r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11779
Expires: Fri, 11 Nov 2022 02:14:49 GMT
Date: Thu, 10 Nov 2022 22:58:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a19a5555cc9ea92581b0cc504cb64345
01a86ce33d5eb33420ed76266360f32c62a96f31
9ebd48b4053bb4a7a27718670c44075b1f35d037be7fd16750fcbc3ffd68b18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4395
Cache-Control: max-age=132352
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:30 GMT
Etag: "636cd2eb-1d7"
Expires: Sat, 12 Nov 2022 11:44:22 GMT
Last-Modified: Thu, 10 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 10 Nov 2022 22:43:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 881
alt-svc: clear
X-Firefox-Spdy: h2
thetriptouttarakhand.com/
207.174.212.128200 OK 7.2 kB URL HTTP/1.1 thetriptouttarakhand.com/
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 7e85231efaf9cbe1e51857744ed5f161
df08c05613e68d1710d94e1e23521f9d011b4dc0
959320003b6a40c4ce44ce6772e7cab7cc184ff22bd78481bbc26e16e4f200e5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 30 Aug 2022 09:18:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7235
Keep-Alive: timeout=5, max=75
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13399
Expires: Fri, 11 Nov 2022 02:41:49 GMT
Date: Thu, 10 Nov 2022 22:58:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MjdAD3QuZ/xbTkXsztCsSL6Uy/Pvse1358+qgoFpopcnaW0xzbTwfPIY2dmh4L109elBHtqww7c=
x-amz-request-id: ZTRE4XEGH4VP21RP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 22:49:34 GMT
age: 536
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 22:58:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/css/owl.carousel.min.css
207.174.212.128200 OK 970 B URL HTTP/1.1 thetriptouttarakhand.com/assets/css/owl.carousel.min.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2846)
Hash a8c30354862d988d50e72d8412bbf79f
9e92ea312df7744a472d7a7c761ebec1fb41fd9a
b5a64bd3254c26adb1d1880151dd77fe0a9711a7bfda917283949cd3e0423e28
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/owl.carousel.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
thetriptouttarakhand.com/assets/css/flaticon.css
207.174.212.128200 OK 396 B URL HTTP/1.1 thetriptouttarakhand.com/assets/css/flaticon.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e033908315a8af0d03719a8396306a75
c531f4956789663aeae88ee79c4bce6ffc577b98
b3c5a71d0e3da0d212158a626437faff83479ca6f6fb41acd536a4c1ed01dc82
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/flaticon.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 396
Keep-Alive: timeout=5, max=75
Content-Type: text/css
thetriptouttarakhand.com/assets/css/slicknav.css
207.174.212.128200 OK 1.7 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/slicknav.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 0005c4bc16553f7cde8c8a1dacdb35e9
f57b4d9783c8702367eb9b29972ccdb08dc18a03
11d5eb9c57bd92ce4b6408f3c7ef79151d397df5cc6b1fa1b1b7fcd1f902f70b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/slicknav.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1680
Keep-Alive: timeout=5, max=75
Content-Type: text/css
thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
207.174.212.128200 OK 7.7 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (34502)
Hash d3d4c49385337ba1f4a55e4cec941bcb
7f99ef80b36454d96753eb80bf39e7ba23181696
26bfb747cebca0c091a6d29952572d120a6975a3a91d9212b345032e953f51e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/fontawesome-all.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7680
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
thetriptouttarakhand.com/assets/css/animate.min.css
207.174.212.128200 OK 5.3 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/animate.min.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (55851)
Hash 4890ca722ce0625350ebc2521ba4b0f2
fc27867293bc5b3dd68b0588ca6861bd92011246
0ecf154ebfb3cc1cb5b991eb579e39d54d7d59477fe04dbddbb35fde457c40fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/animate.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5310
Keep-Alive: timeout=5, max=75
Content-Type: text/css
thetriptouttarakhand.com/assets/css/themify-icons.css
207.174.212.128200 OK 2.9 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/themify-icons.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5e4217538bb126ec04b09266810d5bcb
23921c29e5ef3676962387f481ae81db97ce19cc
4b3c5f2edca5249486ea3e3f77953640167faf5e067bb1375c7a01c381147d13
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/themify-icons.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2900
Keep-Alive: timeout=5, max=75
Content-Type: text/css
thetriptouttarakhand.com/assets/css/bootstrap.min.css
207.174.212.128200 OK 31 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/bootstrap.min.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65324)
Hash cf32003059ffa167886e99e64ca37040
95fd6a7f80eeeee2c52ac4083b00de7e7c9e514d
20236d197763104967440aa53ce592e059755cfe07168cdc624fd777cd9fcae5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 10 Nov 2022 22:24:57 GMT
cache-control: public,max-age=3600
age: 2013
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/css/slick.css
207.174.212.128200 OK 575 B URL HTTP/1.1 thetriptouttarakhand.com/assets/css/slick.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c7cd7eaaeceb626699c3f61cf0d97b31
7930a73cbfbc0683ebf12b982b4ec0ddf3498852
9782a15945372abd060dd052ac7e93e7239f7f4ac20ff8716c8f554a2e78855f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/slick.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 575
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
thetriptouttarakhand.com/assets/css/nice-select.css
207.174.212.128200 OK 1.3 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/nice-select.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash cdbbfcd68b6c121ac6dc87ff5762ba56
9e953f8ef38f4d194a9424e46c6603e59612bcb2
50873d394f0ca8ac4ba1dc0d2881db7f02679dc44cecfbb7c0827e5064ce441a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/nice-select.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1268
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js
207.174.212.128200 OK 3.9 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/vendor/modernizr-3.5.0.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8320)
Hash b85b3c16c245fa001d9f95ee15c8f1ea
9755699c6f76bf716ba1bab3a36f0238effd3960
e935a8092bcb4937e3810cb0c9afa4d4a4d3ea32da442915e254682eed6ebd01
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/vendor/modernizr-3.5.0.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3938
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/popper.min.js
207.174.212.128200 OK 8.2 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/popper.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19015)
Hash 65bb6603cd02f2ddaee7aceb4ad45900
8b6cb6f6adfbd115b96b929ff1c7e863ebe08ad1
e57fefa45f83431baee371ea4eb76883c1425343ea79883bef37f2050ec0af64
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/popper.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8178
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 081ea13ba4390a4baab25cf57c2672f3
30cc9c329228e3d7bc6041f1aa553f06f8136eed
5a48c189581edd8ae4a4e58e2d54359bb75ba769828436394e4c256fe861814e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5155
Cache-Control: max-age=128057
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Etag: "636cbf2d-1d7"
Expires: Sat, 12 Nov 2022 10:32:48 GMT
Last-Modified: Thu, 10 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
thetriptouttarakhand.com/assets/css/style.css
207.174.212.128200 OK 23 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/style.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65536), with no line terminators
Hash ad5b708952b64915e15b545bd55497d4
5ea15eec1955066edc75801944f8cae6d1087afd
041c5198648443f1adcda4da5622af7dd9a98f15498ddf16c2a847f2fd1475d2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/style.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
thetriptouttarakhand.com/assets/js/slick.min.js
207.174.212.128200 OK 14 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/slick.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (42862)
Hash e61b26be7b27fbf2a5c2f479364c12b8
ff046102856e16854639a9862521c193fa05e9d7
19f098db827ce2943ab549c6fb9b142c4cc70aa9ecd7d3afc657a3a0eed8be88
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/slick.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14332
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 83b99092f19a38763c0b6ffc5e05e5aa
4cacf0a4adc46e28bc867d666a3fb45738dd1501
168478f1e03d83548fbfeed6dfad20ef23cb5a1dbf18f7312e5cf6dd290e9339
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap
IP 142.250.74.10:0
Hash 66d55d9a331e6ffa51bdd2557b6d82dd
9d1ba99868c6f0a3a0d380959024259a36259df6
d5c08946e104d751920bef445c7ca25c1889e3e9b61ee5b4e1f0a0bf3c55355a
GET /css?family=Barlow+Condensed:200,300,400,500,600,700,800,900|Roboto:300,400,500,700,900|Satisfy&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Nov 2022 22:58:31 GMT
date: Thu, 10 Nov 2022 22:58:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/js/bootstrap.min.js
207.174.212.128200 OK 20 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/bootstrap.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (48664)
Hash 41c54b1bd6691f6bb34afdc5e4272b52
b4333fd2b2c3ba7b2c38af182b3daf4231d69df8
43d6b75b97bf0636c69ea8c48e16dafefe3c602428b22fb4f11384eae7234b2d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/owl.carousel.min.js
207.174.212.128200 OK 15 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/owl.carousel.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32000)
Hash f3be1764bc1ce2c0562ba864362b834b
5b5d080b0b33dc04bcb52e7cb766ff5e814fcdc9
72c97e2253c5617d7a9f872a8cdca78389d604739d67334aa32acfeaef396559
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/owl.carousel.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15325
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/wow.min.js
207.174.212.128200 OK 3.2 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/wow.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8385)
Hash 79e31352a6a6b27bc37a564573388e15
2eff861607e5294687ec3f3c85804003d7e12870
31ae6448ce5b8ae0a6a1209ab7fc6542f9ac1eb511c5f7ca3c7ab3fe25f26a1a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/wow.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3202
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js
207.174.212.128200 OK 43 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/vendor/jquery-1.12.4.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32077)
Hash abe7590369ec573c23d7471e5cef03e4
165ca16d787d467861a6b6dd4730705213811ab0
056ad6272f785ae473698519ce7ead5a3bb244f736757d81ce35c7ad3086d6b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/vendor/jquery-1.12.4.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/animated.headline.js
207.174.212.128200 OK 1.7 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/animated.headline.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4af316061f76685ffbd92d5735a1b3d8
aef29afa49101460ceff3609cb49c1e61a3bfbbd
2f4f36fb181b1a9ec0f5524b516e071e698c02e5340555fb1e8c7b37dd64c25b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/animated.headline.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1741
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js
207.174.212.128200 OK 9.2 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.magnific-popup.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.magnific-popup.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9204
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xi5U1S48a+6hWgGBLyzOxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rWt86ymXYpL8z5VBYho4WsQjWUg=
thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js
207.174.212.128200 OK 970 B URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.scrollUp.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (1872)
Hash 0560a8557dfb3726bf2c772fe6eb67de
112ba20213cd266ca90122250524c0481818a413
69ac50f3cec1bec93298ee6f7decfd89caea0a63140b0d582c8b71780efe412d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.scrollUp.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 970
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js
207.174.212.128200 OK 1.1 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.nice-select.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (2822)
Hash bf69aabbddef7b33374d88823a21d5e8
977d3cf2dd7a6a521d9c6bbf3fd2dff99b45f0dd
d394bab6d9739773f85bab494296b0554369598ad00751dba75696aed7945ab5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.nice-select.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1078
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.sticky.js
207.174.212.128200 OK 3.0 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.sticky.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e3cea22516ec60740080799633b48ccd
488758da0421233b083853e054caaf9152c5709a
da21c4768cf429ddad3b97f762bc18a5726aedafedb0054c0585c71dd31c6b6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.sticky.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3009
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.form.js
207.174.212.128200 OK 14 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.form.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash b19a355a7ed2d8133e9dd4df4c6a6576
09490700350d9b8b4f976a32db5bfc29cbfa1549
b459eae782b73c7ef7e8842d6a92fcae9c827bc3eb269324cbca8f8c016a4926
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.form.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14286
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.validate.min.js
207.174.212.128200 OK 7.8 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.validate.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (20965)
Hash 8c837c09ce6c49ab643af9af995ea60f
27228fbff6341dd41056f332ed742179ae43183a
c90e18d2dc15d1692d2946a7baf92ce96aaa2969220e69f92294d8c9f2053068
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.validate.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7767
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/mail-script.js
207.174.212.128200 OK 491 B URL HTTP/1.1 thetriptouttarakhand.com/assets/js/mail-script.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 8f2ad4a129cb1b7036eb23d0ed086abc
9cb7cd660c882cfbb2488537381225f526e38457
caf244fada0961609eabd77c943a2abcdb76c9f2f50e98cd0ecbf565d261769a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/mail-script.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 491
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js
207.174.212.128200 OK 1.3 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.ajaxchimp.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 88a742d07d49829e5757dde28dfdbaab
12fb8f0377060f7144e166e6b86ffed65cee250e
3a6ccdcd0070aad2e90c63fa2b895c4a48ff8ebab97af63aed53cdf75162beb1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.ajaxchimp.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1311
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/contact.js
207.174.212.128409 Conflict 83 B URL HTTP/1.1 thetriptouttarakhand.com/assets/js/contact.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/contact.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 409 Conflict
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js
207.174.212.128200 OK 3.0 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/jquery.slicknav.min.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8320)
Hash 0564f5e4838d90060929a0cc3caf5e09
d933a813384c123fea17b2d0477e376b808d7964
b282f8af842906a4b7517441451aa3e7e1950852c20c9e4610bcd2466dc9fb81
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/jquery.slicknav.min.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:30 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2968
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/plugins.js
207.174.212.128200 OK 380 B URL HTTP/1.1 thetriptouttarakhand.com/assets/js/plugins.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 880210ca3ff08a2eaf5bb96aa117651c
b0d6cdfda01224a995b83c440b45e4445570d66c
287b2e470a5a553a270ea1d65373b4f41822061a21ac13fdcafac02d1819a18d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/plugins.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 380
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/js/main.js
207.174.212.128200 OK 2.0 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/js/main.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 526d49015c0ce522f6afa5e4af1a86f0
969013df0ab7d67a77de8f63762717cdcb29103a
8c10f333f09f31a74400a183f573c17b46d83a61173e59eb2753c86c5c64830c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/main.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2031
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
thetriptouttarakhand.com/assets/css/magnific-popup.css
207.174.212.128200 OK 2.2 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/css/magnific-popup.css
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/magnific-popup.css HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2190
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thetriptouttarakhand.com/assets/img/icon/testimonial.png
207.174.212.128200 OK 1.8 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/icon/testimonial.png
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 65 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash dfd0fe1231f99d70fd65de9a2530ccbe
88eddf1aa672686aa229467eca558f77392fb466
5ca18e8e89accf8436acb2af865341e864fb4fc05f0110140a2da5104d170cea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/icon/testimonial.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1754
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
thetriptouttarakhand.com/assets/img/logo/logo2_footer.png
207.174.212.128200 OK 4.3 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/logo/logo2_footer.png
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 113 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash bcb4aed0ca21cf0a4020654d969b3495
7294ce038cfd71ec25a056e8104be18608d31f7f
cb365f61a815fafa930557c4180c35f72fad6099c2acd8119cff49584c850ad6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/logo/logo2_footer.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 4308
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/png
thetriptouttarakhand.com/assets/img/logo/logo.png
207.174.212.128200 OK 4.3 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/logo/logo.png
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 113 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash bf54ec44e6943f9223943244076bd1eb
686db05f3400475bfc939a4a9fc76f4b7ce044c2
6a06d7dc28d84bcffb42727418165b3817f15bd170a9b450ba6af0490d13d427
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/logo/logo.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 4308
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20200, version 1.0\012- data
Hash c8e400bbebae36502af48dcd4a30ea7d
4ab1f2c2a30aef8c1905d94df3b199877103ddb7
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
GET /s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 01:43:17 GMT
expires: Thu, 09 Nov 2023 01:43:17 GMT
cache-control: public, max-age=31536000
age: 162914
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/img/testmonial/Homepage_testi.png
207.174.212.128200 OK 6.9 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/testmonial/Homepage_testi.png
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 59 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 10cd11dba907acc95210c1855d6de7b7
8a2da06816a90a4bf9ae53829db51cddffdcb54c
5e42ac014430f3e4738f218b28305bceafe289d6f2af087cf3dca0aabb8f8afc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/testmonial/Homepage_testi.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 6934
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 101082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:21 GMT
expires: Thu, 09 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 98650
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 118259
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Hash 93674060037764a36d225e483fcc24b5
d639ff4a3ee9a0569f47b13d95e17a66c0bc9911
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 17:25:54 GMT
expires: Fri, 10 Nov 2023 17:25:54 GMT
cache-control: public, max-age=31536000
age: 19957
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 98663
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20432, version 1.0\012- data
Hash 41ee38ab778591b0491c84fbce8aecf3
4544df52042a0600d71ea12d7f95eaffa22e65cf
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:51:07 GMT
expires: Sat, 04 Nov 2023 22:51:07 GMT
cache-control: public, max-age=31536000
age: 518844
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6bbfc6315b9228fd41cc16d1b2f54feb
2f2ca82eb3ca303268b03f7aa80af90f9380e8e2
9a593b197ba164b8fc74cfe6feccd57e05233a642d1dd8065c6723cee2c15701
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22652, version 1.0\012- data
Hash 496a19db9637d6acd0fc59a04635e888
12cf6f5138219b1571119de3249bf9fb43efb54c
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
GET /s/satisfy/v17/rP2Hp2yn6lkG50LoCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:59:55 GMT
expires: Thu, 09 Nov 2023 18:59:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:12:57 GMT
content-type: font/woff2
age: 100716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Hash 16cc9e59e14cc5df2278ec62d8340a8f
8e1575ef8c49a1473a58d00b409c61e25f7d2e2f
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://thetriptouttarakhand.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 01:41:22 GMT
expires: Thu, 09 Nov 2023 01:41:22 GMT
cache-control: public, max-age=31536000
age: 163029
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 22:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thetriptouttarakhand.com/assets/js/contact.js
207.174.212.128409 Conflict 83 B URL HTTP/1.1 thetriptouttarakhand.com/assets/js/contact.js
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/contact.js HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 409 Conflict
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
thetriptouttarakhand.com/assets/fonts/Flaticon.woff2
207.174.212.128200 OK 2.6 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/fonts/Flaticon.woff2
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 2556, version 1.0\012- data
Hash ed788a3742db608e06b8b1e97a3d4b8a
811bad5b8a687d8fb557e8d2e73eeeec8bca8e61
dcd84f4f291bcc1c5a9c16b52eab97571f9931e7af0dbd30192cd3bd8822a3f4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/fonts/Flaticon.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/flaticon.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 2556
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff2
thetriptouttarakhand.com/assets/fonts/fa-solid-900.woff2
207.174.212.128200 OK 39 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/fonts/fa-solid-900.woff2
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data
Hash f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 38784
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff2
thetriptouttarakhand.com/assets/img/service/services5.jpg
207.174.212.128200 OK 173 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services5.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size 173 kB (172923 bytes)
Hash 64943d7d0d8a3fc169aba96535575174
d40004a58f754fb46b4fda69c6945261cf3efdf5
93ab5a825b6ba92b77ea9d715becc0ca0e4975feabd1a37f496e71a1d3f3d7f9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services5.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 172923
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/fonts/fa-regular-400.woff2
207.174.212.128200 OK 12 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/fonts/fa-regular-400.woff2
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 12220, version 1.0\012- data
Hash 032ba2e0f134a35ed87df1564936d352
92ff7d462421c5a70520d3fe1403e57a5d044b34
a36d4f83add2176a3c6243bd57a32a387a1906227e286689530ff878de1994eb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/fonts/fa-regular-400.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 12220
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: font/woff2
thetriptouttarakhand.com/assets/fonts/themify.woff?-fvbane
207.174.212.128200 OK 56 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/fonts/themify.woff?-fvbane
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, CFF, length 56108, version 1.0\012- data
Hash a1ecc3b826d01251edddf29c3e4e1e97
9394f35bd2addd24666b79bfc36d4f9d247cb01d
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/fonts/themify.woff?-fvbane HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/themify-icons.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 56108
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: font/woff
thetriptouttarakhand.com/assets/img/hero/hero-_ineShape.png
207.174.212.128200 OK 3.9 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/hero/hero-_ineShape.png
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 332 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 843285c012616a7840ef67b7b9cbc9c4
ff2c0c2aea39ab0c5f5546de4330d3d7294d2800
a4b3831c7f8ca593ff30148ae5ce9f18961f6a86be7aba5c74236e286448127b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/hero/hero-_ineShape.png HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/style.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 3905
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/png
thetriptouttarakhand.com/assets/img/service/services3.jpg
207.174.212.128200 OK 80 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services3.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Hash 1650c15782e57870210ffe53d0b2a7a6
20e3e491911dc3949590309975075b171bfd224c
ad7ec26b62542e6d91c50daba87cc3d6a2767bcf6a596bb762f057a831b1b413
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services3.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 80155
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/services1.jpg
207.174.212.128200 OK 101 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services1.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size 101 kB (100902 bytes)
Hash 8fc54bab34bbbfd40315227d7cd12724
489862a416e61e19f2d380d04cd18695eca39bf5
67f473e0a793d405e09f9fe7c661554a37089b32b09a3554b3fdc41279fff2b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services1.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 100902
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17743
Expires: Fri, 11 Nov 2022 03:54:15 GMT
Date: Thu, 10 Nov 2022 22:58:32 GMT
Connection: keep-alive
thetriptouttarakhand.com/assets/fonts/fa-brands-400.woff2
207.174.212.128200 OK 54 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/fonts/fa-brands-400.woff2
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 54420, version 1.0\012- data
Hash c971847be1cd6c17abca74025b4f36ae
b2da189d7224a73a5b7d0e4d14a296c5515c1c0a
155963e3fb06f13011705c65bc52ed31f9989b87309c945948a76b35f8e7da67
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/assets/css/fontawesome-all.min.css
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 54420
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: font/woff2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e008606f3f8c8e0d3b0b8a37eabc829a
98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4
2282526c03afe7e8919dbe4d3893cc5743860344f01ef616e15eeabae492ab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8a087e0-6803-4782-af79-e6b6225befa5.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6670
x-amzn-requestid: 3d1dfe08-b9ae-4354-8066-93c078d6fbbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQx-NGftIAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6369c9f4-54411a3f7eafb46a0cf9659e;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 03:16:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aA60n9sUi1jH7ohG2InQg0Z440iAXdTHXu2C-palDJvMrOCHc7bfVw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 06:54:01 GMT
age: 57871
etag: "98a80b1eaf4c774b5dca5bb86cfe53dd88bd89a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2981d35cad86d541a040f29d7ba0cd9
9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf
deb765293cb10b3ed1fa1b490c4687770779a1a8b75bcb3b3142fa4debe41d4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716a5539-d601-4b6f-a433-3319835fec35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7486
x-amzn-requestid: ab900167-5e07-4793-944f-c7da1ab11421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a28jEGIZoAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f7479-3a7691e37995895a746fed83;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:08:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qHaXJa7kgDGttIo35sthDmLtGbcy5YRElho05EOE5MZwUsd4TPNvJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:47:33 GMT
age: 4259
etag: "9284c2c09cf1ca167b159a892b0e30c7bd2bd4bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0365609d631ae42c9a141f22466b6928
b46c04b251170e93547d32d874e78b1daaec3504
52d84fdc7b47e64830292eebfedbb6b600f079d5be49209dd870c75a8c239c36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff6e953b-c2b6-4feb-b47b-bdaf7a9bb2f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7271
x-amzn-requestid: beeef56d-0be3-43aa-b0a6-abd222cf9131
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bUDz7EGfoAMF2XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636b19b2-1347ac8966ac6b8f5ca4fa76;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 03:08:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1yRMbqwORggycBsFW4u_ajIUBrX3UYCUv3hvfzEJMmQsH39-2oWZtw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 13:52:48 GMT
age: 32744
etag: "b46c04b251170e93547d32d874e78b1daaec3504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 383219efe5e891f92d5af6417d84e0c7
0c190d3de24965454874b48dbd7f8a521242ead3
033fb09097d9684f773bc4f14ff26ae6b6d73535200148ca09e24c66a31f1e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb5ee6ca-d1ab-48ac-994e-01c246d9532d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 35f96f65-09e5-4adb-8791-b29f9c91d5d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bLk91ED_IAMF3lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6367b525-69f7c0123cfca4387989cd09;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 13:22:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNz9EQvLS-thHpxh52Ap5fm3PKg00btXkrkGOmXc9zSMaqpfYubKHw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 03:21:30 GMT
age: 70622
etag: "0c190d3de24965454874b48dbd7f8a521242ead3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f7b6eea163326da8c58ae5c09efccd
e0d1ebb35a16c686eae3d31eb85ac72278459b05
13f2f428acb7806808d957a8167ab2c139a5d0f59798671465717f2b39b914a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4094512-9a5a-47aa-9796-9f630fb1c13f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8581
x-amzn-requestid: 385174fe-153f-448f-be5e-9ea3b5757ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u1EYOIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-6084a34f58df22037275e676;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xSnHWpFlXeyf08gYjPn02H88Hta9fhiDjDOukoKtt6PPVBl_gNTfgw==
via: 1.1 dfc972676b24a6d23251d4f298dfa08c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:56 GMT
age: 4296
etag: "e0d1ebb35a16c686eae3d31eb85ac72278459b05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/img/blog/home-blog2.jpg
207.174.212.128200 OK 290 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/blog/home-blog2.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x369, components 3\012- data
Size 290 kB (289996 bytes)
Hash 0d3be720864247078339835bb4a91a1a
4865203e49a3789b92ce66ff5cb25a7d2091353a
7662a501eab3fc67b60073035cca081dfee2d7de70c59f728a60e4686b31e243
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/blog/home-blog2.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:31 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 289996
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/services2.jpg
207.174.212.128200 OK 135 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services2.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size 135 kB (134552 bytes)
Hash 98a8043a64760498115e5acf35bf2d74
a1990553bb68751686dbdf11077f99350262b20d
00e3699b75899318b4f9ffba320a3ae6e0137df5250bc72e03173c3ed5dd0368
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services2.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 134552
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 04:00:12 GMT
age: 68300
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thetriptouttarakhand.com/assets/img/blog/home-blog1.jpg
207.174.212.128200 OK 288 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/blog/home-blog1.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 570x369, components 3\012- data
Size 288 kB (287590 bytes)
Hash ab20f909d87003f9ad8a56ce69ecadda
5e16cdb12ef93a893afddcc2830f90f8da4bfb12
fbb17a890989223576713e16649b2d9ebbcfbfc0c8114c1dc9c15fd9ba5c12c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/blog/home-blog1.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 287590
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/services6.jpg
207.174.212.128200 OK 170 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services6.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size 170 kB (169759 bytes)
Hash b36f6fdc83dff7e195529ed6d4dceb21
26138ca1b09f03471a7e97d63b2a3832f24b4d4f
38f717b12529e28ab3400b6ed082abc260b77f733622a6ac6bbe29de4418ee72
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services6.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 169759
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/services4.jpg
207.174.212.128200 OK 172 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/services4.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 370x324, components 3\012- data
Size 172 kB (172358 bytes)
Hash bf4cd6925c9b449976119736636dc511
6d39d1cec90241bf99b4f08791470f957811d88b
95b29d620421227629755319e2cac513dfd0a3eccf435e0e356a18221a410a96
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/services4.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 172358
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/footer_bg.jpg
207.174.212.128200 OK 256 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/footer_bg.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x627, components 3\012- data
Size 256 kB (255844 bytes)
Hash bdd15185bf2df99bdc46e8c1802d6edf
2268eac05cbf362bcdd56eae7f4f4aa9746f2e6b
0c5a80e4616c8d8e7b80fc591d4e2bfa0bb3d684a11a029868239183da4152a4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/footer_bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 255844
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/service/video-bg.jpg
207.174.212.128200 OK 1.2 MB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/video-bg.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x750, components 3\012- data
Size 1.2 MB (1161507 bytes)
Hash ffde5d689ab994a2072074877c23e540
974762f4673c377a9c45b67846eebfd2dc6f15de
b322ac439f5d93546fa6c26c04840af16103a752189796062fc919bb0fb512a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/video-bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1161507
Keep-Alive: timeout=5, max=65
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/testmonial/testimonial_bg.jpg
207.174.212.128200 OK 1000 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/testmonial/testimonial_bg.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x765, components 3\012- data
Size 1000 kB (999904 bytes)
Hash 29887271179dbd511a5a381786ebeb2d
fe5fa2be8ee5f72a6446fbcb5f35f7440322e8bc
7b36efa1ed8753882597e8a30ea3efd373e3e1f78c77a6b43b8c06a50eeefacd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/testmonial/testimonial_bg.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 999904
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/hero/h1_hero.jpg
207.174.212.128200 OK 1.4 MB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/hero/h1_hero.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x860, components 3\012- data
Size 1.4 MB (1408802 bytes)
Hash 8a3dc5a9dc7bde5239e385c16c973d0f
fd1c9a76df494e111fe6abcd4e0ec11505703995
e5801091247615e2831ccf12f4e7805603fab7d86483411504a139198e1e80c5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/hero/h1_hero.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1408802
Keep-Alive: timeout=5, max=75
Content-Type: image/jpeg
thetriptouttarakhand.com/assets/img/favicon.ico
207.174.212.128200 OK 1.2 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/favicon.ico
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 53d10e7d11df734f99d96229ccc57736
719adec27d8e81a7c87268edd5dc443e3407c561
d79472508a568c6a084c936d228ed9a2c11d3890295d5facf916d90fd0fc2b1a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/favicon.ico HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:33 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=604800
Expires: Thu, 17 Nov 2022 22:58:33 GMT
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: image/x-icon
thetriptouttarakhand.com/assets/img/service/support-img.jpg
207.174.212.128200 OK 422 kB URL HTTP/1.1 thetriptouttarakhand.com/assets/img/service/support-img.jpg
IP 207.174.212.128:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x699, components 3\012- data
Size 422 kB (421843 bytes)
Hash 8262be4d3898d4d232eb7112a8eaf4f9
2da5da9799b232f7b75d35a3b596492bd5896fbe
fb243bc7c41cbabb96041c1e8a0de4e841b3a7c4d22947ec38af524996d38856
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/service/support-img.jpg HTTP/1.1
Host: thetriptouttarakhand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thetriptouttarakhand.com/
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 22:58:32 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 11:23:49 GMT
Accept-Ranges: bytes
Content-Length: 421843
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 09:09:40 GMT
age: 49739
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2