r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10107
Expires: Fri, 28 Oct 2022 08:33:06 GMT
Date: Fri, 28 Oct 2022 05:44:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4694
Cache-Control: max-age=104684
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:39 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:49:23 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15241
Expires: Fri, 28 Oct 2022 09:58:40 GMT
Date: Fri, 28 Oct 2022 05:44:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BX/jznq+JyUExMJ7cnyFT0xPZcgyzQ8ySnNkeY+7On/rKrlg/n6KgmCbCE8Bl+zw8tvZLkUsCGg=
x-amz-request-id: 47SB08Q3V9FMBT7V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 28 Oct 2022 05:10:08 GMT
age: 2071
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98030d88b2f3a41065ce118f36f6c55e
13f7d269d22d7ccdfaa2ff60e4ee37a0c470253d
37eae7e525364376f5519de6b3da5bea73a2f532f5b697a734886e6e57671060
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37EAE7E525364376F5519DE6B3DA5BEA73A2F532F5B697A734886E6E57671060"
Last-Modified: Wed, 26 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21496
Expires: Fri, 28 Oct 2022 11:42:55 GMT
Date: Fri, 28 Oct 2022 05:44:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1416
Cache-Control: max-age=96345
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:40 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 08:30:25 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v2csEUMpiedu9Uadze4lEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: apnt/j7dcbhBs0OQrLaEg2Y/H88=
holidayclip.co.th/ncv/iilihnn
119.59.104.18301 Moved Permanently 0 B URL HTTP/2 holidayclip.co.th/ncv/iilihnn
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ncv/iilihnn HTTP/1.1
Host: holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 28 Oct 2022 05:44:40 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.holidayclip.co.th/ncv/iilihnn
vary: User-Agent
X-Firefox-Spdy: h2
www.holidayclip.co.th/ncv/iilihnn
119.59.104.18404 Not Found 8.4 kB URL HTTP/2 www.holidayclip.co.th/ncv/iilihnn
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash 914c5283f66cfed69a2238184c9d5a40
4752419b349b8e27f834b71f08e897938be946c0
6708d5dc45584a8ce07ac7b342cee455fd11c47042e7beca48ada425774f2d92
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ncv/iilihnn HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 28 Oct 2022 05:44:41 GMT
content-type: text/html; charset=UTF-8
content-length: 8432
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.holidayclip.co.th/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 05:44:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 05:44:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 05:44:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 05:44:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5043
Expires: Fri, 28 Oct 2022 07:08:44 GMT
Date: Fri, 28 Oct 2022 05:44:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fd2ff471cab32871d4174e8fc656ba
ee6362f36470fea2a8a3432c12520f9a10175b68
01c3e63861073442cdbc414358415d2989ecffd9c3989e7946baec540b1066c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7425e2fe-72f2-47ed-8c24-ca3882b64ca1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4876
x-amzn-requestid: a6461ca9-ee65-420f-b066-681535c670ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv9wECHoAMFRmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9f1-657e9e40753d916d02adf799;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XKBFWTsqFqE48-bnCpCV2QLQaUGbRcR27yZ-ophBDl6ud3jQSh9eDQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:29 GMT
age: 28992
etag: "ee6362f36470fea2a8a3432c12520f9a10175b68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F763d669f-e7a7-4a98-adaf-5316f96ef18e.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F763d669f-e7a7-4a98-adaf-5316f96ef18e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 134b31ca1a6cb74ab6f6c21e27114883
bb13bb4f8876e00be7fb70e0b4f6cd52d0165458
539ee95d515835ade79c63a5c85c138678019563ac0e2f86bcfd7fcc0dc9dce2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F763d669f-e7a7-4a98-adaf-5316f96ef18e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7436
x-amzn-requestid: f6e2c641-406d-401b-b2df-83c4ea69ad3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arwwIFuSoAMFVuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb33-5a2647d6231e8ad40f6a2335;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zz7z9urOnatwDD7s4ihvxkySKBLUFR0YvxGW3jy6Oa55ojQrOoAcUA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:29:04 GMT
age: 26137
etag: "bb13bb4f8876e00be7fb70e0b4f6cd52d0165458"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 348e4d5f46d652d497f9ad078d1dea3e
7ab34ed8ae4e7048edd25f8b533d5237dea83688
dd02da6461e36a128579a3fb26da4c7f303b5683b27a7bd7a50309d4101cba3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8323
x-amzn-requestid: 4b90019d-6e8c-498d-8627-e4f0c9dda30e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw0gGYKoAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb4f-620a4264143fc3fd207acc5e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NPWfRW5iNN1bcEzJGGlGa8kBWq-t_cOrbImZBUTaFi7QjGhjAj0GZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:58:21 GMT
age: 27980
etag: "7ab34ed8ae4e7048edd25f8b533d5237dea83688"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26576d68b60104eef7a7c7a1e92f2ef2
e111ba254d84ab1d05eac51b8cc15af9b388e6fe
bf68e56fd052d9d3507b3b940b9f40dfa5f4589f391aa69ed3c64be2efe9d731
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdbcff2ea-8593-4bcf-b1fc-9436dff0e1a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: b6c88321-f3f2-4ff2-a264-7ea22196e9ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv3OF_LIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9c7-072c1c6871641ded27c5a4d0;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vz26cKiK8blIoDwoRRN02X4u4XRhYVi6FDCIil3f_d1mTFRZi-YIfQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 21:41:18 GMT
age: 29003
etag: "e111ba254d84ab1d05eac51b8cc15af9b388e6fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb430e5efbc6c8c306fce87e26faf734
b05b7299a7e473e873510671a6abdd5227a53f46
c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:12:58 GMT
age: 27103
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36abb19bfc8dc656604d1aaf0f9535f8
2a9686597b6baded54a9dbead224193825d2fddf
d1577656aafce56a2088479a357df0df8bfef92952290cef14cca89d43043ab8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a4f2e78-4c98-4f44-b823-f9f9c3850dab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8759
x-amzn-requestid: b8158571-eda8-4aec-9595-a4082b7bee5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arwwIEdzIAMFvnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb33-7f65d3997faa3c5520e6b51f;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:11 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U7Xxk7NDKFyC4jUkSmUBeLvBTqqEnQOR8tzfKAzyf2sFbw9JOQ7QWw==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:27:25 GMT
age: 26236
etag: "2a9686597b6baded54a9dbead224193825d2fddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Oxygen%3A400normal%2C700normal%7CKaushan+Script%3A400normal&ver=6.0.3
142.250.74.10200 OK 915 B URL HTTP/2 fonts.googleapis.com/css?family=Oxygen%3A400normal%2C700normal%7CKaushan+Script%3A400normal&ver=6.0.3
IP 142.250.74.10:0
Hash 277af3e48823a256f6515163584b4480
d9c887636aa61962bf46f119e714ccb532c1b495
83bee1c1dae75ceedf9392e5bacc35de799daca8dbc2e6ba64d9297d3a010384
GET /css?family=Oxygen%3A400normal%2C700normal%7CKaushan+Script%3A400normal&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 28 Oct 2022 05:44:42 GMT
date: Fri, 28 Oct 2022 05:44:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
119.59.104.18200 OK 215 B URL HTTP/2 www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type ASCII text, with very long lines (426)
Hash 9d32642fe94e8f0ec70965b2352a4605
56763124e9a6ef28f1964eda3c8929b07db9f5b8
cf4d839276d4f6fe895ca1db07fb3854e9b87699c7881ccf893ce6b38042259d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
content-length: 215
x-accel-version: 0.01
last-modified: Sat, 24 Sep 2022 01:21:55 GMT
etag: "1ab-5e9621ec34898-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/logo_HC.png
119.59.104.18200 OK 2.5 kB URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/logo_HC.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 85afb8ebd4c015cf099ef1fff768cd01
80378f2d54c5f9a65cc7199e1433e35b7b0ef7d2
0f40d260bad7626714bef3b389ebbbcbce26bc065db82f98f03d3253fd443deb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/logo_HC.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:42 GMT
Content-Type: image/png
Content-Length: 2543
Last-Modified: Mon, 15 Aug 2022 19:48:46 GMT
Connection: keep-alive
ETag: "62faa31e-9ef"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/images/icons/1.png
119.59.104.18200 OK 773 B URL HTTP/2 www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/images/icons/1.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 93f66586b9c8b7ec4a5316f23d89e1eb
e9397f9512f3592393923b71dfe25674a83503d5
5a0dca92ff50b14535e86aa2ff9063acfe78830f1086726e6ff2670d32ba3d08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/images/icons/1.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: image/png
content-length: 773
x-accel-version: 0.01
last-modified: Sat, 24 Sep 2022 01:21:55 GMT
etag: "305-5e9621ec42b29"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/csslib/theme-addons.min.css?ver=3.1.5
119.59.104.18200 OK 40 kB URL HTTP/2 www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/csslib/theme-addons.min.css?ver=3.1.5
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash 8a140e4c40260852f1e2e7fe0ccc39f6
8d613d24780565bf91324197fb4d33f3d14ff4b7
b45a21ff650bd8a2561647df77290d56bd44c9e344efab939a1a938bfffb8fd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/adventure-tours/assets/csslib/theme-addons.min.css?ver=3.1.5 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 18:24:04 GMT
vary: Accept-Encoding
etag: W/"62f93dc4-1a024"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.holidayclip.co.th/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
119.59.104.18200 OK 37 kB URL HTTP/2 www.holidayclip.co.th/wp-content/plugins/tablepress/css/default.min.css?ver=1.14
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash 050ce3b15d778cd76fe8d7dbce48e37e
d60fc7442170bc9f5a93c5c749e102e8f648baa3
4d92f6824501c3dfe9b1bfa76a0d7d7e2b64f08be931c3c9f64a1be48413c0f9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 16:38:28 GMT
vary: Accept-Encoding
etag: W/"63162604-13e4"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
119.59.104.18200 OK 21 kB URL HTTP/2 www.holidayclip.co.th/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash 21cb06ce367ea68e8dd8293c6b921c08
fc3da35bdcc3af6bf92e51910a4ee5b2afed4161
4d206875f105049e4a1cd02624d14445c8631542a5595b3c399877609c442cce
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
etag: W/"5fb4e3fe-2bd8"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 05:44:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/images/pattern-white-dot.png
119.59.104.18200 OK 951 B URL HTTP/2 www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/images/pattern-white-dot.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 4 x 4, 8-bit/color RGBA, interlaced\012- data
Hash 3926cbecf2b49dbea980d418b896887f
8379bc82d45ae62d901daf843b3ed4b0ce8455ff
b17798d53653df6256ee118a70b4dd5f35375be30631d5fa395dc9b8ec7b9610
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/adventure-tours/assets/images/pattern-white-dot.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/wp-content/uploads/adventure-tours-assets/main-custom.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 951
x-accel-version: 0.01
last-modified: Sun, 14 Aug 2022 18:24:04 GMT
etag: "3b7-5e6379ec5072f"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
119.59.104.18200 OK 31 kB URL HTTP/2 www.holidayclip.co.th/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash f74aa77fc177bb0f893140583d187017
d06d037d3d840b64f0d37ae913822e256d683a14
9ec8e70f490b85da8cd2deb2fb65c5d02148adf1de58ab4a650e0e9ecbf94105
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
vary: Accept-Encoding
etag: W/"62c2d8bd-15b64"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/images/page404-map.png
119.59.104.18200 OK 103 kB URL HTTP/2 www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/images/page404-map.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 1248 x 616, 8-bit/color RGBA, non-interlaced\012- data
Size 103 kB (102934 bytes)
Hash 9faff77abd236c8154fb7dd58923585d
173373c76be10541cc226edf937536e8f0375876
26f4ca05a095ee11b318b6372d87ebb0372df2cab6690d212359f51f9691de08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/adventure-tours/assets/images/page404-map.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/wp-content/uploads/adventure-tours-assets/main-custom.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 102934
last-modified: Sun, 14 Aug 2022 18:24:04 GMT
etag: "62f93dc4-19216"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/csslib/adventure-tours-icons.css?ver=6.0.3
119.59.104.18200 OK 81 kB URL HTTP/2 www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/csslib/adventure-tours-icons.css?ver=6.0.3
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Hash 5092d3fbd5e48c3709427e63d0875855
29fc0a8283db27f549896038f45308245ee1ec16
e78aa4f7f6090f189374e709ab41c607bc8266052e1a8740d54a2b37f2f1dbb2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/adventure-tours/assets/csslib/adventure-tours-icons.css?ver=6.0.3 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 18:24:04 GMT
vary: Accept-Encoding
etag: W/"62f93dc4-4885"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_tel.png
119.59.104.18200 OK 2.5 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_tel.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a492a766af83fb60c07a9d5f8e38245
dec94e4cd3a58cbcfb2bb0257d8740151f9b7d4a
e79eb6b0d0de7e3562af234af456a7acc18e6f5e51dde81e1af9b572838fe0e2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_tel.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 2456
last-modified: Mon, 15 Aug 2022 21:37:36 GMT
etag: "62fabca0-998"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_call.png
119.59.104.18200 OK 1.6 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_call.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d30155228325570e3e8087c7361962b5
f9dde44e2d2f18ce7a8f46bc976e5bc2aa93b814
0c7b44539617c0f2a4011f027c5502abbbe779caeb6a82e6e48adab5df4b71fb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_call.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 1583
last-modified: Mon, 15 Aug 2022 21:37:35 GMT
etag: "62fabc9f-62f"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_email.png
119.59.104.18200 OK 1.7 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_email.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash bca432fe1f7802e7bd2a72a37465fbad
568ad1fd933281eee2ffc03e318f0abe998cb4e8
4467833b234008bd145059705434679f69e660b2186d7092a1fbf1aee9fcb97e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_email.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 1746
last-modified: Mon, 15 Aug 2022 21:37:34 GMT
etag: "62fabc9e-6d2"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_web.png
119.59.104.18200 OK 2.0 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_web.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 10e747ec5c9ff10579e7864bca0df2e5
567c553385cf13018aea5d09aedab2fb90cd6554
641d247c07318d4048a1a208ca6e523be8be19a3575163fbf1f0f6736dd92e3b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_web.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 1985
last-modified: Mon, 15 Aug 2022 21:37:34 GMT
etag: "62fabc9e-7c1"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_facebook.png
119.59.104.18200 OK 1.5 kB URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_facebook.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 392a75eda7b9701167c7443c9f69a62b
bf4c427111b15085b6e104ff63074f8896f4059f
d21149bbb01cb3b1812e32c0fe959f4342a43c5c6a862f7378a2a11b5932a627
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_facebook.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:43 GMT
Content-Type: image/png
Content-Length: 1505
Last-Modified: Mon, 15 Aug 2022 21:37:33 GMT
Connection: keep-alive
ETag: "62fabc9d-5e1"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/uploads/2022/08/FooterLogos2021.png
119.59.104.18200 OK 53 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/FooterLogos2021.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 541 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash f1b2b85740c564e4b49d065915fc5059
21cc7cd3941ab414ce677e854ba692ab32a4be3c
e0a3152a997259f6395c68e48ee0c2db75188ef961b112f96e8b41c12a9ec13a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/FooterLogos2021.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 52743
last-modified: Mon, 15 Aug 2022 21:32:16 GMT
etag: "62fabb60-ce07"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/HC_QRcode_line-150x150.jpg
119.59.104.18200 OK 8.9 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/HC_QRcode_line-150x150.jpg
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash bb77a629b31b7035f57d969f2b9572b7
5d68fc387a0915978c785b19411456a611a22c17
1b76e13b9bef5681f69694f63b704e40256dc65eeb383ee868290832c6aa01fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/HC_QRcode_line-150x150.jpg HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/jpeg
content-length: 8862
last-modified: Mon, 15 Aug 2022 21:37:38 GMT
etag: "62fabca2-229e"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/FineUsOnFacebook-300x46.png
119.59.104.18200 OK 8.6 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/FineUsOnFacebook-300x46.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 300 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash e2b6d53bc7405883647beceb3ce10d58
f56f9487dce5f159c4927a6a70455fe225dd706d
7c6ec4ba7427882bcf815d06422b6dd29283bd44ea5272c405ed1090d6b23793
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/FineUsOnFacebook-300x46.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 8586
last-modified: Mon, 15 Aug 2022 21:37:38 GMT
etag: "62fabca2-218a"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_Youtube.png
119.59.104.18200 OK 781 B URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_Youtube.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 507b78c344596a2f2e61acf356aa4107
8a8ac80141bda0552e63003b655847debb5fa07c
0a49c0ddefee09504d12b5e2612447fe7905a87b3c92b5ef4519b7ddf0ba3938
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_Youtube.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:43 GMT
Content-Type: image/png
Content-Length: 781
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 15 Aug 2022 21:37:37 GMT
ETag: "30d-5e64e70c5f978"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_lineat.png
119.59.104.18200 OK 2.4 kB URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_lineat.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ad39cedbc547b116da494c42d469a20
328a2da2aaaf68ea8aa683343e8e824d1585c6be
2cf2aae6c892dd35b411528b2b79e857fa69958793d450c09d7cec7c9023c0bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_lineat.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:43 GMT
Content-Type: image/png
Content-Length: 2398
Last-Modified: Mon, 15 Aug 2022 21:37:33 GMT
Connection: keep-alive
ETag: "62fabc9d-95e"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_instagram.png
119.59.104.18200 OK 11 kB URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_instagram.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 356bd0b43451376dbcd260f310e5631b
139882ada4a10ea111bbbdee1be224adeb9f6029
25d152f45ebf615e937d727b4e90d9529109ccef9f7ec88b1732804c3534a13f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_instagram.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:43 GMT
Content-Type: image/png
Content-Length: 11315
Last-Modified: Mon, 15 Aug 2022 21:37:32 GMT
Connection: keep-alive
ETag: "62fabc9c-2c33"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/uploads/2022/08/icon_twitter.png
119.59.104.18200 OK 2.2 kB URL HTTP/1.1 www.holidayclip.co.th/wp-content/uploads/2022/08/icon_twitter.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 33daf9c9901b1cc7eeb0ae40901ac40b
4846edc545b4c9f5bd8d428afd8904f7ec5b95d8
bfa92edcd169263b0414e7dd17174d6c530e0ec3a4d04f17b17a3f8879b58208
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/icon_twitter.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 28 Oct 2022 05:44:43 GMT
Content-Type: image/png
Content-Length: 2197
Last-Modified: Mon, 15 Aug 2022 21:37:36 GMT
Connection: keep-alive
ETag: "62fabca0-895"
Accept-Ranges: bytes
www.holidayclip.co.th/wp-content/uploads/2022/08/cropped-HC-favicon-192x192.png
119.59.104.18200 OK 8.9 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/cropped-HC-favicon-192x192.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash aecaea8fdaaaa937f24e9380529a6a32
e27d4480ab71e15b2cb1dbb926d52f8983607b05
8bd31824a5303231aac9bbfed769bc5e3cf162ed27fea6bde00cc3fc915d8272
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/cropped-HC-favicon-192x192.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 8920
last-modified: Mon, 15 Aug 2022 19:54:58 GMT
etag: "62faa492-22d8"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/2022/08/cropped-HC-favicon-32x32.png
119.59.104.18200 OK 1.2 kB URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/2022/08/cropped-HC-favicon-32x32.png
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 34a2be4938155189e618d79b8c05a631
f92dfacb147efd31c87bbd8700d5b62d543bed4d
fe6145f87491c70eaeefe5a500697bc85e9c2cb53eb2ff1271a59a26b8afab5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/cropped-HC-favicon-32x32.png HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:43 GMT
content-type: image/png
content-length: 1244
last-modified: Mon, 15 Aug 2022 19:54:58 GMT
etag: "62faa492-4dc"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/uploads/adventure-tours-assets/main-custom.css?ver=6.0.3
119.59.104.18200 OK 0 B URL HTTP/2 www.holidayclip.co.th/wp-content/uploads/adventure-tours-assets/main-custom.css?ver=6.0.3
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/adventure-tours-assets/main-custom.css?ver=6.0.3 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 20:24:50 GMT
vary: Accept-Encoding
etag: W/"62faab92-37cdc"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
119.59.104.18200 OK 0 B URL HTTP/2 www.holidayclip.co.th/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding
etag: W/"6048e0ac-15db1"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
119.59.104.18200 OK 0 B URL HTTP/2 www.holidayclip.co.th/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
etag: W/"62551487-48b9"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
119.59.104.18200 OK 0 B URL HTTP/2 www.holidayclip.co.th/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 01:21:55 GMT
vary: Accept-Encoding
etag: W/"632e5bb3-719"
content-encoding: gzip
X-Firefox-Spdy: h2
www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/js/theme-full.min.js?ver=4.2.4
119.59.104.18200 OK 0 B URL HTTP/2 www.holidayclip.co.th/wp-content/themes/adventure-tours/assets/js/theme-full.min.js?ver=4.2.4
IP 119.59.104.18:0
ASN #56067 453 Ladplacout Jorakhaebua
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/adventure-tours/assets/js/theme-full.min.js?ver=4.2.4 HTTP/1.1
Host: www.holidayclip.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.holidayclip.co.th/ncv/iilihnn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 05:44:42 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 18:24:04 GMT
vary: Accept-Encoding
etag: W/"62f93dc4-32a9c"
content-encoding: gzip
X-Firefox-Spdy: h2