Report - thetriptouttarakhand.com/

Report Overview

Submitted URL
thetriptouttarakhand.com/
IP
207.174.212.128
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2022-11-10 22:58:42
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
280

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	485 B	2.3 kB	142.250.74.10
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	4.6 kB	178 kB	216.58.207.195
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
thetriptouttarakhand.com	unknown	2022-05-18T06:57:03Z	2023-03-10T16:26:51Z	19 kB	6.1 MB	207.174.212.128
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.214.17.205
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.8 kB	63 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	thetriptouttarakhand.com/	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/popper.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/slick.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/bootstrap.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/owl.carousel.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/wow.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/animated.headline.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.sticky.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.form.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.validate.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/mail-script.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/contact.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/plugins.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/main.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/js/contact.js	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/fonts/Flaticon.woff2	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/fonts/fa-solid-900.woff2	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/fonts/fa-regular-400.woff2	Malware
2022-11-10	medium	thetriptouttarakhand.com/assets/fonts/fa-brands-400.woff2	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed
2022-11-10	medium	thetriptouttarakhand.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	thetriptouttarakhand.com/assets/js/wow.min.js	8.4 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/wow.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-18 13:07:23 Times Seen3906 Hash 36050285bfeeb7395752f0f9bbc08273 5924f7bbbf1dfa3f0926851d01f782f23a59e805 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69 Loading...

	thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 16:01:29 Times Seen118539 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js	2.0 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 12:43:08 Times Seen1103 Hash 63bbf26c1fd78c531513dd6a4a2e4f51 f349a84e4c1bf94aa3278bc578043b52a9ce33a2 b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c Loading...

	thetriptouttarakhand.com/assets/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/bootstrap.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 17:27:36 Times Seen135524 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	thetriptouttarakhand.com/	41 B	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/ IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-18 15:45:55 Times Seen7134 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js	2.9 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 12:33:51 Times Seen2177 Hash d13462ec489f9f0c309a811f85feb3d6 d9545f8b139eae5b387de1a60a84abe949c7e88f 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a Loading...

	thetriptouttarakhand.com/assets/js/main.js	6.2 kB	2023-03-11	2023-03-11
Pretty URL thetriptouttarakhand.com/assets/js/main.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:30:10 Last Seen2023-03-11 10:30:10 Times Seen1 Hash efc5dbf22e71a2f0dbe84c5ff699cf53 a9f84957f02402aa7b0887f6de9b6853e4294291 d9835bc48c7ed9667cf483a28328bbd29fd7842255ab150ce12e525dc1a2ed91 Loading...

	thetriptouttarakhand.com/assets/js/animated.headline.js	5.5 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/animated.headline.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 13:22:04 Times Seen489 Hash 497ebc8ef71e0997ba5fda09be7ef211 77855aa2dfb40817b07d80d2f3e121afcdc8f427 d20866ac54b17d2205264f37b531fbb71b6a6425d124f551bd4c97a949dd43bf Loading...

	thetriptouttarakhand.com/assets/js/jquery.form.js	41 kB	2023-03-07	2024-03-16
Pretty URL thetriptouttarakhand.com/assets/js/jquery.form.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-03-16 13:40:59 Times Seen193 Hash 9ff23d156a15ac9eba83b6f571abd83f 63b1ceaea04590b9611d3ef6dbb588b365be4559 14b30a934e36cdfc5301709bf515adc31e060bd7275eb056964cf7d2ed6e7550 Loading...

	thetriptouttarakhand.com/assets/js/jquery.validate.min.js	21 kB	2023-03-07	2024-04-15
Pretty URL thetriptouttarakhand.com/assets/js/jquery.validate.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-15 04:34:09 Times Seen498 Hash 15d67ada60f2b7a862e0fdcd1baddf72 9389012cc388a5177f0bce53fd474d16768344d0 7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6 Loading...

	thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js	8.4 kB	2023-03-07	2024-04-11
Pretty URL thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:41 Last Seen2024-04-11 04:51:28 Times Seen688 Hash abb6ece52a5d3b908359c3dfa21d08a2 cdd58421d34de7c63034acb2726a678c55a546f5 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9 Loading...

	thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js	8.6 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 11:38:27 Times Seen535 Hash d7c97fdd45a562ace6cffddc9437a779 eb6a5e550ab67f95986363a87da875212ba2f139 525ba420f42f72699e059e5c20dd3acd591da3d54d70a319b0e360369482dde8 Loading...

	thetriptouttarakhand.com/assets/js/slick.min.js	43 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/slick.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-19 16:42:45 Times Seen34248 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	thetriptouttarakhand.com/assets/js/owl.carousel.min.js	43 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/owl.carousel.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-19 10:16:10 Times Seen8097 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js	20 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 14:05:41 Times Seen19436 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	thetriptouttarakhand.com/assets/js/jquery.sticky.js	10 kB	2023-03-07	2024-04-04
Pretty URL thetriptouttarakhand.com/assets/js/jquery.sticky.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:35 Last Seen2024-04-04 19:23:46 Times Seen958 Hash 24823208c60bfc2a92deaa50cbdc6c29 f2a855219e71fc4224376732b7c64e34670d855d bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00 Loading...

	thetriptouttarakhand.com/assets/js/mail-script.js	1.2 kB	2023-03-07	2024-04-16
Pretty URL thetriptouttarakhand.com/assets/js/mail-script.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-16 22:06:45 Times Seen247 Hash df98b7098690619c0c9e6b42b5a77b48 d3fe896ed8d259df077220f71fba197ff033d27e 01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd Loading...

	thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js	4.8 kB	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 12:33:51 Times Seen310 Hash 8eace32bdc314e746f5b01015115b3a8 90395aa2ff153cfb6d5c256a3f70bc4d545a3190 3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712 Loading...

	thetriptouttarakhand.com/assets/js/plugins.js	760 B	2023-03-07	2024-04-18
Pretty URL thetriptouttarakhand.com/assets/js/plugins.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:39 Last Seen2024-04-18 11:38:27 Times Seen479 Hash 074c4c08f0730c4d4ca76f724355807c 09d6a93af6b87a67c5773163d35f40b993fca3d3 c6129bd3aeb079f5c310d2a9618478ba0d621992c1a5e5ef320917937dc2dbb7 Loading...

	thetriptouttarakhand.com/assets/js/popper.min.js	19 kB	2023-03-07	2024-04-19
Pretty URL thetriptouttarakhand.com/assets/js/popper.min.js IP 207.174.212.128 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 17:27:36 Times Seen110176 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (95)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11779
Expires: Fri, 11 Nov 2022 02:14:49 GMT
Date: Thu, 10 Nov 2022 22:58:30 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4395
Cache-Control: max-age=132352
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:30 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:44:22 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 22:43:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 881
alt-svc: clear
X-Firefox-Spdy: h2

thetriptouttarakhand.com/

207.174.212.128

200 OK

7.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
7.2 kB (7235 bytes)
Hash
7e85231efaf9cbe1e51857744ed5f161
df08c05613e68d1710d94e1e23521f9d011b4dc0
959320003b6a40c4ce44ce6772e7cab7cc184ff22bd78481bbc26e16e4f200e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 30 Aug 2022 09:18:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7235
Keep-Alive: timeout=5, max=75
Content-Type: text/html

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13399
Expires: Fri, 11 Nov 2022 02:41:49 GMT
Date: Thu, 10 Nov 2022 22:58:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MjdAD3QuZ/xbTkXsztCsSL6Uy/Pvse1358+qgoFpopcnaW0xzbTwfPIY2dmh4L109elBHtqww7c=
x-amz-request-id: ZTRE4XEGH4VP21RP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 22:49:34 GMT
age: 536
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 22:58:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/css/owl.carousel.min.css

207.174.212.128

200 OK

970 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/owl.carousel.min.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (2846)
Size
970 B (970 bytes)
Hash
a8c30354862d988d50e72d8412bbf79f
9e92ea312df7744a472d7a7c761ebec1fb41fd9a
b5a64bd3254c26adb1d1880151dd77fe0a9711a7bfda917283949cd3e0423e28

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/owl.carousel.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

thetriptouttarakhand.com/assets/css/flaticon.css

207.174.212.128

200 OK

396 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/flaticon.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
396 B (396 bytes)
Hash
e033908315a8af0d03719a8396306a75
c531f4956789663aeae88ee79c4bce6ffc577b98
b3c5a71d0e3da0d212158a626437faff83479ca6f6fb41acd536a4c1ed01dc82

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/flaticon.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 396
Keep-Alive: timeout=5, max=75
Content-Type: text/css

thetriptouttarakhand.com/assets/css/slicknav.css

207.174.212.128

200 OK

1.7 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/slicknav.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.7 kB (1680 bytes)
Hash
0005c4bc16553f7cde8c8a1dacdb35e9
f57b4d9783c8702367eb9b29972ccdb08dc18a03
11d5eb9c57bd92ce4b6408f3c7ef79151d397df5cc6b1fa1b1b7fcd1f902f70b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/slicknav.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1680
Keep-Alive: timeout=5, max=75
Content-Type: text/css

thetriptouttarakhand.com/assets/css/fontawesome-all.min.css

207.174.212.128

200 OK

7.7 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (34502)
Size
7.7 kB (7680 bytes)
Hash
d3d4c49385337ba1f4a55e4cec941bcb
7f99ef80b36454d96753eb80bf39e7ba23181696
26bfb747cebca0c091a6d29952572d120a6975a3a91d9212b345032e953f51e1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/fontawesome-all.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7680
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

thetriptouttarakhand.com/assets/css/animate.min.css

207.174.212.128

200 OK

5.3 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/animate.min.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (55851)
Size
5.3 kB (5310 bytes)
Hash
4890ca722ce0625350ebc2521ba4b0f2
fc27867293bc5b3dd68b0588ca6861bd92011246
0ecf154ebfb3cc1cb5b991eb579e39d54d7d59477fe04dbddbb35fde457c40fe

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/animate.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5310
Keep-Alive: timeout=5, max=75
Content-Type: text/css

thetriptouttarakhand.com/assets/css/themify-icons.css

207.174.212.128

200 OK

2.9 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/themify-icons.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
2.9 kB (2900 bytes)
Hash
5e4217538bb126ec04b09266810d5bcb
23921c29e5ef3676962387f481ae81db97ce19cc
4b3c5f2edca5249486ea3e3f77953640167faf5e067bb1375c7a01c381147d13

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/themify-icons.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2900
Keep-Alive: timeout=5, max=75
Content-Type: text/css

thetriptouttarakhand.com/assets/css/bootstrap.min.css

207.174.212.128

200 OK

31 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/bootstrap.min.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65324)
Size
31 kB (31419 bytes)
Hash
cf32003059ffa167886e99e64ca37040
95fd6a7f80eeeee2c52ac4083b00de7e7c9e514d
20236d197763104967440aa53ce592e059755cfe07168cdc624fd777cd9fcae5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 10 Nov 2022 22:24:57 GMT
cache-control: public,max-age=3600
age: 2013
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/css/slick.css

207.174.212.128

200 OK

575 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/slick.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
575 B (575 bytes)
Hash
c7cd7eaaeceb626699c3f61cf0d97b31
7930a73cbfbc0683ebf12b982b4ec0ddf3498852
9782a15945372abd060dd052ac7e93e7239f7f4ac20ff8716c8f554a2e78855f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/slick.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 575
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

thetriptouttarakhand.com/assets/css/nice-select.css

207.174.212.128

200 OK

1.3 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/nice-select.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.3 kB (1268 bytes)
Hash
cdbbfcd68b6c121ac6dc87ff5762ba56
9e953f8ef38f4d194a9424e46c6603e59612bcb2
50873d394f0ca8ac4ba1dc0d2881db7f02679dc44cecfbb7c0827e5064ce441a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/nice-select.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1268
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js

207.174.212.128

200 OK

3.9 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (8320)
Size
3.9 kB (3938 bytes)
Hash
b85b3c16c245fa001d9f95ee15c8f1ea
9755699c6f76bf716ba1bab3a36f0238effd3960
e935a8092bcb4937e3810cb0c9afa4d4a4d3ea32da442915e254682eed6ebd01

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/vendor/modernizr-3.5.0.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3938
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/popper.min.js

207.174.212.128

200 OK

8.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/popper.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (19015)
Size
8.2 kB (8178 bytes)
Hash
65bb6603cd02f2ddaee7aceb4ad45900
8b6cb6f6adfbd115b96b929ff1c7e863ebe08ad1
e57fefa45f83431baee371ea4eb76883c1425343ea79883bef37f2050ec0af64

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/popper.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8178
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5155
Cache-Control: max-age=128057
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:32:48 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

thetriptouttarakhand.com/assets/css/style.css

207.174.212.128

200 OK

23 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/style.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22968 bytes)
Hash
ad5b708952b64915e15b545bd55497d4
5ea15eec1955066edc75801944f8cae6d1087afd
041c5198648443f1adcda4da5622af7dd9a98f15498ddf16c2a847f2fd1475d2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

thetriptouttarakhand.com/assets/js/slick.min.js

207.174.212.128

200 OK

14 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/slick.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (42862)
Size
14 kB (14332 bytes)
Hash
e61b26be7b27fbf2a5c2f479364c12b8
ff046102856e16854639a9862521c193fa05e9d7
19f098db827ce2943ab549c6fb9b142c4cc70aa9ecd7d3afc657a3a0eed8be88

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/slick.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14332
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1528 bytes)
Hash
66d55d9a331e6ffa51bdd2557b6d82dd
9d1ba99868c6f0a3a0d380959024259a36259df6
d5c08946e104d751920bef445c7ca25c1889e3e9b61ee5b4e1f0a0bf3c55355a

HTTP Headers

GET /css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 22:58:31 GMT
date: Thu, 10 Nov 2022 22:58:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/js/bootstrap.min.js

207.174.212.128

200 OK

20 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/bootstrap.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (48664)
Size
20 kB (20062 bytes)
Hash
41c54b1bd6691f6bb34afdc5e4272b52
b4333fd2b2c3ba7b2c38af182b3daf4231d69df8
43d6b75b97bf0636c69ea8c48e16dafefe3c602428b22fb4f11384eae7234b2d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/owl.carousel.min.js

207.174.212.128

200 OK

15 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/owl.carousel.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (32000)
Size
15 kB (15325 bytes)
Hash
f3be1764bc1ce2c0562ba864362b834b
5b5d080b0b33dc04bcb52e7cb766ff5e814fcdc9
72c97e2253c5617d7a9f872a8cdca78389d604739d67334aa32acfeaef396559

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/owl.carousel.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15325
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/wow.min.js

207.174.212.128

200 OK

3.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/wow.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (8385)
Size
3.2 kB (3202 bytes)
Hash
79e31352a6a6b27bc37a564573388e15
2eff861607e5294687ec3f3c85804003d7e12870
31ae6448ce5b8ae0a6a1209ab7fc6542f9ac1eb511c5f7ca3c7ab3fe25f26a1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/wow.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3202
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js

207.174.212.128

200 OK

43 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (32077)
Size
43 kB (42857 bytes)
Hash
abe7590369ec573c23d7471e5cef03e4
165ca16d787d467861a6b6dd4730705213811ab0
056ad6272f785ae473698519ce7ead5a3bb244f736757d81ce35c7ad3086d6b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/vendor/jquery-1.12.4.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/animated.headline.js

207.174.212.128

200 OK

1.7 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/animated.headline.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.7 kB (1741 bytes)
Hash
4af316061f76685ffbd92d5735a1b3d8
aef29afa49101460ceff3609cb49c1e61a3bfbbd
2f4f36fb181b1a9ec0f5524b516e071e698c02e5340555fb1e8c7b37dd64c25b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/animated.headline.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1741
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js

207.174.212.128

200 OK

9.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (20087)
Size
9.2 kB (9204 bytes)
Hash
7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.magnific-popup.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9204
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

push.services.mozilla.com/

34.214.17.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.17.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xi5U1S48a+6hWgGBLyzOxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rWt86ymXYpL8z5VBYho4WsQjWUg=

thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js

207.174.212.128

200 OK

970 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (1872)
Size
970 B (970 bytes)
Hash
0560a8557dfb3726bf2c772fe6eb67de
112ba20213cd266ca90122250524c0481818a413
69ac50f3cec1bec93298ee6f7decfd89caea0a63140b0d582c8b71780efe412d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.scrollUp.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js

207.174.212.128

200 OK

1.1 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (2822)
Size
1.1 kB (1078 bytes)
Hash
bf69aabbddef7b33374d88823a21d5e8
977d3cf2dd7a6a521d9c6bbf3fd2dff99b45f0dd
d394bab6d9739773f85bab494296b0554369598ad00751dba75696aed7945ab5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.nice-select.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1078
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.sticky.js

207.174.212.128

200 OK

3.0 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.sticky.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
3.0 kB (3009 bytes)
Hash
e3cea22516ec60740080799633b48ccd
488758da0421233b083853e054caaf9152c5709a
da21c4768cf429ddad3b97f762bc18a5726aedafedb0054c0585c71dd31c6b6f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.sticky.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3009
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.form.js

207.174.212.128

200 OK

14 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.form.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
14 kB (14286 bytes)
Hash
b19a355a7ed2d8133e9dd4df4c6a6576
09490700350d9b8b4f976a32db5bfc29cbfa1549
b459eae782b73c7ef7e8842d6a92fcae9c827bc3eb269324cbca8f8c016a4926

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.form.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14286
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.validate.min.js

207.174.212.128

200 OK

7.8 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.validate.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (20965)
Size
7.8 kB (7767 bytes)
Hash
8c837c09ce6c49ab643af9af995ea60f
27228fbff6341dd41056f332ed742179ae43183a
c90e18d2dc15d1692d2946a7baf92ce96aaa2969220e69f92294d8c9f2053068

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.validate.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7767
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/mail-script.js

207.174.212.128

200 OK

491 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/mail-script.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
491 B (491 bytes)
Hash
8f2ad4a129cb1b7036eb23d0ed086abc
9cb7cd660c882cfbb2488537381225f526e38457
caf244fada0961609eabd77c943a2abcdb76c9f2f50e98cd0ecbf565d261769a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/mail-script.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 491
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js

207.174.212.128

200 OK

1.3 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.3 kB (1311 bytes)
Hash
88a742d07d49829e5757dde28dfdbaab
12fb8f0377060f7144e166e6b86ffed65cee250e
3a6ccdcd0070aad2e90c63fa2b895c4a48ff8ebab97af63aed53cdf75162beb1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.ajaxchimp.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1311
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/contact.js

207.174.212.128

409 Conflict

83 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/contact.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/contact.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 409 Conflict
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js

207.174.212.128

200 OK

3.0 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (8320)
Size
3.0 kB (2968 bytes)
Hash
0564f5e4838d90060929a0cc3caf5e09
d933a813384c123fea17b2d0477e376b808d7964
b282f8af842906a4b7517441451aa3e7e1950852c20c9e4610bcd2466dc9fb81

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/jquery.slicknav.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2968
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/plugins.js

207.174.212.128

200 OK

380 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/plugins.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
380 B (380 bytes)
Hash
880210ca3ff08a2eaf5bb96aa117651c
b0d6cdfda01224a995b83c440b45e4445570d66c
287b2e470a5a553a270ea1d65373b4f41822061a21ac13fdcafac02d1819a18d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 380
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/js/main.js

207.174.212.128

200 OK

2.0 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/main.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
2.0 kB (2031 bytes)
Hash
526d49015c0ce522f6afa5e4af1a86f0
969013df0ab7d67a77de8f63762717cdcb29103a
8c10f333f09f31a74400a183f573c17b46d83a61173e59eb2753c86c5c64830c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2031
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

thetriptouttarakhand.com/assets/css/magnific-popup.css

207.174.212.128

200 OK

2.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/css/magnific-popup.css
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
2.2 kB (2190 bytes)
Hash
5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/css/magnific-popup.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2190
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thetriptouttarakhand.com/assets/img/icon/testimonial.png

207.174.212.128

200 OK

1.8 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/icon/testimonial.png
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 65 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1754 bytes)
Hash
dfd0fe1231f99d70fd65de9a2530ccbe
88eddf1aa672686aa229467eca558f77392fb466
5ca18e8e89accf8436acb2af865341e864fb4fc05f0110140a2da5104d170cea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/icon/testimonial.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1754
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png

thetriptouttarakhand.com/assets/img/logo/logo2_footer.png

207.174.212.128

200 OK

4.3 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/logo/logo2_footer.png
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 113 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4308 bytes)
Hash
bcb4aed0ca21cf0a4020654d969b3495
7294ce038cfd71ec25a056e8104be18608d31f7f
cb365f61a815fafa930557c4180c35f72fad6099c2acd8119cff49584c850ad6

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/logo/logo2_footer.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 4308
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png

thetriptouttarakhand.com/assets/img/logo/logo.png

207.174.212.128

200 OK

4.3 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/logo/logo.png
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 113 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4308 bytes)
Hash
bf54ec44e6943f9223943244076bd1eb
686db05f3400475bfc939a4a9fc76f4b7ce044c2
6a06d7dc28d84bcffb42727418165b3817f15bd170a9b450ba6af0490d13d427

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/logo/logo.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 4308
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

216.58.207.195

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20200, version 1.0\012- data
Size
20 kB (20200 bytes)
Hash
c8e400bbebae36502af48dcd4a30ea7d
4ab1f2c2a30aef8c1905d94df3b199877103ddb7
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

HTTP Headers

GET /s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 01:43:17 GMT
expires: Thu, 09 Nov 2023 01:43:17 GMT
cache-control: public, max-age=31536000
age: 162914
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/img/testmonial/Homepage_testi.png

207.174.212.128

200 OK

6.9 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/testmonial/Homepage_testi.png
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 59 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6934 bytes)
Hash
10cd11dba907acc95210c1855d6de7b7
8a2da06816a90a4bf9ae53829db51cddffdcb54c
5e42ac014430f3e4738f218b28305bceafe289d6f2af087cf3dca0aabb8f8afc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/testmonial/Homepage_testi.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 6934
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 101082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:21 GMT
expires: Thu, 09 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 98650
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 118259
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

216.58.207.195

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Size
21 kB (21440 bytes)
Hash
93674060037764a36d225e483fcc24b5
d639ff4a3ee9a0569f47b13d95e17a66c0bc9911
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

HTTP Headers

GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 17:25:54 GMT
expires: Fri, 10 Nov 2023 17:25:54 GMT
cache-control: public, max-age=31536000
age: 19957
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 98663
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2

216.58.207.195

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20432, version 1.0\012- data
Size
20 kB (20432 bytes)
Hash
41ee38ab778591b0491c84fbce8aecf3
4544df52042a0600d71ea12d7f95eaffa22e65cf
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

HTTP Headers

GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:51:07 GMT
expires: Sat, 04 Nov 2023 22:51:07 GMT
cache-control: public, max-age=31536000
age: 518844
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2

216.58.207.195

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 22652, version 1.0\012- data
Size
23 kB (22652 bytes)
Hash
496a19db9637d6acd0fc59a04635e888
12cf6f5138219b1571119de3249bf9fb43efb54c
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

HTTP Headers

GET /s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:59:55 GMT
expires: Thu, 09 Nov 2023 18:59:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:12:57 GMT
content-type: font/woff2
age: 100716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

216.58.207.195

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Size
21 kB (21352 bytes)
Hash
16cc9e59e14cc5df2278ec62d8340a8f
8e1575ef8c49a1473a58d00b409c61e25f7d2e2f
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

HTTP Headers

GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 01:41:22 GMT
expires: Thu, 09 Nov 2023 01:41:22 GMT
cache-control: public, max-age=31536000
age: 163029
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thetriptouttarakhand.com/assets/js/contact.js

207.174.212.128

409 Conflict

83 B

URL HTTP/1.1
thetriptouttarakhand.com/assets/js/contact.js
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/js/contact.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 409 Conflict
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

thetriptouttarakhand.com/assets/fonts/Flaticon.woff2

207.174.212.128

200 OK

2.6 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/fonts/Flaticon.woff2
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 2556, version 1.0\012- data
Size
2.6 kB (2556 bytes)
Hash
ed788a3742db608e06b8b1e97a3d4b8a
811bad5b8a687d8fb557e8d2e73eeeec8bca8e61
dcd84f4f291bcc1c5a9c16b52eab97571f9931e7af0dbd30192cd3bd8822a3f4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/Flaticon.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/flaticon.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 2556
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff2

thetriptouttarakhand.com/assets/fonts/fa-solid-900.woff2

207.174.212.128

200 OK

39 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/fonts/fa-solid-900.woff2
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data
Size
39 kB (38784 bytes)
Hash
f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 38784
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff2

thetriptouttarakhand.com/assets/img/service/services5.jpg

207.174.212.128

200 OK

173 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services5.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
173 kB (172923 bytes)
Hash
64943d7d0d8a3fc169aba96535575174
d40004a58f754fb46b4fda69c6945261cf3efdf5
93ab5a825b6ba92b77ea9d715becc0ca0e4975feabd1a37f496e71a1d3f3d7f9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services5.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 172923
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/fonts/fa-regular-400.woff2

207.174.212.128

200 OK

12 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/fonts/fa-regular-400.woff2
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 12220, version 1.0\012- data
Size
12 kB (12220 bytes)
Hash
032ba2e0f134a35ed87df1564936d352
92ff7d462421c5a70520d3fe1403e57a5d044b34
a36d4f83add2176a3c6243bd57a32a387a1906227e286689530ff878de1994eb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/fa-regular-400.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 12220
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: font/woff2

thetriptouttarakhand.com/assets/fonts/themify.woff?-fvbane

207.174.212.128

200 OK

56 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/fonts/themify.woff?-fvbane
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 56108, version 1.0\012- data
Size
56 kB (56108 bytes)
Hash
a1ecc3b826d01251edddf29c3e4e1e97
9394f35bd2addd24666b79bfc36d4f9d247cb01d
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/themify.woff?-fvbane HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/themify-icons.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 56108
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: font/woff

thetriptouttarakhand.com/assets/img/hero/hero-_ineShape.png

207.174.212.128

200 OK

3.9 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/hero/hero-_ineShape.png
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 332 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3905 bytes)
Hash
843285c012616a7840ef67b7b9cbc9c4
ff2c0c2aea39ab0c5f5546de4330d3d7294d2800
a4b3831c7f8ca593ff30148ae5ce9f18961f6a86be7aba5c74236e286448127b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/hero/hero-_ineShape.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/style.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 3905
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png

thetriptouttarakhand.com/assets/img/service/services3.jpg

207.174.212.128

200 OK

80 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services3.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
80 kB (80155 bytes)
Hash
1650c15782e57870210ffe53d0b2a7a6
20e3e491911dc3949590309975075b171bfd224c
ad7ec26b62542e6d91c50daba87cc3d6a2767bcf6a596bb762f057a831b1b413

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services3.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 80155
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/services1.jpg

207.174.212.128

200 OK

101 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services1.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
101 kB (100902 bytes)
Hash
8fc54bab34bbbfd40315227d7cd12724
489862a416e61e19f2d380d04cd18695eca39bf5
67f473e0a793d405e09f9fe7c661554a37089b32b09a3554b3fdc41279fff2b4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services1.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 100902
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive

thetriptouttarakhand.com/assets/fonts/fa-brands-400.woff2

207.174.212.128

200 OK

54 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/fonts/fa-brands-400.woff2
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 54420, version 1.0\012- data
Size
54 kB (54420 bytes)
Hash
c971847be1cd6c17abca74025b4f36ae
b2da189d7224a73a5b7d0e4d14a296c5515c1c0a
155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 54420
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: font/woff2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6670 bytes)
Hash
e008606f3f8c8e0d3b0b8a37eabc829a
98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4
2282526c03afe7e8919dbe4d3893cc5743860344f01ef616e15eeabae492ab6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6670
x-amzn-requestid: 3d1dfe08-b9ae-4354-8066-93c078d6fbbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQx-NGftIAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6369c9f4-54411a3f7eafb46a0cf9659e;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 03:16:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aA60n9sUi1jH7ohG2InQg0Z440iAXdTHXu2C-palDJvMrOCHc7bfVw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 06:54:01 GMT
age: 57871
etag: "98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7486 bytes)
Hash
e2981d35cad86d541a040f29d7ba0cd9
9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf
deb765293cb10b3ed1fa1b490c4687770779a1a8b75bcb3b3142fa4debe41d4d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7486
x-amzn-requestid: ab900167-5e07-4793-944f-c7da1ab11421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a28jEGIZoAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f7479-3a7691e37995895a746fed83;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:08:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qHaXJa7kgDGttIo35sthDmLtGbcy5YRElho05EOE5MZwUsd4TPNvJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:47:33 GMT
age: 4259
etag: "9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7271 bytes)
Hash
0365609d631ae42c9a141f22466b6928
b46c04b251170e93547d32d874e78b1daaec3504
52d84fdc7b47e64830292eebfedbb6b600f079d5be49209dd870c75a8c239c36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7271
x-amzn-requestid: beeef56d-0be3-43aa-b0a6-abd222cf9131
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUDz7EGfoAMF2XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b19b2-1347ac8966ac6b8f5ca4fa76;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 03:08:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1yRMbqwORggycBsFW4u_ajIUBrX3UYCUv3hvfzEJMmQsH39-2oWZtw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 13:52:48 GMT
age: 32744
etag: "b46c04b251170e93547d32d874e78b1daaec3504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9781 bytes)
Hash
383219efe5e891f92d5af6417d84e0c7
0c190d3de24965454874b48dbd7f8a521242ead3
033fb09097d9684f773bc4f14ff26ae6b6d73535200148ca09e24c66a31f1e7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 35f96f65-09e5-4adb-8791-b29f9c91d5d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bLk91ED_IAMF3lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6367b525-69f7c0123cfca4387989cd09;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 13:22:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNz9EQvLS-thHpxh52Ap5fm3PKg00btXkrkGOmXc9zSMaqpfYubKHw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 03:21:30 GMT
age: 70622
etag: "0c190d3de24965454874b48dbd7f8a521242ead3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8581 bytes)
Hash
13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xSnHWpFlXeyf08gYjPn02H88Hta9fhiDjDOukoKtt6PPVBl_gNTfgw==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 4296
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/img/blog/home-blog2.jpg

207.174.212.128

200 OK

290 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/blog/home-blog2.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x369, components 3\012- data
Size
290 kB (289996 bytes)
Hash
0d3be720864247078339835bb4a91a1a
4865203e49a3789b92ce66ff5cb25a7d2091353a
7662a501eab3fc67b60073035cca081dfee2d7de70c59f728a60e4686b31e243

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/blog/home-blog2.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 289996
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/services2.jpg

207.174.212.128

200 OK

135 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services2.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
135 kB (134552 bytes)
Hash
98a8043a64760498115e5acf35bf2d74
a1990553bb68751686dbdf11077f99350262b20d
00e3699b75899318b4f9ffba320a3ae6e0137df5250bc72e03173c3ed5dd0368

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services2.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 134552
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10671 bytes)
Hash
e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 04:00:12 GMT
age: 68300
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

thetriptouttarakhand.com/assets/img/blog/home-blog1.jpg

207.174.212.128

200 OK

288 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/blog/home-blog1.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x369, components 3\012- data
Size
288 kB (287590 bytes)
Hash
ab20f909d87003f9ad8a56ce69ecadda
5e16cdb12ef93a893afddcc2830f90f8da4bfb12
fbb17a890989223576713e16649b2d9ebbcfbfc0c8114c1dc9c15fd9ba5c12c0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/blog/home-blog1.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 287590
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/services6.jpg

207.174.212.128

200 OK

170 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services6.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
170 kB (169759 bytes)
Hash
b36f6fdc83dff7e195529ed6d4dceb21
26138ca1b09f03471a7e97d63b2a3832f24b4d4f
38f717b12529e28ab3400b6ed082abc260b77f733622a6ac6bbe29de4418ee72

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services6.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 169759
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/services4.jpg

207.174.212.128

200 OK

172 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/services4.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size
172 kB (172358 bytes)
Hash
bf4cd6925c9b449976119736636dc511
6d39d1cec90241bf99b4f08791470f957811d88b
95b29d620421227629755319e2cac513dfd0a3eccf435e0e356a18221a410a96

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/services4.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 172358
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/footer_bg.jpg

207.174.212.128

200 OK

256 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/footer_bg.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x627, components 3\012- data
Size
256 kB (255844 bytes)
Hash
bdd15185bf2df99bdc46e8c1802d6edf
2268eac05cbf362bcdd56eae7f4f4aa9746f2e6b
0c5a80e4616c8d8e7b80fc591d4e2bfa0bb3d684a11a029868239183da4152a4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/footer_bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 255844
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/service/video-bg.jpg

207.174.212.128

200 OK

1.2 MB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/video-bg.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x750, components 3\012- data
Size
1.2 MB (1161507 bytes)
Hash
ffde5d689ab994a2072074877c23e540
974762f4673c377a9c45b67846eebfd2dc6f15de
b322ac439f5d93546fa6c26c04840af16103a752189796062fc919bb0fb512a8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/video-bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1161507
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/testmonial/testimonial_bg.jpg

207.174.212.128

200 OK

1000 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/testmonial/testimonial_bg.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x765, components 3\012- data
Size
1000 kB (999904 bytes)
Hash
29887271179dbd511a5a381786ebeb2d
fe5fa2be8ee5f72a6446fbcb5f35f7440322e8bc
7b36efa1ed8753882597e8a30ea3efd373e3e1f78c77a6b43b8c06a50eeefacd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/testmonial/testimonial_bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 999904
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/hero/h1_hero.jpg

207.174.212.128

200 OK

1.4 MB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/hero/h1_hero.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x860, components 3\012- data
Size
1.4 MB (1408802 bytes)
Hash
8a3dc5a9dc7bde5239e385c16c973d0f
fd1c9a76df494e111fe6abcd4e0ec11505703995
e5801091247615e2831ccf12f4e7805603fab7d86483411504a139198e1e80c5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/hero/h1_hero.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1408802
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg

thetriptouttarakhand.com/assets/img/favicon.ico

207.174.212.128

200 OK

1.2 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/favicon.ico
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
53d10e7d11df734f99d96229ccc57736
719adec27d8e81a7c87268edd5dc443e3407c561
d79472508a568c6a084c936d228ed9a2c11d3890295d5facf916d90fd0fc2b1a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/favicon.ico HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:33 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=604800
Expires: Thu, 17 Nov 2022 22:58:33 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/x-icon

thetriptouttarakhand.com/assets/img/service/support-img.jpg

207.174.212.128

200 OK

422 kB

URL HTTP/1.1
thetriptouttarakhand.com/assets/img/service/support-img.jpg
IP
207.174.212.128:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x699, components 3\012- data
Size
422 kB (421843 bytes)
Hash
8262be4d3898d4d232eb7112a8eaf4f9
2da5da9799b232f7b75d35a3b596492bd5896fbe
fb243bc7c41cbabb96041c1e8a0de4e841b3a7c4d22947ec38af524996d38856

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /assets/img/service/support-img.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 421843
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5583 bytes)
Hash
85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 09:09:40 GMT
age: 49739
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations