{"report_id":"163bf7dc-725e-410d-a16d-ab542a88bb71","version":6,"status":"done","tags":[],"date":"2026-05-18T14:09:24Z","url":{"schema":"http","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"title":"Ramada By Wyndham Dubai Barsha Heights Hotel - Dubai, United Arab Emirates","dom":{"size":302866,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (44210)","md5":"943cca4656d8e048e01d085414b54da8","sha1":"818a4d91f2068972410b3548e70137cf94147caf","sha256":"82b83038df971acb78d65e2ab33ad51a6691e9d392b7ebdc4aee24abc739c748","sha512":"05daacaf9bc8bdd8c6776295453883bb61538b51733d3ec3f9ffe047fd673ae1101927a93491b07313dffbd1763429c008be8395b009f6287d89c32022739061","ssdeep":"3072:GVGpZHT5cpn19JqkK5veieke4reHDfec6/eBeEv8901nAJ2IT:z5veieke8erec6/eBeEve0a","tlshash":"945419228ba5243b417ac5a36a1a566f373be807d55201d0f7fc87789fc6e499b2343c","dom_hash":"domhash037dc95e1ca4f713943a86ff83c0d511","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-22T14:09:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-18T14:09:27.05627Z","last_seen":"2026-05-18T14:09:29.282821Z","alert_count":172,"request_count":43,"received_data":2855921,"sent_data":71145,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}]},{"fqdn":"spahotel.guru","ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-16T03:18:56.312429Z","last_seen":"2026-05-15T18:03:08.274648Z","alert_count":3,"request_count":1,"received_data":370503,"sent_data":525,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-17T22:21:01.756487Z","alert_count":0,"request_count":1,"received_data":6921,"sent_data":567,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-17T22:18:09.532627Z","alert_count":0,"request_count":2,"received_data":64258,"sent_data":1202,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/pages/hotel/hotel_4.js?id=24f1198a76dfc6a236c9fb7593ee43a3","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"24f1198a76dfc6a236c9fb7593ee43a3","sha1":"ee025d03c87a7b9e773baf77159f72e6d046ebea","sha256":"53fba594b7081f8898e8ea19dcfe9fe2efbc5eaf2cd70dbb06701b8e53feba93","sha512":"7e7df95474f6ca4cd584a691be04ef33d424c5cd9ea8870e65791a86cef665eebf0df32269ff5af4656238efda32ce31812a71b10e69641c663cdd7dfa8e3029","ssdeep":"3072:wMdgE4n3vIDKtQIe4MDrqsd/GizsAnHPFA:wMdgE43erfDrqsd/GizsAnHPFA","tlshash":"4f243b8a71a2703253e7607740bf010af3355a65688a80d0f119e5f1adf5e8e72bbf79","size":211944,"data":"","first_seen":"2026-05-15T09:40:15.411198Z","last_seen":"2026-05-20T10:34:42.002821Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"7d3aa7ef3235b8f05e114daed0d84ad0","sha1":"beb5ea328c7b0783187d9fc9766fd0d58b5a30fe","sha256":"80da1aa0b2693911bc006a09d081d4d5da1aba5abff6db971406bf5fe8d1246f","sha512":"6e80c9f4d6dc65a6104fc244f0c19e88a4b0a11b8bc679b7df5b74795161a34689c1467ca3e57db3a10bda4791a8ed7ae087959f9e6202def21308962a3d5028","ssdeep":"","tlshash":"c9f0022c03045efbbae282d6356379452e6ea511d2c06e159ef94b1885c860f3223251","size":634,"data":"","first_seen":"2026-05-18T14:09:33.849339Z","last_seen":"2026-05-18T14:09:33.849339Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/header/header_8.js?id=639b6803674a0f2e41862e72539c4c2f","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"639b6803674a0f2e41862e72539c4c2f","sha1":"e41cda3ff2ddf4085c7ba07147b935984e77f951","sha256":"0ea7b69edbf80b908074874a5c062f4e53eb97b1c37d7526f10a392e00fb7c76","sha512":"a76a35def6e92318b6b4abe75efccbcc0af2a9c1e0181409caa1842b2d76f8a89021557248bfb88d589fa4b62259a11cd328de20f2fcf725a4ead36bd81343a9","ssdeep":"192:8H54LlCHSZJBEi8UBmEQHGcCpgsKERXMqlSHf:Vxh4jCaop4/","tlshash":"eb225699f391f0b145e7a1b1402f410bf229785aa09a90d4f665d8f0adf84ee42b3f3d","size":10443,"data":"","first_seen":"2026-04-28T13:33:28.016234Z","last_seen":"2026-05-20T10:34:41.957071Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/1596.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7db5791c640b1508e9eb6d29df279b92","sha1":"109d120b95f3a17def9a6fc65ce8126725d74135","sha256":"fc6b6613f27e650ec4eebeda50780b54b33a89b2af1f321127f8bbcafa85c696","sha512":"cc8efad0bae7e1872f30a9bc27e85e811d1f0fa6cfc1064665ecdbac2481259b9be709f6b2393116930ad552afdb4666bfac00ace133ff7c6139bd06bfd30415","ssdeep":"","tlshash":"9a41639836d6fdb109e79251417f920bf1381652a83ef004f316a9e099b88cf85b1f37","size":2326,"data":"","first_seen":"2026-04-28T13:33:28.018144Z","last_seen":"2026-05-20T10:34:41.997578Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/reviews/reviews_4.js?id=969d9a1d2be73d7c85e1abba3199a28a","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"969d9a1d2be73d7c85e1abba3199a28a","sha1":"d73b7e53ed231dbec76090c4ace52116632152ca","sha256":"aab6d61bd55abe74f738778877d5843f704ed6145cd78531b29ef73309748b60","sha512":"63823bc3e5e539a6d82156cbf47e0d4544fe41cb64019a87149d0f5ddc9bc1dfa9876053dcb136674a476c7bc981e385a33b0e3ee9336597893b96c0ab5bca5b","ssdeep":"192:/jJP9dvncJHJtH5RdhOh1R5FxHvb3KCMPyH6qIRfpZQZgQZ7/SoyFqNBqft2QqP6:/ll50x6dcAPgoYdft2QuexA2Rgc0w","tlshash":"b992b88cf7d6f07503a36532812f414bf23a785ab45a9054e615d8e1bcb88de9233f79","size":19863,"data":"","first_seen":"2026-04-28T13:33:28.021979Z","last_seen":"2026-05-19T05:56:50.774883Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/lang-currency-select_1.js?id=005d308fa26677ad2ee68b933f0b3440","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"005d308fa26677ad2ee68b933f0b3440","sha1":"9a1f19f806e1f5226b9fc3419a305c251d15e9b8","sha256":"42352fd04fd9e1431d21ed987b6c6299f4ea6dedc157697ebed61fbd36ed3b28","sha512":"77488691103ab3374d6d5107ea5849770460dc084c8d4ce4a31a0da7144ae3810427212b804b0644df4436db27f356bef0a0ff88e1f4ffda41f3aba4b968186b","ssdeep":"192:8H54LlME7HRZaERi7RBatHFECpR54VhQWA9hSdGMHVICpwoCQI/LhBfiHncVF:VxHa+zECr3W3SC6xQu9","tlshash":"2e62458cb7a1f0b146a7a175402f450bf239796aa09e90d0e655d8f0adf84ef4273f39","size":15012,"data":"","first_seen":"2026-04-28T13:33:28.01114Z","last_seen":"2026-05-20T10:34:41.986874Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/4067.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"66fdf579813f5b27faa84ed6548a3860","sha1":"436bf379c8ddac61aedee57c629b332a0c40cbb4","sha256":"24bb956159a0a8a9b7226ef5ec2847c69b619f9d995b9cefd3f72a9b84f9c96c","sha512":"565ce621f2b0cd3b96e01884b4dc90422a08cc68935eadf40f4dff5304a0844640d129a3c54d7d43fc52ef1f595027a465a5426edaa794a5e6072a02688a2db8","ssdeep":"768:cNDd6OkI1XySiprXJYEiuSSQGvEqnjyHOcd8EmdHdLHGCtw5S+EXEQVzexO6s:cNR6OkI1XySiprXKEixSJvEqjKOcdXmH","tlshash":"59e2176a7724353891cf149fa05fdb4e333540a2bc1b2446d51ec8e5bcb6c6a06a7f8d","size":31292,"data":"","first_seen":"2025-09-16T18:18:33.249978Z","last_seen":"2026-05-20T10:34:42.002031Z","times_seen":542,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/js/main.js?id=9e909c8081750bd4ff108fb2beffef26","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e909c8081750bd4ff108fb2beffef26","sha1":"254fb59700f9ae5eb98278f6daae7b0aef4fdd9f","sha256":"90cc8c41422d82deb38d61e26391c8fd5fa43a12045e2cf5accabbe75ae83a63","sha512":"e6cee5a7be0fbd53034f9090583d1b41728457347bddb9e6c92d39de73032a8c990d4d257ff508f2af0f44b36947e271d004ba5adfb12744bd7343ae587908e0","ssdeep":"12288:xzP/3Xn+B7CckP5bYy+/RuFuW92B33kj52Va89LS:xzP/HnC7CckP5bYy+/RuFu133kj52VN+","tlshash":"9ea429da32d6b03253a716b550bb0106f3395e54740e8194f12ce8ee3d7a54aa2b7f3e","size":491072,"data":"","first_seen":"2026-04-28T13:33:28.032772Z","last_seen":"2026-05-20T10:34:41.977901Z","times_seen":175,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/footer/footer_1.js?id=37fe4c328ed05840b464d2092baa2a67","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"37fe4c328ed05840b464d2092baa2a67","sha1":"aa1829c0f6b853579c102e75cb3136909f97423e","sha256":"721b88f911a9bff6d502174cf51864dd92f2e38bf331430d03e6789511aa4a61","sha512":"6e84400342f1fd87b72cb752cb6bef94c3abfe6b444c8d2051c02e40b009bbcd9dd527c23a6a115d406ece43f440f132dd92b846c102857726cb9ed5e3e55788","ssdeep":"","tlshash":"60f0a2acf3a970b346437024447fa34b917f79a044aea414541176e06e3ce0fe5b3c66","size":611,"data":"","first_seen":"2025-01-25T21:28:42.429663Z","last_seen":"2026-05-20T10:34:41.999507Z","times_seen":640,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/7870.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec0fe097949f14e7e01a6218dbe1619c","sha1":"8480fb5662c606b96f492fadcdb25a489b514401","sha256":"0fb6cae0ffab899aba7a6af020a3d139776dd997a41f7d5a5e3b2a30e792eeb1","sha512":"7c3d50105b0bf3df37e0c53e4f7013b4b3f6ec543984026f34eacde23e8f3dc1ee9c207f6412eddc5951e61c219b3db65da50adab2fbef6fcba789e5aab94029","ssdeep":"","tlshash":"4a4153983295fdb11ee39155457fa207f13922166c3df004b316a8e0a8794cf8272f27","size":2389,"data":"","first_seen":"2026-04-28T13:33:28.03151Z","last_seen":"2026-05-20T10:34:42.004303Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/5480.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"00a60351164bb86853505dfdf0da7ef7","sha1":"ee729a5a7af336385707218111dd76b285855307","sha256":"c2b608d41e11d71eee7fd4fa140c2fcaaec8b0310344214d3205022cf630ec5f","sha512":"b9087f87d55d4f6d1d4eb6d708060f418703ca7ffcad6ae1ea2d3bb6294b4f02aa47196c1a3f1fbe6b031ac62b99dfcafdc419bfcf3c78c562115ba10490fd34","ssdeep":"192:qHmxvRvX5QH2hUyTSlrkgaNaey9Q16qN8qNt2iq4iqfr46z3anIeKM:Jxv6xCgiV8CNt2iys86z7eKM","tlshash":"da1293ccb2d6f46903977621902f100bf23e6966b85a9454f728e8f1b8b444ed327f79","size":9330,"data":"","first_seen":"2026-05-15T09:40:15.417315Z","last_seen":"2026-05-20T00:47:08.60175Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/location/location_4.js?id=802cd06d4ed5886a0fce088a9e2afce3","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"802cd06d4ed5886a0fce088a9e2afce3","sha1":"f56836863a49d0ae815c7cc55dd6a682a415077c","sha256":"5bac214008e6e70483a63f009702c06b5e0f95e75153ea2ebddf39404d94330a","sha512":"09d2b2acdb1825f7417cccc165457f9d7e555aeac9751b6ac1ae20f5931d48252f75bcc9aa27c0b36f9b6163605630797922c05f3b923cb7397631667c375424","ssdeep":"6144:xhNxVaM6TQ6hGXcJ7espTXD14HAKUZopbQXeCVv1vgz0axGMzdotWrcL2ygjFcXf:xBcM6OspTXS3bo1vgz0a9bif","tlshash":"920519a9b25564268283a091447f014bf33f94a9e44980dcf62dc5fe9dfe949633bf38","size":853124,"data":"","first_seen":"2026-04-28T13:33:28.009636Z","last_seen":"2026-05-20T10:34:41.957565Z","times_seen":135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/9993.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"72a6918f7d060b48b6b6bc0c4985464f","sha1":"efb6c062e27a2125d3b8ac559a6c30e4a1e4ff15","sha256":"5c9a12365d28fa18f51bcc39c7555867f9bd2c491cd85b784a69df84d367e031","sha512":"04f8f7f61585c9ded0cd799a991bc962879b3c9a3c65f75bfbb27d210efa99ec4b06eef5ec33093282ef56db75ea203645577210542627f7de949c9b9dd35a5a","ssdeep":"192:mKxHVjD2ULPuWRseKFEN8AYX/HUQCp/nCi9DMaKJSEncGHRnYpHvXAZK:mi72zCIG2oIWA8","tlshash":"fb728388f392f4b506e7a171812f0207f229b55a609e90d4e625d8f0adb89df5273f3d","size":17157,"data":"","first_seen":"2026-04-28T13:33:28.035623Z","last_seen":"2026-05-20T00:47:08.583165Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/overview/overview_4.js?id=52d9609cc4365763ea040467d7e0275d","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"52d9609cc4365763ea040467d7e0275d","sha1":"d4a73b2bc6cad1d54eba2eb7caedf745baac3aad","sha256":"ff6cfb73544ac63a9ec071c811d25fce384f21552affa2ede8297da1326f88cf","sha512":"2d1ba060a1610e49da195912b0d038430da8ea61aaf008edb6bf411c58f1ef72ca6254ea8d37a97210b5577f4e9551457963daf35eb998e1564719c52b5c31a1","ssdeep":"96:29HqCf9CM9HqJYqwDTnGpITQui8CqjvysCHXVTSb9tCPq:8HJU+HZqwfLi8/mVi4C","tlshash":"73b15359f391f0f542a7a0b5812f410bf274b89aa09a90d4f661d8e06eb89de4173f3d","size":5173,"data":"","first_seen":"2026-05-14T16:39:42.930092Z","last_seen":"2026-05-20T10:34:41.991272Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/6716.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6551a290e3583f40eec9f321108d17e2","sha1":"6f68caaecf77e6ac07e204697fe8cb816ab43074","sha256":"17e88c9b360bbd7046cfec5f34e54a1d1eda776b35892fc5b1262efc18f351a3","sha512":"96208250ead52652b58e56c55481dc1b32537d26c0b0e953bc387c69682d161df91ef535e3f7067ce3ca5e2d36d01debd07682cdbf2a2f1ecf24446b8eaa3b7f","ssdeep":"","tlshash":"bb21b79af2d970f147671451c12f83ebd5fdb1506097c840b92812f41a3dc1bb053d6b","size":1240,"data":"","first_seen":"2026-04-28T13:33:28.034506Z","last_seen":"2026-05-20T10:34:42.001162Z","times_seen":166,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/relinking-slider/relinking-slider_4.js?id=8418a07f103c99bc3135a2ebb30817b9","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8418a07f103c99bc3135a2ebb30817b9","sha1":"ea4592acb3ecf0106db6651e1833c0899c840056","sha256":"c6c9273a6eca024ff45f8e725ab99648eb5d33fabc0827cd42f2d702a6aeabd2","sha512":"6d913ba0cd8be053e2ad91f6baf6724f60a4cef32612b4533973c782caede798dab50e3f469f9786e86b7c3ab405bc3960f709217be6eeb6c686a0c1534b3634","ssdeep":"3072:8MxKfmWWWCve9cqBxsP3hi76HeyDW5gbgS:8MxemWNCv2c73ChyDW5I","tlshash":"1004e8996320757646e71a9b93e4c261a3b44440b40ac4e870e94c9fd97ecac13ffef9","size":184772,"data":"","first_seen":"2026-02-20T20:13:39.635828Z","last_seen":"2026-05-19T05:56:50.750997Z","times_seen":293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/919.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"787a592189df23073a7902ae0a9e8030","sha1":"a67d4914b7e8bca5f31fd9f16c21f2e29a4ed743","sha256":"956aea19faf0722ed2b49afd4a425375cca2343d6769860093ff2cc3e39a9ddc","sha512":"514e323ef62cabb698ee64dcb669de439828eedbfe1fda5ca6004a75d57060d95e5245cd46ccdfcd41b76292d119a748a59c53aa452326f7256c1bc2dc048d7c","ssdeep":"384:iC4EDle4pTohtH5s782OVuawGNRJmNiPzugzpUzDftHdOsxSeCWi4G8g:iCjDle4pTohtH5s782OVDwGNRJms5Kzu","tlshash":"8e62c4cdb2d2f46543e76671902f210be13a752ae95a9440e719d8f1b8b848f9233f3d","size":14755,"data":"","first_seen":"2026-04-28T13:33:28.028606Z","last_seen":"2026-05-20T10:34:41.971909Z","times_seen":167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/rooms/rooms_4.css?id=29800e6ae75c05b4a170a30c75401598","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/rooms/rooms_4.css?id=29800e6ae75c05b4a170a30c75401598 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-a8c\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 53e9490a-919f-46f3-bce7-c82614d0dab4\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2700,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (2697)","md5":"29800e6ae75c05b4a170a30c75401598","sha1":"9660c696d6a2f116106ac8e0d52660bbeb19d120","sha256":"014bab039ad4e5c533dfae250ee7df93a3a55e58f734bae18a3df61abb5371aa","sha512":"460bc62dc2327bb453f5273ab3197f9f38cb456159794d41172ab87832268693c2df8949522a06fbb7e44c3a4160ce41188a8bbc338d46ba8422b79dd5ab0db5","ssdeep":"","tlshash":"5e5144737f05103d747ace43984f5d6717d69802eb9b869c87d464bae7c11422b60f6c","first_seen":"2026-05-12T18:07:12.582287Z","last_seen":"2026-05-19T05:56:50.74847Z","times_seen":50,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/images/sprites/sprite-amenities.svg","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/images/sprites/sprite-amenities.svg HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-17a6f\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 4604a6db-ace1-4469-90ce-01108a7defab\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96879,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"92b13686f1f829797b55a820a646fae7","sha1":"fc854d7f6f7c6ae1555d752c6940c68b84334d5e","sha256":"6559252cdecd43f3d38db88171bc575ef006e230d0b90d295e0a2c638e34375a","sha512":"5d3c094b79d0ea26918f991a637fc1df6d1e0f9f72c7a37429ce477d448d6c7dbe3ecf9b547ebc7754d06235ed909fc9d6afa2495e7afe3ea12f59c3bc17de5a","ssdeep":"1536:5+0tXYzjmlmmMfLqa6oGczwSc4qgve05hGUXWyxjD67:LtXCCo96omSYgveDUXo7","tlshash":"a093b8e6272c67ac9a834eaeff2675a8631fa0f5759982f05d1f8b74604758cf203c50","first_seen":"2026-04-24T14:16:33.733206Z","last_seen":"2026-05-20T10:34:41.959205Z","times_seen":132,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/img-folder/images/450x450w/15400/1540064/1540064851.JPEG","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /img-folder/images/450x450w/15400/1540064/1540064851.JPEG HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18220\r\ncache-control: max-age=31536000\r\ncontent-disposition: inline; filename=\"1540064851.webp\"\r\ncontent-security-policy: script-src 'none'\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\nlast-modified: Mon, 18 May 2026 06:26:59 GMT\r\naccept-ranges: bytes\r\nage: 370705\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-request-id: 6d666020-2a32-4d6e-b319-8b89340824d2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18220,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d3c1f6abc3b778150f8ac6966caf659e","sha1":"efb36c697832c6a766b6c98d19a44e9de83025b2","sha256":"06a2487d5664d34efce986f72c577aa139d9d3288a8628229c784aafe38784ab","sha512":"37e2b148bfdbd27ccf9196a27d324340872d051c1983e37c2ed5ad04df97440d307f8a75eb5a51640a969a13a27857185d8d36ae7c1fdc1cd8420fb1903c2a74","ssdeep":"384:68KAL6cWYrppShgYteptDu7XY0uGQHkttdvb9jXCv87IyCsxVMclmUz2:b+sppIeptDu7XY0jQEtjBXX390Uq","tlshash":"a382cface71cd62295a0a1384b46a6bce703b154f8d47bf1718fca02be5dc16fe42246","first_seen":"2026-05-18T14:09:33.821137Z","last_seen":"2026-05-18T20:31:36.861013Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/919.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/919.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-39a3\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: bfe45399-84a6-494f-9aea-10b861529fc4\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14755,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (14662)","md5":"787a592189df23073a7902ae0a9e8030","sha1":"a67d4914b7e8bca5f31fd9f16c21f2e29a4ed743","sha256":"956aea19faf0722ed2b49afd4a425375cca2343d6769860093ff2cc3e39a9ddc","sha512":"514e323ef62cabb698ee64dcb669de439828eedbfe1fda5ca6004a75d57060d95e5245cd46ccdfcd41b76292d119a748a59c53aa452326f7256c1bc2dc048d7c","ssdeep":"384:iC4EDle4pTohtH5s782OVuawGNRJmNiPzugzpUzDftHdOsxSeCWi4G8g:iCjDle4pTohtH5s782OVDwGNRJms5Kzu","tlshash":"8e62c4cdb2d2f46543e76671902f210be13a752ae95a9440e719d8f1b8b848f9233f3d","first_seen":"2026-04-28T13:33:28.028606Z","last_seen":"2026-05-20T10:34:41.971909Z","times_seen":167,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/4067.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/4067.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-7a3c\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 3acef9bd-893c-4f15-8d92-1050c0a8930e\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31292,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31259)","md5":"66fdf579813f5b27faa84ed6548a3860","sha1":"436bf379c8ddac61aedee57c629b332a0c40cbb4","sha256":"24bb956159a0a8a9b7226ef5ec2847c69b619f9d995b9cefd3f72a9b84f9c96c","sha512":"565ce621f2b0cd3b96e01884b4dc90422a08cc68935eadf40f4dff5304a0844640d129a3c54d7d43fc52ef1f595027a465a5426edaa794a5e6072a02688a2db8","ssdeep":"768:cNDd6OkI1XySiprXJYEiuSSQGvEqnjyHOcd8EmdHdLHGCtw5S+EXEQVzexO6s:cNR6OkI1XySiprXKEixSJvEqjKOcdXmH","tlshash":"59e2176a7724353891cf149fa05fdb4e333540a2bc1b2446d51ec8e5bcb6c6a06a7f8d","first_seen":"2025-09-16T18:18:33.249978Z","last_seen":"2026-05-20T10:34:42.002031Z","times_seen":542,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"spahotel.guru/favicon.ico","fqdn":"spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 370070\r\nset-cookie: _b=1779113343.601.12907.581942|3c861b5abca4655c3a6dd5dcfc9539c6; Expires=Wed, 20-May-26 14:09:02 GMT; Max-Age=172800; Path=/; HttpOnly\r\nlast-modified: Fri, 15 May 2026 07:14:43 GMT\r\netag: \"6a06c7e3-5a596\"\r\naccept-ranges: bytes\r\nx-request-id: 647d8d9d-1d9a-4737-8fed-75fc96a09a44\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":370070,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, 256x256, 32 bits/pixel, -128x-128, 32 bits/pixel","md5":"f64ad864d87e446dc9f89caf5522936c","sha1":"71745724af4ce668279e991e2b9e5aad8679f517","sha256":"017f12ae9ee7b43607a326b1625a5b250d7e17fd1885cc6717d16d631b56bcdd","sha512":"06768109a575f175d3cdecf712ac7cdf04bbcd220e4fa93fee5bd99c08fcf1bf24f390accb0683bc6077cc5c5ef7a61e2a49d5bd34ad89c5eff53c0342ea7419","ssdeep":"1536:1xf/kIKWG9y0/KKwWLJl+jHi7ONiNPOXdyjhpyVTc2H5vPh0hpVfZeFKp/YTy:1xf/uPKQlS9XdMSTc0P6fcd","tlshash":"547427feae95d77dc543447be4deaae60e198027bd4632e0d978c071ceb7e398605808","first_seen":"2026-04-24T14:16:33.749012Z","last_seen":"2026-05-20T10:22:52.749446Z","times_seen":108,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":0,"dns":41,"connect":21,"send":0,"wait":119,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/9993.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/9993.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-4305\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: e305f9af-1870-441a-9633-bbe77abc60ee\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17157,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (17124)","md5":"72a6918f7d060b48b6b6bc0c4985464f","sha1":"efb6c062e27a2125d3b8ac559a6c30e4a1e4ff15","sha256":"5c9a12365d28fa18f51bcc39c7555867f9bd2c491cd85b784a69df84d367e031","sha512":"04f8f7f61585c9ded0cd799a991bc962879b3c9a3c65f75bfbb27d210efa99ec4b06eef5ec33093282ef56db75ea203645577210542627f7de949c9b9dd35a5a","ssdeep":"192:mKxHVjD2ULPuWRseKFEN8AYX/HUQCp/nCi9DMaKJSEncGHRnYpHvXAZK:mi72zCIG2oIWA8","tlshash":"fb728388f392f4b506e7a171812f0207f229b55a609e90d4e625d8f0adb89df5273f3d","first_seen":"2026-04-28T13:33:28.035623Z","last_seen":"2026-05-20T00:47:08.583165Z","times_seen":122,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/amenities/amenities_1.css?id=ccd1499d9da7b671a52f8b3eff6c50a8","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/amenities/amenities_1.css?id=ccd1499d9da7b671a52f8b3eff6c50a8 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 817\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: \"6a06c97c-331\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: 659dfbf4-637f-4d9d-b939-bb4a983a5ab3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":817,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (816)","md5":"ccd1499d9da7b671a52f8b3eff6c50a8","sha1":"0d13177bdf2041da5de9b55bed1e7cc89f350bcb","sha256":"36914487454048ecc42c6629335ad233baf8648c99da2adf63e1b1c9cb60a5fd","sha512":"0b2d9d1557aaa1599bdb845cb3bcd0cb377df1a450ad4a3afab496a909acea184021e737369141c1705985226646c7e1c6f0fa277c02d16ddf6dd023b6e60e4a","ssdeep":"","tlshash":"80014873eb41613e50e2d55ddd4251221362f8179fee13b1be648059f3883841b1af6d","first_seen":"2026-05-13T13:55:41.495811Z","last_seen":"2026-05-20T10:34:41.959814Z","times_seen":67,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/reviews/reviews_4.css?id=c6b634d7d6becf877185b66c87a4bfe4","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/reviews/reviews_4.css?id=c6b634d7d6becf877185b66c87a4bfe4 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-2888\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 2c2392de-a817-47a0-82c0-32edb1fd3bc1\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10376,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5232)","md5":"c6b634d7d6becf877185b66c87a4bfe4","sha1":"d8899301324f76436ea69fba63bb3123670c2222","sha256":"3659fbdcc88182144e298c2ecf576d4442aafa5f11590aff66699207e2372511","sha512":"6c1f2edefe3b7557634545477a65558421c0ddf9f88f0713c8f99d1befa0ad6ce3f5dc48fe074d6b7ca797b3046d0e52df9bec260cf298c1c6ff74eb89a7c685","ssdeep":"96:SArGTRJBv1I6l7YdI6JnYIWcOE8uvmQCeF61iYSoASWSx9uaE/EbMgr2:S2GTR3v1zsfufguUFpYSoASxHc0Mgr2","tlshash":"9222c0aa6710202663278d3309725bb6d574988187d38e7e91d0fcc4d2b7c7e2b6b67c","first_seen":"2026-04-24T14:16:33.731035Z","last_seen":"2026-05-19T05:56:50.749386Z","times_seen":157,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Mona+Sans:ital,wght@0,200..900;1,200..900\u0026family=Playfair+Display:ital,wght@0,500;1,500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Mona+Sans:ital,wght@0,200..900;1,200..900\u0026family=Playfair+Display:ital,wght@0,500;1,500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 18 May 2026 14:09:01 GMT\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6235,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bed161fb068fe3f430ebdcac4c2d8af5","sha1":"17109c6986976ae28e408e36c5fe3a57dc0533e1","sha256":"6e352ad114069a590e6f14367debefea727bef9cbf4100df5ff89eb589f5d523","sha512":"d6fe9ec644447ac6d5de5a59952eae04a1a44fb605a2c4f754e6d686a6e1cd54fcfe8ef489237c56c13553e8bdc310fe51f9ec6ec6ea640239c16d0c97f1ff3b","ssdeep":"192:civwvgabvZL4prMGJNK29uMNK29LNK29DXNK29agu2sp7u2Mu2G2u2k:ciI5hqJM29uMM29LM29TM29a32M62b2G","tlshash":"6fd1ffa1056ba644aa435cc227cfbf369d9f61603081d67c6ffd1888ac9bd269364b0d","first_seen":"2025-09-26T18:24:17.569339Z","last_seen":"2026-05-20T10:34:41.992763Z","times_seen":353,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":120,"dns":1,"connect":8,"send":0,"wait":18,"receive":0,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/lang-currency-select/lang-currency-select_1.css?id=9c40cc6e4ea8373fd85a1d1a112322a4","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/lang-currency-select/lang-currency-select_1.css?id=9c40cc6e4ea8373fd85a1d1a112322a4 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-1158\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 8c042cff-7f95-4829-8ef0-f7a9e93a8c66\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4440,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4439)","md5":"9c40cc6e4ea8373fd85a1d1a112322a4","sha1":"ada0416a24be808e5e0d387766435f8101e43d42","sha256":"9d43510dd817d683e4d212b3bff069f6e205851c3f88e4ec3d16a87f2104923c","sha512":"210ee4b6121b3c5750851040a5072bf13356e60c7ce2ae5856c6799c5c938e4182fbc6778445d7a1f972bd8e5f76aa02bdebf611e9a4f9f64405cc18ff5b2539","ssdeep":"96:IRIv5eCaR2MJgbIeJsDsufmIJCLIyeurwrMr26fmhgT/GOeMgvoxh:IRGvAT0xzD","tlshash":"e691f021067c2338e4bed477be40297b2136e50ee1377ec9aaac96519f483415831faf","first_seen":"2025-11-27T01:58:12.048695Z","last_seen":"2026-05-20T10:34:41.990783Z","times_seen":314,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/overview/overview_4.js?id=52d9609cc4365763ea040467d7e0275d","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.518Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/hotel/overview/overview_4.js?id=52d9609cc4365763ea040467d7e0275d HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-1435\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 1456bb7c-27a3-4a6e-8fd8-5a5b580f6d46\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5173,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5134)","md5":"52d9609cc4365763ea040467d7e0275d","sha1":"d4a73b2bc6cad1d54eba2eb7caedf745baac3aad","sha256":"ff6cfb73544ac63a9ec071c811d25fce384f21552affa2ede8297da1326f88cf","sha512":"2d1ba060a1610e49da195912b0d038430da8ea61aaf008edb6bf411c58f1ef72ca6254ea8d37a97210b5577f4e9551457963daf35eb998e1564719c52b5c31a1","ssdeep":"96:29HqCf9CM9HqJYqwDTnGpITQui8CqjvysCHXVTSb9tCPq:8HJU+HZqwfLi8/mVi4C","tlshash":"73b15359f391f0f542a7a0b5812f410bf274b89aa09a90d4f661d8e06eb89de4173f3d","first_seen":"2026-05-14T16:39:42.930092Z","last_seen":"2026-05-20T10:34:41.991272Z","times_seen":64,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/reviews/reviews_4.js?id=969d9a1d2be73d7c85e1abba3199a28a","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/hotel/reviews/reviews_4.js?id=969d9a1d2be73d7c85e1abba3199a28a HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-4d97\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 189c8909-6239-491d-8f1c-970d7745e6a1\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19863,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19758)","md5":"969d9a1d2be73d7c85e1abba3199a28a","sha1":"d73b7e53ed231dbec76090c4ace52116632152ca","sha256":"aab6d61bd55abe74f738778877d5843f704ed6145cd78531b29ef73309748b60","sha512":"63823bc3e5e539a6d82156cbf47e0d4544fe41cb64019a87149d0f5ddc9bc1dfa9876053dcb136674a476c7bc981e385a33b0e3ee9336597893b96c0ab5bca5b","ssdeep":"192:/jJP9dvncJHJtH5RdhOh1R5FxHvb3KCMPyH6qIRfpZQZgQZ7/SoyFqNBqft2QqP6:/ll50x6dcAPgoYdft2QuexA2Rgc0w","tlshash":"b992b88cf7d6f07503a36532812f414bf23a785ab45a9054e615d8e1bcb88de9233f79","first_seen":"2026-04-28T13:33:28.021979Z","last_seen":"2026-05-19T05:56:50.774883Z","times_seen":122,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/img-folder/images//OriginalPhoto/15400/1540064/1540064962.JPEG","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /img-folder/images//OriginalPhoto/15400/1540064/1540064962.JPEG HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 215258\r\netag: \"9ab9cc98a609471c53d8446315e68b7a\"\r\nlast-modified: Mon, 22 Dec 2025 19:56:34 GMT\r\nvary: Accept-Encoding\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nage: 82337\r\nx-request-id: 115f2a79-fc9c-4eed-8c16-ec50339fe67a\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":215258,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1340, components 3","md5":"9ab9cc98a609471c53d8446315e68b7a","sha1":"b587726231a80c6b4588f46852b03cf975a6abed","sha256":"9ceb1404002a9ccaca3bfeb8a16c1574e9fc0a1431fcaf513f0252cc8e98e3d7","sha512":"8dc54b92879ab20867255c84d86b1ea7fd8499d2775ace228126fe7ac455132fb31f16b412ff5678997be4ea19b340deea4f07e7561d577f8944262947609d75","ssdeep":"6144:R5de8Qh3RIyovOwm5wScJ1JOyqaVv9dwMZ25Jpi:JeV3RPovOwm5wVJT7qaFwM+Jpi","tlshash":"352413607ab3eeb2abe49a42bbd3530c21edcb8f433d8419710526f8574db5e6934076","first_seen":"2026-05-18T14:09:33.827949Z","last_seen":"2026-05-18T20:31:36.874771Z","times_seen":2,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":382,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/calendar/calendar_1.css?id=93b1f3fa763b04a84d5dc98c548bc618","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/calendar/calendar_1.css?id=93b1f3fa763b04a84d5dc98c548bc618 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-c96\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 51f9c76e-a087-4054-8183-b3f1588a8cad\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3222,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3221)","md5":"93b1f3fa763b04a84d5dc98c548bc618","sha1":"9d1bbab3fa1dd4d7353e00ce622c5aa86caa4d23","sha256":"4b5fdf846c51a1ae8b32cd710603a357e7125e25ae0b50ffc45e8f9bda287036","sha512":"c680f8a969972d2778849dd07b07fa0936dff4768c44a2a69672ab7736e2a20243b41e88192d57a671855b0b66aa4ca226aff954421cf4db9ef8e82f9824a0a2","ssdeep":"","tlshash":"8961e412da370028a165e97acc716a973a3b750151c27efed0c27b73d6cb28e12f8684","first_seen":"2025-10-06T20:28:34.504459Z","last_seen":"2026-05-20T10:34:41.976636Z","times_seen":316,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/monasans/v4/o-0bIpQmx24alC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/monasans/v4/o-0bIpQmx24alC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39512\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 16 May 2026 18:19:46 GMT\r\nexpires: Sun, 16 May 2027 18:19:46 GMT\r\ncache-control: public, max-age=31536000\r\nage: 157755\r\nlast-modified: Thu, 04 Sep 2025 17:23:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39512,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39512, version 1.0","md5":"df50293fe89b7f4490a8447d730ae6a3","sha1":"ecac76ffba8c5589cd8946a16ae395fb56b38c74","sha256":"e1b6c4ff93709d7697f2f1df4447a052726b8691011bcacde1c7c800e4330880","sha512":"c1db3700e3dd384ce9ecfc0112616b2d017193929c3517cfbb2b3162b8c2a188fb6480baddac2e699e15620be5815acb748f4765a58d8f0759b1780566c73693","ssdeep":"768:uH5/MHMji5jo4xjWbPsFPc0yqeZqbmw1+9TVAtg1d+ipyavB+:u9MsIjBxyQF0XZje+95kan9+","tlshash":"9603f1c9a6a477d1c3c39d1cd21aca3296ab98b35ff6015b8e7d4012fcad127493a825","first_seen":"2025-06-19T17:07:21.488681Z","last_seen":"2026-05-20T17:10:07.982122Z","times_seen":608,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":63,"dns":1,"connect":9,"send":0,"wait":10,"receive":9,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/img-folder/images//OriginalPhoto/15400/1540064/1540064950.JPEG","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /img-folder/images//OriginalPhoto/15400/1540064/1540064950.JPEG HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 189208\r\naccept-ranges: bytes\r\netag: \"c0db733f490868bb5826ab0e9fdbb3e5\"\r\nlast-modified: Mon, 22 Dec 2025 19:56:34 GMT\r\nage: 458401\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-request-id: f5a73809-e2d6-4a47-a118-d6c62cecd39f\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":189208,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x1340, components 3","md5":"c0db733f490868bb5826ab0e9fdbb3e5","sha1":"95ab8d2d258af21e7e6fbf3027b5e8c5b3c22aa7","sha256":"05c554480f129aa5e03de5b657b55f9e700a455909f454434f141a0ea78bf579","sha512":"9e5eb37b57054600937de0acdcd830b545710181704efcbe6175330d1051923cfa7942aef7a9df845bcaa2fe3f3883ee02e1865263d95062bc4439cf68321737","ssdeep":"3072:zLyVXvz4kqJjl6/jAGYf01IY58D3eq2PFkdwpd7yPHM4:zLovzu1neVzpdV4","tlshash":"2c04125533aa9be3e756a13b737b1a6e5425073c4108faf2b32b11eca61f29ef400121","first_seen":"2026-05-18T14:09:33.831291Z","last_seen":"2026-05-18T20:31:36.862248Z","times_seen":2,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":351,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/pages/hotel/hotel_4.js?id=24f1198a76dfc6a236c9fb7593ee43a3","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/pages/hotel/hotel_4.js?id=24f1198a76dfc6a236c9fb7593ee43a3 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-33be8\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 42d27511-5e01-4c79-8c5a-3bd1d3d6ec26\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":211944,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65470)","md5":"24f1198a76dfc6a236c9fb7593ee43a3","sha1":"ee025d03c87a7b9e773baf77159f72e6d046ebea","sha256":"53fba594b7081f8898e8ea19dcfe9fe2efbc5eaf2cd70dbb06701b8e53feba93","sha512":"7e7df95474f6ca4cd584a691be04ef33d424c5cd9ea8870e65791a86cef665eebf0df32269ff5af4656238efda32ce31812a71b10e69641c663cdd7dfa8e3029","ssdeep":"3072:wMdgE4n3vIDKtQIe4MDrqsd/GizsAnHPFA:wMdgE43erfDrqsd/GizsAnHPFA","tlshash":"4f243b8a71a2703253e7607740bf010af3355a65688a80d0f119e5f1adf5e8e72bbf79","first_seen":"2026-05-15T09:40:15.411198Z","last_seen":"2026-05-20T10:34:42.002821Z","times_seen":49,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/relinking-slider/relinking-slider_4.css?id=ad2df07f0165541f408f27fc457fed6a","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/relinking-slider/relinking-slider_4.css?id=ad2df07f0165541f408f27fc457fed6a HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-ebc\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: da4c9fb2-a7e0-49a0-8482-fec937fe82f4\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3772,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3771)","md5":"ad2df07f0165541f408f27fc457fed6a","sha1":"5a0989300c4fa8fa965705d07b3b7a72a556f9bc","sha256":"f5dc9c08604e3971243bd9d5d0c5698243c9a20ef16ea72d3a76a7fe96a02eec","sha512":"78cb59280ee7299988c38043f0647df027bcc7db5b43c0bb46faefc6a7b8ef5eeb412f51936469b97a54434a053e349bae0d248f090aa6c2df6b1ef7f7996f92","ssdeep":"","tlshash":"8371ba309306280e7665eed25244adeff5badd0bc5812354dacd266cdd860db2a33bdc","first_seen":"2026-02-20T20:13:39.579705Z","last_seen":"2026-05-19T05:56:50.750221Z","times_seen":291,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/images/sprites/sprite-badges.svg","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/images/sprites/sprite-badges.svg HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-3ea5\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 765046f8-560f-4ce0-b207-d828280e4510\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16037,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7e4fe53317c7a5ab0d21c522b125d59c","sha1":"2d7f50ffad82699ffc796c1f9f593b7a5ae1b60c","sha256":"28ecc64012e0aa2b0dd6b7a5419c5109e657c5aa63374dbf9691251c0c72251e","sha512":"affdf806fe403794a2cb3cf7b29157b7e90746110648ae057ae77b43d7b88d2135cedfecd688648dee3c1dd911805feef42c22e37bc0c03e12a4ca74688e68a5","ssdeep":"192:LBQnaB/cMjco2IDgsWWsPX5+F9SxswoXVxQkHvyfEY+OQbGVW7q92S:SaB/tIorgHW/ixDGnVHvIE/zq9n","tlshash":"467261fa273c29eca8874f6eef217169136fa1b931e881b45c1ecbb4614394de607d50","first_seen":"2026-02-20T20:13:39.591203Z","last_seen":"2026-05-20T10:34:41.995412Z","times_seen":185,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/playfairdisplay/v40/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_pqTXtHA-Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/playfairdisplay/v40/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_pqTXtHA-Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23076\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 14 May 2026 11:38:55 GMT\r\nexpires: Fri, 14 May 2027 11:38:55 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:48:53 GMT\r\ncontent-type: font/woff2\r\nage: 354606\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23076,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23076, version 1.0","md5":"b8b0fd00d2ec6b93385f569f901e427d","sha1":"7565a24d2bd0dca8aaba631c58bf712263999f52","sha256":"8f074624e50ab805878b26ab5f3e0fa360043d546c35b043947e96a5c7071970","sha512":"c6ab8d125d40af43862622eee6e628bf59d9d5236a8729e67da00240e2bd9c9c65da63ddc6fcf68ba29c21f8cadaa4ae7fd254d3350ee245495aee7b9dde981e","ssdeep":"384:MjUz7q9HvyeMqWoetvxv4ERxmQN1Z3A4yAYAYx8Hmwi7xVBS9PvEjSO:2Uz7q9PybqyR4AxmQvZ3A6RDXi7xV49E","tlshash":"1ea2e080cbacd43cf4449a3139beb9b07b710e4954431d6d2ab26b90efe54c89e3c96d","first_seen":"2025-06-28T19:38:49.938295Z","last_seen":"2026-05-20T10:22:52.737166Z","times_seen":364,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":70,"dns":1,"connect":7,"send":0,"wait":13,"receive":2,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/img-folder/images/450x450w/15402/1540200/1540200994.JPEG","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /img-folder/images/450x450w/15402/1540200/1540200994.JPEG HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 50070\r\ncache-control: max-age=31536000\r\ncontent-disposition: inline; filename=\"1540200994.webp\"\r\ncontent-security-policy: script-src 'none'\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\nlast-modified: Mon, 18 May 2026 06:27:00 GMT\r\naccept-ranges: bytes\r\nage: 27721\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-request-id: 30c26a4b-72d7-48bf-9e5a-0e322469a373\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50070,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"725d82a177fb4fe294a6f8c5a660e597","sha1":"3c3499c6c016a1d3efe12b8b5f2b33423017cdc6","sha256":"2202434caabba9dee2122e2df75582647f0f013c84716e7ca29715cd8de98b06","sha512":"9cf18318f2c24440ebae1d43b72bcadd65d7c27cc2b289ba23d1ffd38c5f6f8954c1cd1e6e9f0b2f7197d1a015cefcc4e70f94c18dc44fabfdda9bb1e806b46b","ssdeep":"1536:JAD3s91lqNYpe6x439/2kJ5jjODQKZU3J2sG4:aQ91lLQ68uk7jyYJ2+","tlshash":"912302bf2192dab8f6b1bed8c927d7a2202931fa1b3d04fb35c694c3169414a1468dd7","first_seen":"2026-05-18T14:09:33.834575Z","last_seen":"2026-05-18T20:31:36.873445Z","times_seen":2,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/7870.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/7870.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-955\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 137e5ea6-4123-45de-9f59-a028e529cb3b\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2389,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2356)","md5":"ec0fe097949f14e7e01a6218dbe1619c","sha1":"8480fb5662c606b96f492fadcdb25a489b514401","sha256":"0fb6cae0ffab899aba7a6af020a3d139776dd997a41f7d5a5e3b2a30e792eeb1","sha512":"7c3d50105b0bf3df37e0c53e4f7013b4b3f6ec543984026f34eacde23e8f3dc1ee9c207f6412eddc5951e61c219b3db65da50adab2fbef6fcba789e5aab94029","ssdeep":"","tlshash":"4a4153983295fdb11ee39155457fa207f13922166c3df004b316a8e0a8794cf8272f27","first_seen":"2026-04-28T13:33:28.03151Z","last_seen":"2026-05-20T10:34:42.004303Z","times_seen":167,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/1596.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/1596.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-916\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 5007a3f9-1570-40c6-bde0-c027b8baaa1d\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2326,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2293)","md5":"7db5791c640b1508e9eb6d29df279b92","sha1":"109d120b95f3a17def9a6fc65ce8126725d74135","sha256":"fc6b6613f27e650ec4eebeda50780b54b33a89b2af1f321127f8bbcafa85c696","sha512":"cc8efad0bae7e1872f30a9bc27e85e811d1f0fa6cfc1064665ecdbac2481259b9be709f6b2393116930ad552afdb4666bfac00ace133ff7c6139bd06bfd30415","ssdeep":"","tlshash":"9a41639836d6fdb109e79251417f920bf1381652a83ef004f316a9e099b88cf85b1f37","first_seen":"2026-04-28T13:33:28.018144Z","last_seen":"2026-05-20T10:34:41.997578Z","times_seen":167,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/log/timing/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"POST /log/timing/ HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Requested-With: XMLHttpRequest\r\nX-CSRF-TOKEN: VJmJ1w1FnFYYKR3ani432mMRrRM5YJ9cuwUlxXCT\r\nContent-Type: application/json\r\nX-XSRF-TOKEN: eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0=\r\nContent-Length: 572\r\nOrigin: https://ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":572,"data":"{\"timing\":{\"id\":1,\"uuid\":\"fc796d47-3d2f-4f63-a713-fd71d5ec677e\",\"r\":2833213,\"navigationStart\":0,\"unloadEventStart\":0,\"unloadEventEnd\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":28,\"domainLookupStart\":34,\"domainLookupEnd\":128,\"connectStart\":128,\"connectEnd\":186,\"secureConnectionStart\":151,\"requestStart\":187,\"responseStart\":548,\"responseEnd\":616,\"domLoading\":696,\"domInteractive\":1839,\"domContentLoadedEventStart\":1871,\"domContentLoadedEventEnd\":1875,\"domComplete\":2024,\"loadEventStart\":2024,\"loadEventEnd\":2025},\"s\":1,\"suuid\":\"fc796d47-3d2f-4f63-a713-fd71d5ec677e\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/json\r\ncache-control: no-cache, private\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImFpOGNEUWFHZSswT1ZqTGVVM0k3Y2c9PSIsInZhbHVlIjoiMTNSc0w1dTg1eHVITlRsZVZjUnVEeVpKc214dUhwZGFUQjdVVG5XQU9Wc200dlhaRXZuOGxJeVJrK3ZpcXA5bHR2VzlxN2J1aXR3UC9sUHROWEEyWEQxd0tZSzdTL2hndGtxcngvUzUxYi9hcEg4VkRTSnNjZXkwYVhTUUZDMW0iLCJtYWMiOiI0MTk3YTFhM2I5NDdmMzMyM2U2N2I1MGQ4NWNhZjhjMDg4ZjBlZGRjN2UzNDRmZTgzNjBlZjJkYzk1YTM4NGU0IiwidGFnIjoiIn0%3D; expires=Mon, 18-May-2026 16:09:02 GMT; Max-Age=7200; path=/; samesite=lax\nwp_session=eyJpdiI6Ik9ZcVdNNTk1L3VEa2F1NXUwbkZZdkE9PSIsInZhbHVlIjoiL014YjNPZ2lkUWxHWUVCM09NaUczdG9wUE5VVWcreEhmRnZpRTQ1K0d1anNDSEtzV1M4M2hjMXR1d0J3KzdtRUdYZ1E1dmpKdkVub3ZndnM2OVpzb2xYMzFsb3BVejJIT1NwNU5BSnZ5MzM3emZkR3FlM3NjT3hXQVF2dmdjTFgiLCJtYWMiOiIxN2JjZjNjNDJhM2Y2MmNlNGRiMmU5NjhmOTc2MTJjZGM4NjYwNzM1ZGIwZGMxYjUxOWQ3YTA1OTA5MGRmNTQ3IiwidGFnIjoiIn0%3D; expires=Mon, 18-May-2026 16:09:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\nx-request-id: 89517db3-1fc0-41d0-9078-62c2512c22d3\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-05-21T14:33:59.395424Z","times_seen":142250,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/location/location_4.css?id=37d526d7caf3d4c1d6dd1b98cd2e2fbd","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/location/location_4.css?id=37d526d7caf3d4c1d6dd1b98cd2e2fbd HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-b8c\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 43c0977b-3556-4cbb-9735-10536af02224\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2956,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2955)","md5":"37d526d7caf3d4c1d6dd1b98cd2e2fbd","sha1":"0cf6e4be3cf2314b87a364cdfafc56c084b6d830","sha256":"655fd83002d3f117af8ff7fef7935c39f4714e25da0f311d546c64fce821f50d","sha512":"24ac76b7b487c4449933abe728b217c8e769a27cdece50a400d9e80c371d7b9987fdcec1dab0e74298d09e85a9d19db2bb3b41ba800eaf92866754cc0b43f077","ssdeep":"","tlshash":"ed51dcb3af1c643462d2cc93dc42986612779c4bca660ae4fe24f654f68434e3f16a5d","first_seen":"2026-04-27T07:27:08.088567Z","last_seen":"2026-05-19T05:56:50.764096Z","times_seen":134,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/6716.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/6716.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-4d8\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 0b6f60e7-4c3c-4fde-b186-f32e359f15e2\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1240,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1207)","md5":"6551a290e3583f40eec9f321108d17e2","sha1":"6f68caaecf77e6ac07e204697fe8cb816ab43074","sha256":"17e88c9b360bbd7046cfec5f34e54a1d1eda776b35892fc5b1262efc18f351a3","sha512":"96208250ead52652b58e56c55481dc1b32537d26c0b0e953bc387c69682d161df91ef535e3f7067ce3ca5e2d36d01debd07682cdbf2a2f1ecf24446b8eaa3b7f","ssdeep":"","tlshash":"bb21b79af2d970f147671451c12f83ebd5fdb1506097c840b92812f41a3dc1bb053d6b","first_seen":"2026-04-28T13:33:28.034506Z","last_seen":"2026-05-20T10:34:42.001162Z","times_seen":166,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/header/header_8.css?id=9969cd7c47e7978b4c6fee191aa982a5","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/header/header_8.css?id=9969cd7c47e7978b4c6fee191aa982a5 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-75b\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 835e5600-b08f-4213-8724-e1d3ff2b8065\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1883,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1882)","md5":"9969cd7c47e7978b4c6fee191aa982a5","sha1":"caf3cc1d97fd74575d9a7cb701402a7cd352eb1f","sha256":"120d231b4ed11319fb45edfe2ed751d365966ec0999e504ccd98047c9bd54b42","sha512":"9d58de92970bbd8180785e84508cd6ba4082d07cf85e0de2e575fdcb0a1f09ab82e271e16ae058011987604dd6f9ae69aafbe474085b78c39bea1e2880ec3810","ssdeep":"","tlshash":"dd41ebf1839534183477c94bd8809a6e013be801ae261b7de369217ebbc654293e6f9c","first_seen":"2026-02-20T20:13:39.639571Z","last_seen":"2026-05-20T10:34:41.990288Z","times_seen":313,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/form/form_4.css?id=643de02dddda65f4d2ad611a9ac838e7","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/form/form_4.css?id=643de02dddda65f4d2ad611a9ac838e7 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-20d6\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: a0fcab59-2c15-4799-ae25-b0ec07939d3a\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8406,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"643de02dddda65f4d2ad611a9ac838e7","sha1":"a8e476ed62800783cabf4cd7a2d79589747f6756","sha256":"d6d064ddf58cd5b946337b8c1824e707913295d6536f886db820bf4bb8b15766","sha512":"735d5ac5112057c954b9df9e2d3c65745a7a110e3d9bd6ac05ede668a32aaeaa6c554ae791044b6dafa3b62fa5bde3e2d0da09b9ab070b2edd37dfefbd3458e8","ssdeep":"96:JiYY6wHkjJ8oBEm2sRciyClLbAR6AmczDAxL3Aqf6DUIPIa3:ngHlQZysC6AmczDAlf6oIPj3","tlshash":"8f024432d611222bf06ec5ab7fc175da2079e512d42107acf688ba27d38d0b72d57bc9","first_seen":"2026-04-15T00:18:38.179841Z","last_seen":"2026-05-20T10:34:41.975284Z","times_seen":180,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/hotel/location/location_4.js?id=802cd06d4ed5886a0fce088a9e2afce3","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/hotel/location/location_4.js?id=802cd06d4ed5886a0fce088a9e2afce3 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-d0484\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: be8cb5dc-a5cd-4023-8e9b-44a63271f33d\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":853124,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"802cd06d4ed5886a0fce088a9e2afce3","sha1":"f56836863a49d0ae815c7cc55dd6a682a415077c","sha256":"5bac214008e6e70483a63f009702c06b5e0f95e75153ea2ebddf39404d94330a","sha512":"09d2b2acdb1825f7417cccc165457f9d7e555aeac9751b6ac1ae20f5931d48252f75bcc9aa27c0b36f9b6163605630797922c05f3b923cb7397631667c375424","ssdeep":"6144:xhNxVaM6TQ6hGXcJ7espTXD14HAKUZopbQXeCVv1vgz0axGMzdotWrcL2ygjFcXf:xBcM6OspTXS3bo1vgz0a9bif","tlshash":"920519a9b25564268283a091447f014bf33f94a9e44980dcf62dc5fe9dfe949633bf38","first_seen":"2026-04-28T13:33:28.009636Z","last_seen":"2026-05-20T10:34:41.957565Z","times_seen":135,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/images/sprites/sprite-common.svg","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/images/sprites/sprite-common.svg HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-1cbac\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: f3ecdb39-e189-4d3d-a2c0-0724c166bc40\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117676,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0cbed1a6b66291ca8ffa942c0d790b1d","sha1":"2f30f08e9181dd789d112340a035afe7a7b91f66","sha256":"79d52cead04532210533084df659c6a10c3215634aa00a71cf710b68ee9e3548","sha512":"3a2777ab575ca98b9f2a93870aae91e423bc37272750c81b573ee3ffbcbe9f6c3f87c60ba7e6041836bce7fac5908b52e7357061a813eba93c6a2b96c2c5468a","ssdeep":"1536:hrYK8tJZuL7sw21laTsXyBK+IFDGBK6szxz+cmKf3v1:t7sw2GIg4Fhd1","tlshash":"95b3d8d92234639ca8c787adcf3ae9e0335f60ed71a582e4567fc7746147ac8fa06814","first_seen":"2026-05-12T16:36:02.948477Z","last_seen":"2026-05-20T10:34:41.994852Z","times_seen":89,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/5480.js","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:02.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/5480.js HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-2472\"\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: f6804f7c-59a1-4b14-8fcf-f8060510892d\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9330,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9235)","md5":"00a60351164bb86853505dfdf0da7ef7","sha1":"ee729a5a7af336385707218111dd76b285855307","sha256":"c2b608d41e11d71eee7fd4fa140c2fcaaec8b0310344214d3205022cf630ec5f","sha512":"b9087f87d55d4f6d1d4eb6d708060f418703ca7ffcad6ae1ea2d3bb6294b4f02aa47196c1a3f1fbe6b031ac62b99dfcafdc419bfcf3c78c562115ba10490fd34","ssdeep":"192:qHmxvRvX5QH2hUyTSlrkgaNaey9Q16qN8qNt2iq4iqfr46z3anIeKM:Jxv6xCgiV8CNt2iys86z7eKM","tlshash":"da1293ccb2d6f46903977621902f100bf23e6966b85a9454f728e8f1b8b444ed327f79","first_seen":"2026-05-15T09:40:15.417315Z","last_seen":"2026-05-20T00:47:08.60175Z","times_seen":22,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/exit-popup/exit-popup_1.css?id=1dda80345404424103e53d654ad2d3cd","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/exit-popup/exit-popup_1.css?id=1dda80345404424103e53d654ad2d3cd HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-b1d\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 1ca6d733-c5b4-434e-b071-2def36483ff9\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2845,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2844)","md5":"1dda80345404424103e53d654ad2d3cd","sha1":"ac5e37dc569e0c60754c785e283bdff10a637ebb","sha256":"384c3af5935d9e56257513580a0d881e47fe6d7023797e137c3051b8cd403020","sha512":"3cbee09f00dc4554e517d6d0a10e18a6b3b8560faad62abab77689674431c2eee6d81bb40fc26c75a34336405dbcd78476e89eb865621d3f48f8c712f272660f","ssdeep":"","tlshash":"ce51257142a5311dd4aaecf2ec4141fb30e6f40ce74b9ab908952429dec51cd9ae8bbd","first_seen":"2026-05-13T13:55:41.372542Z","last_seen":"2026-05-20T02:12:57.107341Z","times_seen":32,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/css/app.css?id=6880bdb4d9574565c192da09cd3b4811","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/css/app.css?id=6880bdb4d9574565c192da09cd3b4811 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 207\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: \"6a06c97c-cf\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: d6bfdcd4-67dd-4d39-b896-3fabdf269731\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":207,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6880bdb4d9574565c192da09cd3b4811","sha1":"9f347c4984435128a4aae1e9724bfb390e482675","sha256":"e9e9e1c0f8a46c17cf2b476b030fae4e235b537b680f0dcf2595cbd75940ebb3","sha512":"0e94b5eac2477f726070a7dd1a6d5cb0dd57a79550dd57f17551ba70901f66a4ffc3062a5fdd240a08f76bc9e8a3a4ecf98ad61e600035d4d22844b388842db3","ssdeep":"","tlshash":"37d01214f325a72b067b81cf74e5f71683885d8054950fc1b88223d433419597097bec","first_seen":"2026-04-17T13:27:57.664281Z","last_seen":"2026-05-20T10:34:41.961166Z","times_seen":297,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/js/main.js?id=9e909c8081750bd4ff108fb2beffef26","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /js/main.js?id=9e909c8081750bd4ff108fb2beffef26 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-77e40\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 38fec720-811c-4d8c-bfca-3087f7a176ff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":491072,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65278)","md5":"9e909c8081750bd4ff108fb2beffef26","sha1":"254fb59700f9ae5eb98278f6daae7b0aef4fdd9f","sha256":"90cc8c41422d82deb38d61e26391c8fd5fa43a12045e2cf5accabbe75ae83a63","sha512":"e6cee5a7be0fbd53034f9090583d1b41728457347bddb9e6c92d39de73032a8c990d4d257ff508f2af0f44b36947e271d004ba5adfb12744bd7343ae587908e0","ssdeep":"12288:xzP/3Xn+B7CckP5bYy+/RuFuW92B33kj52Va89LS:xzP/HnC7CckP5bYy+/RuFu133kj52VN+","tlshash":"9ea429da32d6b03253a716b550bb0106f3395e54740e8194f12ce8ee3d7a54aa2b7f3e","first_seen":"2026-04-28T13:33:28.032772Z","last_seen":"2026-05-20T10:34:41.977901Z","times_seen":175,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/header/header_8.js?id=639b6803674a0f2e41862e72539c4c2f","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/header/header_8.js?id=639b6803674a0f2e41862e72539c4c2f HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-28cb\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: a10235ef-7be8-4d04-a09b-c4bf71594f5e\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10443,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10406)","md5":"639b6803674a0f2e41862e72539c4c2f","sha1":"e41cda3ff2ddf4085c7ba07147b935984e77f951","sha256":"0ea7b69edbf80b908074874a5c062f4e53eb97b1c37d7526f10a392e00fb7c76","sha512":"a76a35def6e92318b6b4abe75efccbcc0af2a9c1e0181409caa1842b2d76f8a89021557248bfb88d589fa4b62259a11cd328de20f2fcf725a4ead36bd81343a9","ssdeep":"192:8H54LlCHSZJBEi8UBmEQHGcCpgsKERXMqlSHf:Vxh4jCaop4/","tlshash":"eb225699f391f0b145e7a1b1402f410bf229785aa09a90d4f665d8f0adf84ee42b3f3d","first_seen":"2026-04-28T13:33:28.016234Z","last_seen":"2026-05-20T10:34:41.957071Z","times_seen":139,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/footer/footer_1.js?id=37fe4c328ed05840b464d2092baa2a67","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/footer/footer_1.js?id=37fe4c328ed05840b464d2092baa2a67 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 611\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: \"6a06c816-263\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: b55ef5d6-fab2-4651-926c-9b6fcb2c63cd\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":611,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (574)","md5":"37fe4c328ed05840b464d2092baa2a67","sha1":"aa1829c0f6b853579c102e75cb3136909f97423e","sha256":"721b88f911a9bff6d502174cf51864dd92f2e38bf331430d03e6789511aa4a61","sha512":"6e84400342f1fd87b72cb752cb6bef94c3abfe6b444c8d2051c02e40b009bbcd9dd527c23a6a115d406ece43f440f132dd92b846c102857726cb9ed5e3e55788","ssdeep":"","tlshash":"60f0a2acf3a970b346437024447fa34b917f79a044aea414541176e06e3ce0fe5b3c66","first_seen":"2025-01-25T21:28:42.429663Z","last_seen":"2026-05-20T10:34:41.999507Z","times_seen":640,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/img-folder/images/1080x700w//15417/1541791/1541791264.JPEG","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /img-folder/images/1080x700w//15417/1541791/1541791264.JPEG HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 52184\r\ncache-control: max-age=31536000\r\ncontent-disposition: inline; filename=\"1541791264.webp\"\r\ncontent-security-policy: script-src 'none'\r\nexpires: Tue, 18 May 2027 14:09:02 GMT\r\nlast-modified: Mon, 18 May 2026 06:27:00 GMT\r\naccept-ranges: bytes\r\nage: 519683\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-request-id: a173ba9d-4d54-40e3-980e-29822a487aa8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52184,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8d38df29401e8ef00e6c763b4a4b086a","sha1":"e72338399e601ee9e18951cb0a6ff7d203ca3833","sha256":"f0b00391beaf4e09835c85691ce7c173413236e7e05df940997dbdc1f5ca4932","sha512":"8872f6c386d30da8d17e385dd5461604cb064634692cc4153cd3016a5ed3cd15a16acd4d0cb929fcfd5112d56a72c5c8f98b028f02a4a41e56b8512b6694c717","ssdeep":"1536:Df8O9OgZ1DvoZC8hJT+WEWKTynJDbd7Tr:rHp1D8JT+WEWhrT","tlshash":"4333f26115bc6b680b878f6cde68918438d39d8e356fcd1ea3058446bf43cf9c6b8b15","first_seen":"2026-05-18T14:09:33.843033Z","last_seen":"2026-05-18T20:31:36.869326Z","times_seen":2,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/footer/footer_8.css?id=caf927e99cd6fc0869a80f4a10451ba5","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/footer/footer_8.css?id=caf927e99cd6fc0869a80f4a10451ba5 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 967\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: \"6a06c97c-3c7\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: 27f69915-eba2-4b73-ade0-34b123e2e648\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":967,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (966)","md5":"caf927e99cd6fc0869a80f4a10451ba5","sha1":"6ea47314ab69ad323f03fe5a73ac258c24d1d15f","sha256":"cfc6511361aa40ef9febba63a8754bfb7f5592e869e65975aae648f47b75cd6a","sha512":"01de17a8a2adb3888c5b30603c845f648938fa73399d734f84120789757ab44c07609a1656b231cf38596d74d20687cff83a5114d3e1f0ba0ba3b84d67bf66d2","ssdeep":"","tlshash":"411186313794b12fa0a6cd83f4a769a31072ec10698eb7fae85d460cd3872471762f5c","first_seen":"2025-10-06T20:28:34.506468Z","last_seen":"2026-05-20T10:34:41.95654Z","times_seen":316,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/relinking-slider/relinking-slider_4.js?id=8418a07f103c99bc3135a2ebb30817b9","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/relinking-slider/relinking-slider_4.js?id=8418a07f103c99bc3135a2ebb30817b9 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-2d1c4\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 1b76c99d-60e0-4528-ab1b-6705e6b4487c\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":184772,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8418a07f103c99bc3135a2ebb30817b9","sha1":"ea4592acb3ecf0106db6651e1833c0899c840056","sha256":"c6c9273a6eca024ff45f8e725ab99648eb5d33fabc0827cd42f2d702a6aeabd2","sha512":"6d913ba0cd8be053e2ad91f6baf6724f60a4cef32612b4533973c782caede798dab50e3f469f9786e86b7c3ab405bc3960f709217be6eeb6c686a0c1534b3634","ssdeep":"3072:8MxKfmWWWCve9cqBxsP3hi76HeyDW5gbgS:8MxemWNCv2c73ChyDW5I","tlshash":"1004e8996320757646e71a9b93e4c261a3b44440b40ac4e870e94c9fd97ecac13ffef9","first_seen":"2026-02-20T20:13:39.635828Z","last_seen":"2026-05-19T05:56:50.750997Z","times_seen":293,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/relinking-with-title/relinking-with-title_1.css?id=af8088b9148771af61a865c98f2c15d1","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/relinking-with-title/relinking-with-title_1.css?id=af8088b9148771af61a865c98f2c15d1 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 547\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: \"6a06c97c-223\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: 623b3cff-1ec3-4a47-ad12-4d95e42ff70d\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":547,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (546)","md5":"af8088b9148771af61a865c98f2c15d1","sha1":"ac93c60d5e6fe6c4e8028f76c45de86b6a9aec2c","sha256":"43f7243b6ee53eaaa78fd0392e3c6c3d1233b0beb9c218ecd8a087ac49f84241","sha512":"2653fe5e3c512ae504a6b8db10d7237585c314bdd561b46ccdf5e650c3aba9c92c1acf1647c59d9a39100042c70386627d6e33369de4f8e6f013dfb88c114775","ssdeep":"","tlshash":"c4f04c722691e11cc1e4a896d0c4a1b53162ac06990913d0bf846550f9841ae2ffaf29","first_seen":"2025-09-26T18:24:17.552877Z","last_seen":"2026-05-20T10:34:41.968776Z","times_seen":341,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-18T14:09:00.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nset-cookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; Expires=Wed, 20-May-26 14:09:00 GMT; Max-Age=172800; Path=/; HttpOnly\nXSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; expires=Mon, 18-May-2026 16:09:01 GMT; Max-Age=7200; path=/; samesite=lax\nwp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; expires=Mon, 18-May-2026 16:09:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax\ncur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; path=/; httponly; samesite=lax\nabt=439; expires=Sun, 12-Dec-2055 14:09:00 GMT; Max-Age=933119999; path=/; domain=.spahotel.guru; secure; httponly; samesite=lax\n_wsl=a46c595b-8ecd-4130-b22c-fee0f63875de; expires=Tue, 14-Aug-5438 23:09:00 GMT; Max-Age=107679920399; path=/; domain=.spahotel.guru; secure; httponly; samesite=lax\r\nx-request-id: 209fc672-9141-421b-87ec-d3634a4b1f1c\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":156565,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3291)","md5":"6f211e385630067ef368e2fdc6b20cbb","sha1":"d7d16f5c70573aef95d83acaa187d45f4b34db70","sha256":"961b8e0e3576e18e966103c87d5273df31b70ebf1cf65fe7c7fcfc5948c2af36","sha512":"77821d8905ffc87be7d0d9e91d6bd972edf1265e0a7e58e116d2b3cc544b0a9c2b2b01c0cd929da86ae94c9ee8daa368f310df78a5fb2ffd25f6ca9575a74544","ssdeep":"768:suKQ7AEOPd7WuERmHlIwGfTRElgzbSclDy3:N7MYRIlIwGfTiuzby3","tlshash":"5be3302197f4357b40aac8d26e025a6b6fb2f90bc596061073fc47886fc9e85de1393d","first_seen":"2026-05-18T14:09:33.845439Z","last_seen":"2026-05-18T14:09:33.845439Z","times_seen":1,"resource_available":true,"data":null}},"time_used":664,"timings":{"blocked":151,"dns":93,"connect":21,"send":0,"wait":360,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/pages/hotel/hotel_4.css?id=3460f1429b9abe2103e5034868055fc5","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/pages/hotel/hotel_4.css?id=3460f1429b9abe2103e5034868055fc5 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-1139\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 458bbddc-a278-4476-8f25-659bc5b56735\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4409,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2683)","md5":"3460f1429b9abe2103e5034868055fc5","sha1":"542d958bf827d5caf30fff4b59c16d93f0f59d2e","sha256":"c37d00bdc0bf705e3b782754224c95653f9846f45cd70cc9d5674567d2fc9831","sha512":"206f6f87aa9eebc8b24ec80dca0610a801bd89934c90e584a96ff4a55db57d2f15d6ba1558ad7ff73873bd34b6a4bfa93ccdbddc3731b62965382d96eedc9c93","ssdeep":"48:yS6bGavZeh5M9M7SWGm/YbJHPJYM4uUuhSR7sRVRFYKZGesyn4MO/L/Q5/a/Q:yBbNxeHMe7SVR8HuhSts74lPuF","tlshash":"ab919773bf40203c64a3c942ac8325b633266812cbfa51d1df75d468f7842961ea1f9c","first_seen":"2026-04-24T14:16:33.711668Z","last_seen":"2026-05-19T05:56:50.717851Z","times_seen":157,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/hero/hero_4.css?id=76ed604886c8a940784b0ad7fb2b87c4","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/hero/hero_4.css?id=76ed604886c8a940784b0ad7fb2b87c4 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-1371\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: b2162b49-b814-498a-825c-a4967828dab6\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4977,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4976)","md5":"76ed604886c8a940784b0ad7fb2b87c4","sha1":"aab99d03d361f646c39697fadf2776bb09dc243c","sha256":"1d7a20643532a45ba2912f9f59d811b6dff254e6048525d76dd8f18d50efebc9","sha512":"cfd96dc872a44bf8256894894d7c2a535c277b8d92912c8f76ed9307f7f3bc5e3c6fb74b3011670c076927745194190df8de311dc269f1b6d9c103119223f77a","ssdeep":"96:MwjhvwvMTAYSgERgR1mD2CYE/xaVLHxXqrs:Mw1vwviaRgRwD2CYE/xaVLRis","tlshash":"97a10533ab48203fb476dd42ad4319a7517aa807df6b5398d7686458f3825432fb0f9c","first_seen":"2026-04-15T00:18:38.163994Z","last_seen":"2026-05-19T05:56:50.763258Z","times_seen":164,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/shared/form-info/form-info_2.css?id=4710934fffcf1028e7d1925b4b6558d4","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/shared/form-info/form-info_2.css?id=4710934fffcf1028e7d1925b4b6558d4 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\ncontent-length: 621\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: \"6a06c97c-26d\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nx-request-id: ac91d563-c03b-421f-9c4e-f87be833871e\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":621,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (620)","md5":"4710934fffcf1028e7d1925b4b6558d4","sha1":"69141f85afde8a33182ade10a3fa7cc85eeb1bc7","sha256":"4cc012e20caa73570c395e150dbaa0a420bb6ae7419fcaee20d32d583e78f3a7","sha512":"3342e24e79ce052194d8355a82e8c594170ff3977807cc30b28802392515615ca2c473011ca7a420a617e138e057d3053f7109440131ed72a06be5e3fa421263","ssdeep":"","tlshash":"12f07d61a616e22f7465ccc2b3c67ea75495d902845482a0c2a529a8c7cb133b7a57bc","first_seen":"2026-05-12T16:36:02.943054Z","last_seen":"2026-05-20T10:34:41.955205Z","times_seen":71,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/themes/sydney/assets/styles/widgets/hotel/overview/overview_4.css?id=d6bb131f086c7c0f3656479dcaf57e3f","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/themes/sydney/assets/styles/widgets/hotel/overview/overview_4.css?id=d6bb131f086c7c0f3656479dcaf57e3f HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 07:21:32 GMT\r\netag: W/\"6a06c97c-938\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: abffa60c-ddbf-4fee-8a08-396060bd9ef8\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2360,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2359)","md5":"d6bb131f086c7c0f3656479dcaf57e3f","sha1":"a61474dce25fed3610520dc223c2c1fc8089a457","sha256":"91db727e83fd7b6ce41ae78e95588d1f0404ef98e31ef4bc28338f0f37ed1ccf","sha512":"42f2c7f39968287a645b0f87449bff4d1a60d2887bb5ba8e77e475a75e0c1707e52f933873404855750811d56dfe3c9afa9711c98ecfa882cc65d4ee99b710f6","ssdeep":"","tlshash":"b9418833ab00513c7256cd917a462a637722b902cad59288ffb530d4fa9f0a71f10b9c","first_seen":"2026-05-14T16:39:42.919589Z","last_seen":"2026-05-19T05:56:50.771125Z","times_seen":48,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ramadabywyndhamdubaibarshaheights.spahotel.guru/wp-content/assets/js/widgets/shared/lang-currency-select/lang-currency-select_1.js?id=005d308fa26677ad2ee68b933f0b3440","fqdn":"ramadabywyndhamdubaibarshaheights.spahotel.guru","domain":"spahotel.guru","tld":"guru"},"ip":{"addr":"52.29.26.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ramadabywyndhamdubaibarshaheights.spahotel.guru/","date":"2026-05-18T14:09:01.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spahotel.guru","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 May 2026 23:36:31 GMT","end":"Thu, 30 Jul 2026 23:36:30 GMT"},"fingerprint":{"sha1":"E4:E5:9C:DB:F5:D8:99:64:03:9F:A2:79:32:51:98:17:EB:21:2C:02","sha256":"66:73:FC:57:04:A8:08:3A:94:1F:59:41:BE:5B:22:29:42:74:99:2E:09:8F:FE:43:E0:1C:35:66:3F:81:06:01"}}},"request":{"raw":"GET /wp-content/assets/js/widgets/shared/lang-currency-select/lang-currency-select_1.js?id=005d308fa26677ad2ee68b933f0b3440 HTTP/1.1\r\nHost: ramadabywyndhamdubaibarshaheights.spahotel.guru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ramadabywyndhamdubaibarshaheights.spahotel.guru/\r\nCookie: _b=1779113341.874.12739.804067|3c861b5abca4655c3a6dd5dcfc9539c6; XSRF-TOKEN=eyJpdiI6ImpIZi90eWI1VXo4SmNHSmZXMndMQXc9PSIsInZhbHVlIjoiRHFWRm5oVHU5RUxpR2FEaWpSQ215ZnVmQmRmSGNiQUhQLyszeGRkY2Zpdy9iNHdVRlZKNWhUWEJ2eUlnNkNKVGJRTFkyVjEvek1vZTk5Vk52SWpvY2ZSWnYyYTh0NGExWGVhbkRrdlRQd0syaXo2ajRRQTZVUUtyRmo4bXlCZG0iLCJtYWMiOiJlNWY5MDc3YzQ2NTk4NjI0Yzg4YTM4M2EwYzQ3MDIwMzFhYjg3ZDI2NTYwNGEzNWFhMjQ0YjIxMjI3MTMwNTNjIiwidGFnIjoiIn0%3D; wp_session=eyJpdiI6Ii9ZWnN3WjdFVExyRU9rcTcrTnlTSVE9PSIsInZhbHVlIjoiS0hWNUdnVkhONGJDS2xUdXhEWDZPVENoREJqQmxEVUpQUUkzeUJ2czZyNzRKUUVsZkZYaFhBaVZPc1ViWHQwL0ZYdkNBWHRUQ25JcEh0a2xHNVBIalAyNmx3L3lyUno2VE5yd2ZpdXNjbWZnd1hpK1h4RVVjV0V2djh1RkJaUmwiLCJtYWMiOiJjZmYwZGEwYjE0NDNkYTk3ZDljMTAxOWQyOGM5OGI0ODAzMWQ3ZDEwYzYzZjMzMWY4YzU4MmFhY2RhMjNhODg4IiwidGFnIjoiIn0%3D; cur_id=eyJpdiI6IkU1Y2paRjdYc09vUTBzU2doYUhCYUE9PSIsInZhbHVlIjoiMUJNWWFrTVF6VDJPZzk0cldZTm5qMGxMQ2JseFoyN0ZtclJNWmV4OVpkQ0FuVkZOTWFBNE11bkJDRjYranRaZSIsIm1hYyI6IjcyMTIxZDBkMmI1YmY1MjFjMTZhMjFmMjM2YzE1MmY2YWY4MTdkMGQ0OWMyNWIyYjc3N2Y2YjQzMjE5N2U3YWEiLCJ0YWciOiIifQ%3D%3D; abt=439; _wsl=a46c595b-8ecd-4130-b22c-fee0f63875de\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 18 May 2026 14:09:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 15 May 2026 07:15:34 GMT\r\netag: W/\"6a06c816-3aa4\"\r\nexpires: Tue, 18 May 2027 14:09:01 GMT\r\ncache-control: max-age=31536000\r\nx-request-id: 0e252636-598b-4cf8-b2b0-3cb5967543ba\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15012,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (14961)","md5":"005d308fa26677ad2ee68b933f0b3440","sha1":"9a1f19f806e1f5226b9fc3419a305c251d15e9b8","sha256":"42352fd04fd9e1431d21ed987b6c6299f4ea6dedc157697ebed61fbd36ed3b28","sha512":"77488691103ab3374d6d5107ea5849770460dc084c8d4ce4a31a0da7144ae3810427212b804b0644df4436db27f356bef0a0ff88e1f4ffda41f3aba4b968186b","ssdeep":"192:8H54LlME7HRZaERi7RBatHFECpR54VhQWA9hSdGMHVICpwoCQI/LhBfiHncVF:VxHa+zECr3W3SC6xQu9","tlshash":"2e62458cb7a1f0b146a7a175402f450bf239796aa09e90d0e655d8f0adf84ef4273f39","first_seen":"2026-04-28T13:33:28.01114Z","last_seen":"2026-05-20T10:34:41.986874Z","times_seen":139,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"ramadabywyndhamdubaibarshaheights.spahotel.guru","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}