ver=2.0.5
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-mapbox-gl-js/public/css/wp-mapbox-gl-js-public.css?ver=2.0.5 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:02 GMT
content-type: text/css
last-modified: Fri, 25 Oct 2019 10:17:00 GMT
etag: W/"5db2cb9c-9a"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/backend/tooltips.js?ver=4.9.240
35.199.146.174200 OK 0 B URL HTTP/2 www.peeryhotel.com/wp-content/plugins/super-forms/assets/js/backend/tooltips.js?ver=4.9.240
IP 35.199.146.174:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/super-forms/assets/js/backend/tooltips.js?ver=4.9.240 HTTP/1.1
Host: www.peeryhotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.peeryhotel.com/
Cookie: super_session=d35b767615f0608f874d6d331d706ba9%7C%7C1664220955%7C%7C1664220595
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:09:03 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 24 Feb 2020 19:12:33 GMT
etag: W/"5e542021-2a36f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2