Report - iantravels.com/expedita-at/documents.zip

Report Overview

Submitted URL
iantravels.com/expedita-at/documents.zip
IP
50.87.147.174
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-01-14 09:34:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	78 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	710 B	561 B	216.239.32.36
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	764 B	22 kB	142.250.74.46
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	24 kB	104.17.25.14
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	194 kB	142.250.74.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
iantravels.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	1.8 MB	50.87.147.174
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.172.149
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-14	medium	iantravels.com/expedita-at/documents.zip	Malware
2023-01-14	medium	iantravels.com/expedita-at/documents.zip	Malware
2023-01-14	medium	iantravels.com/	Malware
2023-01-14	medium	iantravels.com/wp-content/plugins/crelly-slider/css/crellyslider.min.css?ver=1.4.5	Malware
2023-01-14	medium	iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1.2	Malware
2023-01-14	medium	iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=81582bdb254a94e4464424087c6479a8	Malware
2023-01-14	medium	iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=9.0.1	Malware
2023-01-14	medium	iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1.2	Malware
2023-01-14	medium	iantravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2023-01-14	medium	iantravels.com/wp-content/themes/Newspaper/includes/demos/blog_travel/demo_style.css?ver=9.0.1	Malware
2023-01-14	medium	iantravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Malware
2023-01-14	medium	iantravels.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15	Malware
2023-01-14	medium	iantravels.com/daring-greatly-by-brene-brown-a-summary/	Malware
2023-01-14	medium	iantravels.com/wp-content/themes/Newspaper/style.css?ver=81582bdb254a94e4464424087c6479a8	Malware
2023-01-14	medium	iantravels.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	iantravels.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL iantravels.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	iantravels.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1	209 kB	2023-03-07	2024-04-20
Pretty URL iantravels.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2024-04-20 06:42:29 Times Seen109 Hash 8fc4a01b532c007f86721efbf6ccac35 d823cbb624e57254b441e8e2a514ab79d975728f de86a261595e6aa15abedbea378a89a6d78ebff1062323c1cb89cf031aa33f14 Loading...

	iantravels.com/	2.9 kB	2023-03-12	2023-03-12
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-12 23:00:36 Times Seen1 Hash 1e08b919363d1aa5f24b1e4f977e9ba0 8901dfdf242f103d40b28faadb5a190ab58a80ab 9372544334b39f1b8a3b9922a6758652d5c33516617bb6d77597b5c08e43f3a5 Loading...

	iantravels.com/	181 B	2023-03-07	2024-04-23
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:35 Last Seen2024-04-23 14:06:04 Times Seen733 Hash 84ab5d4c88ec193663965684e802c3e4 6a1f1e8907d2217bb456271f9da183c2c640a451 6cd6c5adb462d9b0d5dcccc78540d1cd31d0b83641e64bc954639b353e1e2fdd Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=81582bdb254a94e4464424087c6479a8	20 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 06:24:48 Times Seen19538 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	iantravels.com/	3.4 kB	2023-03-07	2024-04-26
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 06:21:32 Times Seen6170 Hash a94b76e45c11675df9f26fd25a8e4359 1cd29363bb1b514e6f7ef031f1831008df181f17 4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899 Loading...

	iantravels.com/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8	3.0 kB	2023-03-07	2024-04-26
Pretty URL iantravels.com/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 06:23:26 Times Seen29316 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	iantravels.com/	5.0 kB	2023-03-12	2023-03-12
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-12 23:00:36 Times Seen1 Hash d4770605745703ae555afdb4b27dd286 d1a3b1db76ce690eaeefa45aa5d5db53ead542b3 d36058008e81f432bcac6d656a453cce2f4637c0052f488bbfc1863c777b02ec Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:30:18 Times Seen37085378 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-134715505-1&l=dataLayer&cx=c	113 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=UA-134715505-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-12 23:00:36 Times Seen1 Hash 29ab561cc863e4ec47258576a13c62e2 b68027d86d9f8a8d9bceb9b8ba1fd8ed149cb5b9 7b9b5101c99e6941b2075a962a514e1c70d47c1d662c42766c6b3468ae926742 Loading...

	iantravels.com/wp-content/plugins/crelly-slider/js/jquery.crellyslider.min.js?ver=1.4.5	26 kB	2023-03-07	2024-04-23
Pretty URL iantravels.com/wp-content/plugins/crelly-slider/js/jquery.crellyslider.min.js?ver=1.4.5 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2024-04-23 14:06:06 Times Seen83 Hash ad5e2d293acc6ba0075ba867157083d9 4f5d46f8a915e47ba5ecac4cf9d3a56c9bbdd665 6c512ceb90281d4d4e0b13f4069c318cd47ac29855c4d4b8c89c5d33ea12f918 Loading...

	iantravels.com/	5.2 kB	2023-03-07	2023-03-17
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2023-03-17 11:26:44 Times Seen1 Hash 7699e689a8952e7283e124284e935aa9 eb5fbbb08608629d81e9fade82ba5c5c07067e40 6cf1b956ad54c0ce7780400b4179953da7aa4df291060f0a7469728dc1bfb36d Loading...

	iantravels.com/	2.9 kB	2023-03-12	2023-03-12
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-12 23:00:36 Times Seen1 Hash 4a1461cabfad683617ad87d5484310f4 fabd28c5bb6a01667ccaa4cb19fe8a8faf56e5d4 aae0d8d797357bb475666536adaa282ad3d93b0c115f0cd9224f6e5da704b22d Loading...

	iantravels.com/	2.1 kB	2023-03-07	2024-04-26
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 06:21:32 Times Seen6356 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	iantravels.com/wp-content/themes/Newspaper-child/assets/js/magnific-custom.js?ver=81582bdb254a94e4464424087c6479a8	1.0 kB	2023-03-07	2023-03-17
Pretty URL iantravels.com/wp-content/themes/Newspaper-child/assets/js/magnific-custom.js?ver=81582bdb254a94e4464424087c6479a8 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2023-03-17 11:26:44 Times Seen1 Hash 7cd0e7eae23fe94514e8ccb5dc4565b6 ca6b6a4d526af40ffe23455909ed1947102c7745 041d35d3339bf565d4835327700ac3fb26f7c16b65790e91251a0f4eb692dcc9 Loading...

	iantravels.com/	6.2 kB	2023-03-12	2023-03-14
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-14 06:40:37 Times Seen1 Hash 1797e56cb10138a18e1058f525140d7d 17891953de497f4a98618d43f23ff19cb97acc07 985f683aa1b39a8724c58f2fe7c571104bb2b147a32dddd4de3a242d2bc53489 Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-04-15
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-15 19:01:06 Times Seen1974 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	iantravels.com/	1.2 kB	2023-03-07	2023-03-17
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2023-03-17 11:26:44 Times Seen1 Hash e02d4eb7a81dc04aaa7fa1c0c8073d07 9d2df90941b8a458f01fb8b8e028156f53430665 1ab4588aeed87e07aef024c7a58e79f04855961442332951ec249dac3c562109 Loading...

	iantravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL iantravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen68654 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	iantravels.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1	12 kB	2023-03-07	2024-04-25
Pretty URL iantravels.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-04-25 08:07:38 Times Seen5599 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	iantravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-26
Pretty URL iantravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:35 Times Seen9814 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	iantravels.com/	380 B	2023-03-07	2023-03-17
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:02 Last Seen2023-03-17 11:26:44 Times Seen1 Hash 2d9d1e55f50993f3734e767e75ff872b d568c726973eeb1006568a11890e743ef8121d7b 0166057f188d37db0bd5b2c8e561527d38405ef828bb1f78cc56d1943d3c7101 Loading...

	iantravels.com/	1.1 kB	2023-03-12	2023-03-12
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-12 23:00:36 Times Seen1 Hash 9bce2a51a1c3a9ff9dddb670a396bbec 9fee5dd9f71db647337cec41b27792d14ef703ab 8b9783a13cfc4ec4352bf7dd555bfd9f333f00a7c158a855c052bd2e9c7e1987 Loading...

	iantravels.com/	475 B	2023-03-12	2023-03-14
Pretty URL iantravels.com/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:00:36 Last Seen2023-03-14 06:40:37 Times Seen1 Hash 0da10c948436cc74ad699f59d32185e0 2f0be3fc4d5b22f7fdc076fd191e294e1d8db8e4 f2fa55ec59ca88d2709f69cbb2ba5f4f2f146f5076cd44d8957a14d61db85302 Loading...

	cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=81582bdb254a94e4464424087c6479a8	44 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:58 Last Seen2024-04-26 05:38:07 Times Seen7103 Hash 22f75416148991671e580d8f4d2a2387 f5071717b9e5e3fe5d3aef69f9f20acf753bc1f8 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d Loading...

HTTP Transactions (87)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12035
Expires: Sat, 14 Jan 2023 12:55:19 GMT
Date: Sat, 14 Jan 2023 09:34:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12868
Expires: Sat, 14 Jan 2023 13:09:12 GMT
Date: Sat, 14 Jan 2023 09:34:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 08:42:01 GMT
content-type: application/json
age: 3163
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3607
Expires: Sat, 14 Jan 2023 10:34:51 GMT
Date: Sat, 14 Jan 2023 09:34:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rLQO8uGv9VPtQBsTGn14h2yCop4hJsE2rz61h37ZFzU90boErukITlVDcq/X3DJ+S6PISGu2EtA=
x-amz-request-id: 8BG5WNFBHQ82BX4F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 08:54:53 GMT
age: 2391
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 09:34:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

iantravels.com/expedita-at/documents.zip

50.87.147.174

301 Moved Permanently

256 B

URL HTTP/1.1
iantravels.com/expedita-at/documents.zip
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
256 B (256 bytes)
Hash
cda94f29dd987460e478636d50842c71
42fd7860de6856fa2e4a6d50e7012e1a1638d09d
ec6ebf79b13f6981bfabe67eae08d2f57de43c068e056140731a75cc16749f9f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /expedita-at/documents.zip HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 14 Jan 2023 09:34:44 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Expect-CT: max-age=7776000, enforce
Location: https://iantravels.com/expedita-at/documents.zip
Cache-Control: max-age=0
Expires: Sat, 14 Jan 2023 09:34:44 GMT
Content-Length: 256
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 09:17:25 GMT
age: 1040
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d09f88265a8758f21f4a3bcb7ace3ef
e3487e87e33c4f76d092bbee3c75af53f617167a
6221341e2226676506a4fcd238533272fc8c716c9fa76a19718ec3d1ca56e2d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6221341E2226676506A4FCD238533272FC8C716C9FA76A19718EC3D1CA56E2D0"
Last-Modified: Thu, 12 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 14 Jan 2023 15:34:45 GMT
Date: Sat, 14 Jan 2023 09:34:45 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6024
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:45 GMT
Last-Modified: Sat, 14 Jan 2023 07:54:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.163.172.149

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.172.149:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CR5vWnRyA4270BYAz/HjvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5RHoXkC389KZfGpSsMSBTrD5xyE=

iantravels.com/expedita-at/documents.zip

50.87.147.174

301 Moved Permanently

0 B

URL HTTP/2
iantravels.com/expedita-at/documents.zip
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /expedita-at/documents.zip HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Sat, 14 Jan 2023 10:34:45 GMT
cache-control: max-age=3600
x-redirect-by: redirection
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
location: https://iantravels.com/
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 14 Jan 2023 09:34:45 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/

50.87.147.174

200 OK

23 kB

URL HTTP/2
iantravels.com/
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size
23 kB (22936 bytes)
Hash
42fda653a5a80d479d4f16ae620f0786
cc36b6efef3c2b89d5cfd8abbf9a13f43958b969
3ebb1069082f221669de3cb2141f94d09f1d71ebf2222273c4e2ef9921a610b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
last-modified: Sat, 14 Jan 2023 05:10:40 GMT
accept-ranges: bytes
content-length: 22936
cache-control: max-age=0
expires: Sat, 14 Jan 2023 09:34:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 14 Jan 2023 09:34:45 GMT
server: Apache
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css?ver=81582bdb254a94e4464424087c6479a8

104.17.25.14

200 OK

394 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1327)
Size
394 B (394 bytes)
Hash
50d05d35119a9bd8cf777402bb4789a0
fd03f42f191f21580b72dc3e474e9b7503a82555
a8daf82dae80ef2b347046c449acf73de160cc273a70cb74ed4cb71597a69bfc

HTTP Headers

GET /ajax/libs/slick-carousel/1.9.0/slick.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:34:46 GMT
content-type: text/css; charset=utf-8
content-length: 394
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-559"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3729342
expires: Thu, 04 Jan 2024 09:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw02Km01gf7MGxE%2Bup%2BzSTOtprKMaJtdu%2FQniqK1A1ts92YKScIEPvL5xAswWcRco1pCT71urx7GG0yUSMdyO%2Fvl0VEUmBlh1p6128Ia%2Fr%2F9%2F%2F8iclGgOfPZqNUdYg3Uzg3nsvmo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789560b2ce40b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css?ver=81582bdb254a94e4464424087c6479a8

104.17.25.14

200 OK

1.3 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5259), with no line terminators
Size
1.3 kB (1283 bytes)
Hash
61a2bf49c274907cb7c423ee7e577a2f
8e84fdaed011407912d3566446a79bf373481764
28b184ed88d2def77e206fb8e8987308d3520ae8662e6fc70049f25f697b5f14

HTTP Headers

GET /ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:34:46 GMT
content-type: text/css; charset=utf-8
content-length: 1283
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-148b"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5588695
expires: Thu, 04 Jan 2024 09:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDBMTAn1Id3CWejTGXv0lWZLEf3XBX%2BZXSDaKK79x%2FnLYXx5TAMztA8B7yL%2Fxd5U95u%2FmOfPIW3n89rlErmKaehX9Uj444eP6cioJ55LpoRBC7lkP%2BivfBQJKcAfqhoRB%2BWaZqH8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789560b2ce49b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css?ver=81582bdb254a94e4464424087c6479a8

104.17.25.14

200 OK

657 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (2332)
Size
657 B (657 bytes)
Hash
fd6ea20505bda56b5e5dc52377385e34
2ea20bfa73d60ccbac3fae7c731c48cbdba4fa5d
b51b3aae99c2bb2b2b32b51d9df350de73b3992bb126339bfa8ab1407cfc881c

HTTP Headers

GET /ajax/libs/slick-carousel/1.9.0/slick-theme.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:34:46 GMT
content-type: text/css; charset=utf-8
content-length: 657
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-956"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5070711
expires: Thu, 04 Jan 2024 09:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNdHcwyhgMd0qWc2hty7DiNqu%2BbGMKoqaBJaG%2F05AehoXW2AF4qVW0mR9K2elhsSe%2FS%2BplupFcrJ%2FbSKixDJVGLiOJeGyKnEwPdMrAv8j9jxFh0PYJISjeQ%2F8upMJPHUTg38%2BHFd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789560b2ce4ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=81582bdb254a94e4464424087c6479a8

104.17.25.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20087)
Size
6.5 kB (6546 bytes)
Hash
6cfa1ffc4889c0035506daea0275c825
2dcc44c7670dd51b8e8c7c12088d24cdffa64237
02abade26ab9e805db1edf9ccd3067e49eeff131adf44fdfd6c3aae8ca3c1581

HTTP Headers

GET /ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:34:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 6546
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-4ef8"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12400907
expires: Thu, 04 Jan 2024 09:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUwQL%2FL9nQWQHywbXy6pFx%2F8pg3GO0y%2BQriVwo7CgWRlqf%2FLQOE%2BneayWY%2FYSNvzP4kGUD7MejtZa4dyEn7LT%2B0HxsuGQTdqqm%2BTZDE%2ByA%2BM0SfKoY0stN%2B%2Bwt6ng136L2op3B0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789560b2de5ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=81582bdb254a94e4464424087c6479a8

104.17.25.14

200 OK

9.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32026)
Size
9.6 kB (9564 bytes)
Hash
d4b257ea8ca6979f7d57ae8adb430ecd
ff13d9bd7a8c63020704dc2519becaeb8a5b3339
400f136c34a783f2734ae70a790480823f197186706384fff19d5664b95eade8

HTTP Headers

GET /ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:34:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 9564
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-ab69"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5145418
expires: Thu, 04 Jan 2024 09:34:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USPbqNOlfRjIZVKlv815VOgovZ6QVzT9GaG2w7fCrbT3Jbb1yPbEC2bhhJLc9338%2FWrFQkU6KAfALrx3Qx8puoC6eojaqFg4VZz4A6VpulT8ViT8KqpYjPU8xaPmwda89WN%2FR5vV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789560b2de50b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-RBL0NSSPGP

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-RBL0NSSPGP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (20080)
Size
77 kB (77379 bytes)
Hash
115a48f8aed94a1287ff4c949381d42d
c782de0a8aadc8eee3c2bbfa230c08823974429f
756072643314fb629236fe60cd39e8d3aeef02206281be56fa41bcada1531ec7

HTTP Headers

GET /gtag/js?id=G-RBL0NSSPGP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 09:34:46 GMT
expires: Sat, 14 Jan 2023 09:34:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

iantravels.com/wp-includes/css/classic-themes.min.css?ver=1

50.87.147.174

200 OK

189 B

URL HTTP/2
iantravels.com/wp-includes/css/classic-themes.min.css?ver=1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 04:57:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 189
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/crelly-slider/css/crellyslider.min.css?ver=1.4.5

50.87.147.174

200 OK

1.5 kB

URL HTTP/2
iantravels.com/wp-content/plugins/crelly-slider/css/crellyslider.min.css?ver=1.4.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (5056)
Size
1.5 kB (1532 bytes)
Hash
9c850bb17d72f0ead7a1ae455bacf44f
92ca8af117aa1d168d672ca8a09c8fdbd4b75f38
fe4761cca1b42bc2f01b9952c199b4054bcc700a301d3aa96161299a4a0889df

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/crelly-slider/css/crellyslider.min.css?ver=1.4.5 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 28 Sep 2021 16:21:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 1532
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1.2

50.87.147.174

200 OK

539 B

URL HTTP/2
iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1425), with no line terminators
Size
539 B (539 bytes)
Hash
5c8d0f8512d0133b7538225e05d09235
f33e9a05027e937e005c1bf46ce2f318865ae65e
894cac7d753ad5606836f737d85dcd86cac0874275d74429981b86ed81138155

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=3.1.2 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 16:47:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 539
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.1.4

50.87.147.174

200 OK

3.2 kB

URL HTTP/2
iantravels.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.1.4
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
3.2 kB (3150 bytes)
Hash
8d049e8cbc9cde397b364a972c30f5dd
6ee72cf0e10a8105af9af5020156032981c6a036
bda8ade1197125511c2c70e662adaa8e18de60ab56fd0a9719ce373db7d8f91c

HTTP Headers

GET /wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.1.4 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 28 Dec 2022 16:47:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 3150
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

1.5 kB

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.5 kB (1519 bytes)
Hash
930e43d4539c5d4277055a7b2fe92bb9
2b9f756deae21d5e54a3ff073918417510c23a97
cdf2196e36393432a8176f281b5f2131b5eb71340be9844ad09dec8b83c96541

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Newspaper-child/style.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 1519
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=9.0.1

50.87.147.174

200 OK

1.5 kB

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper-child/style.css?ver=9.0.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.5 kB (1519 bytes)
Hash
930e43d4539c5d4277055a7b2fe92bb9
2b9f756deae21d5e54a3ff073918417510c23a97
cdf2196e36393432a8176f281b5f2131b5eb71340be9844ad09dec8b83c96541

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Newspaper-child/style.css?ver=9.0.1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 1519
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

iantravels.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.9.3

50.87.147.174

200 OK

112 B

URL HTTP/2
iantravels.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.9.3
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
112 B (112 bytes)
Hash
05359a7ce1fb8f4b3ebd8b76bc583fdf
870f2fb5eb2cf8790d5efd0e41a9efbd160cd29e
c14aa6551254c1dbe0318a73efb9c9d03bfcfde5ceb63e54733a85695593b591

HTTP Headers

GET /wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.9.3 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sat, 19 Nov 2022 04:46:51 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 112
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1.2

50.87.147.174

200 OK

3.1 kB

URL HTTP/2
iantravels.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
3.1 kB (3098 bytes)
Hash
7f264f991eef967808e6103b314832e6
45587756177724f997e6161cfa77f6e0c6a1d547
a22b245f4fbd94a0166e1ed6d14c471b0fb39a43d85126ef39cc42a2e043311f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=3.1.2 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 16:47:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 3098
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

1.5 kB

URL HTTP/2
iantravels.com/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1477 bytes)
Hash
92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 25 May 2022 17:07:25 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 1477
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

50.87.147.174

200 OK

4.6 kB

URL HTTP/2
iantravels.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 23 Jul 2021 14:41:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 4618
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1

50.87.147.174

200 OK

3.9 kB

URL HTTP/2
iantravels.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1577)
Size
3.9 kB (3861 bytes)
Hash
0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Fri, 13 Jan 2023 04:49:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 3861
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16014
Expires: Sat, 14 Jan 2023 14:01:40 GMT
Date: Sat, 14 Jan 2023 09:34:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16014
Expires: Sat, 14 Jan 2023 14:01:40 GMT
Date: Sat, 14 Jan 2023 09:34:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16014
Expires: Sat, 14 Jan 2023 14:01:40 GMT
Date: Sat, 14 Jan 2023 09:34:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7437 bytes)
Hash
d3c35722c1c8a0b7a17b5a48a352aa64
4a939794eb33d9fb1b2cc56ca92f683a7d28e407
073d355bfc201c7feb4af2d1fac623fe7803f081c28467fa72b363074b0446a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7437
x-amzn-requestid: 0efc1457-5919-4244-9837-6e75d03ef1d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAd0F0poAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7abe-24df70ad7e1811a744a7c9de;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezdnQ-2RPpSESm42QCywHIZf4AmanMmy2f19NcUhzQ-PRjsFQfLNkg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:43:58 GMT
age: 21048
etag: "4a939794eb33d9fb1b2cc56ca92f683a7d28e407"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
11 kB (10611 bytes)
Hash
f0a506d645ade15a16f7a5a65fb82488
00ae7db177ff0896c022d7fcb108fbc6648c6ba0
846ff4589fdfc42d9b6178d06c9e8263ddf2515fc11d1a7d2200b74143e22f0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SUGIIWi8jWe9RoRu-3dQXvLAddjwjH05V1ubKzEOEQrFonzVjQdbtw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:33:07 GMT
age: 21699
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4936 bytes)
Hash
f4f04f55a9d261ddda8128b0bb721446
5e8df480a1650606937ee493660177bf09c49c14
3a357fbbd9f41d384a06e151a0daff50b345520d4816e70cc1b2c694949ce79f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4936
x-amzn-requestid: f1808de3-5712-4a65-8394-c1624668cdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pZFbIIAMFnvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3b-48c4b0cd36319a2634c0c5f0;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rudCuuUXfxE8aRq8-FFIwHE4tqeSWxYrd8uilWI-8DZSY9A-8EiLQQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:06 GMT
age: 42340
etag: "5e8df480a1650606937ee493660177bf09c49c14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11798 bytes)
Hash
5e40d5007919bd7f226664e3b1fa1339
73293ca2143a4ca1cbd17317fbab0aeac401df1b
5396d28bba05d0775a803107ce2aef6a28cbd29bcc211dcc5e1d10326aa9dcb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11798
x-amzn-requestid: 69dd4065-86d7-41cc-916c-c4a98167123c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eg8H3HSeoAMFt3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bd0d65-5c1f9f743324cabe37606cd3;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 07:01:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Zbt_rmVn5g0_o5LcFpn8LPnjgfz5d6Rvipe07Q4ZQVAiOsNYJDj_iQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:40:35 GMT
age: 6851
etag: "73293ca2143a4ca1cbd17317fbab0aeac401df1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13626 bytes)
Hash
afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uJjDFuqKCZyyAorUVUq9PyCb_8fWukPf6YE3LwqK2FrwMFzDNkftFQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 11:16:26 GMT
age: 80300
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9154 bytes)
Hash
b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:10:18 GMT
age: 19468
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper-child/assets/js/magnific-custom.js?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

481 B

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper-child/assets/js/magnific-custom.js?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
481 B (481 bytes)
Hash
2d72500f7014defe5d63b4e5294fe2fc
2fdeed562b18ea2ed995835cf07721b4629d3e3f
e2ed706c125acfeb2ab2a5393b31ecf83e3811c74bc409a20feba92c2f7ff833

HTTP Headers

GET /wp-content/themes/Newspaper-child/assets/js/magnific-custom.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 481
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper/includes/demos/blog_travel/demo_style.css?ver=9.0.1

50.87.147.174

200 OK

1.0 kB

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper/includes/demos/blog_travel/demo_style.css?ver=9.0.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.0 kB (1017 bytes)
Hash
07734a8c930eaf69cc53da26ad67adf1
e2f82024ce017f465dad6d952c15978ded25b081
09fe2bd45c128727383845ff91acb57d4619fcbe33399a8d45a90ad2acb3b99b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Newspaper/includes/demos/blog_travel/demo_style.css?ver=9.0.1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 1017
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/plugins/crelly-slider/js/jquery.crellyslider.min.js?ver=1.4.5

50.87.147.174

200 OK

8.0 kB

URL HTTP/2
iantravels.com/wp-content/plugins/crelly-slider/js/jquery.crellyslider.min.js?ver=1.4.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (25385)
Size
8.0 kB (7961 bytes)
Hash
703590520502381b32182dad53e41c35
c60c23f6dfa47d10f3003d5b39ff03269d31420d
df3916edc893e7ea007a139440c4ce27544ad278d65512dad4b258c7ebc1e3fa

HTTP Headers

GET /wp-content/plugins/crelly-slider/js/jquery.crellyslider.min.js?ver=1.4.5 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Tue, 28 Sep 2021 16:21:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 7961
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

50.87.147.174

200 OK

8.3 kB

URL HTTP/2
iantravels.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
8.3 kB (8344 bytes)
Hash
838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 04:57:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-length: 8344
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-RBL0NSSPGP&gtm=2oe1a1&_p=632752933&gdid=dZGIzZG&cid=1630171970.1673688870&ul=en-us&sr=1280x1024&_s=1&sid=1673688870&sct=1&seg=0&dl=https%3A%2F%2Fiantravels.com%2F&dt=Home%20-%20IAN%20Travel%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-RBL0NSSPGP&gtm=2oe1a1&_p=632752933&gdid=dZGIzZG&cid=1630171970.1673688870&ul=en-us&sr=1280x1024&_s=1&sid=1673688870&sct=1&seg=0&dl=https%3A%2F%2Fiantravels.com%2F&dt=Home%20-%20IAN%20Travel%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RBL0NSSPGP&gtm=2oe1a1&_p=632752933&gdid=dZGIzZG&cid=1630171970.1673688870&ul=en-us&sr=1280x1024&_s=1&sid=1673688870&sct=1&seg=0&dl=https%3A%2F%2Fiantravels.com%2F&dt=Home%20-%20IAN%20Travel%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://iantravels.com
date: Sat, 14 Jan 2023 09:34:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/10/Feature-Image-japan-100x70.jpg

50.87.147.174

200 OK

3.3 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/10/Feature-Image-japan-100x70.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x70, components 3\012- data
Size
3.3 kB (3266 bytes)
Hash
bd1734aa3d91f1b55a0befa318879a5b
70cbb5cbc31fad8bd5a47b7a13f17bd571bdf229
97a0dadb3b1e6b72683bb905994c3f8c4479b38da18d8e914b7887113c329eb7

HTTP Headers

GET /wp-content/uploads/2018/10/Feature-Image-japan-100x70.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:32:06 GMT
accept-ranges: bytes
content-length: 3266
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/12/Ian_travels_finallogo-300x95.png

50.87.147.174

200 OK

5.1 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/12/Ian_travels_finallogo-300x95.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 95, 8-bit colormap, non-interlaced\012- data
Size
5.1 kB (5100 bytes)
Hash
45af6ae45843ca2841aba6f833b459ff
b2c7c5bb39db9ae1f141cceee498900b4bcf6a8d
b4bfbfe4abd8703e50527803202056b76673ca8565f76688a5c76f7b4358e8cc

HTTP Headers

GET /wp-content/uploads/2018/12/Ian_travels_finallogo-300x95.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 07:53:33 GMT
accept-ranges: bytes
content-length: 5100
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/12/Ian_travels_light_finallogo-300x95.png

50.87.147.174

200 OK

5.8 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/12/Ian_travels_light_finallogo-300x95.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 95, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5828 bytes)
Hash
1810aa42a875afa57031ffe1ce47fb4d
b9343832a2a31c19d6ecf9961e9406f0b26bcf0b
d62abef2899c83ee12b48f636172b06029782005c5129a8791ffa773824c0e4d

HTTP Headers

GET /wp-content/uploads/2018/12/Ian_travels_light_finallogo-300x95.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 07:52:37 GMT
accept-ranges: bytes
content-length: 5828
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/12/Ian_travels_finallogo.png

50.87.147.174

200 OK

10 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/12/Ian_travels_finallogo.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 800 x 252, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10137 bytes)
Hash
665be0e5b09c1a1e81443e4639ba5801
140625bf6a45de7ded563045f6150772041164f2
6cac234f2550df37075c194ec7ba6a6986db9527c65f17ec04344656941a8356

HTTP Headers

GET /wp-content/uploads/2018/12/Ian_travels_finallogo.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 07:53:03 GMT
accept-ranges: bytes
content-length: 10137
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2017/10/laketrout-crop-100-5953-100x70.jpg

50.87.147.174

200 OK

3.9 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2017/10/laketrout-crop-100-5953-100x70.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x70, components 3\012- data
Size
3.9 kB (3904 bytes)
Hash
a1beb18c802a0c9910771ff669c6a971
40d31293a6c2976bfac6cb0b1eeba042b2b33828
47f0a608a4de4c74fc39121925b5a3b1bdce7d56b97364ac1b4ed1f8a941505b

HTTP Headers

GET /wp-content/uploads/2017/10/laketrout-crop-100-5953-100x70.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:31 GMT
accept-ranges: bytes
content-length: 3904
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2017/10/DSC_1731-1-320x143.jpg

50.87.147.174

200 OK

6.8 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2017/10/DSC_1731-1-320x143.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 320x143, components 3\012- data
Size
6.8 kB (6849 bytes)
Hash
fed4e7103458f2af7d77cfaa23af523a
0495af1af700a4ddeb91b8cbffc7042ffffbfaaa
d0011e638acc16bbfacae3007780622ab0018be2d419d9f792dda5ab48e136fb

HTTP Headers

GET /wp-content/uploads/2017/10/DSC_1731-1-320x143.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:32 GMT
accept-ranges: bytes
content-length: 6849
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2017/10/IMG_9842-2-e1507828268455-218x150.jpg

50.87.147.174

200 OK

9.7 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2017/10/IMG_9842-2-e1507828268455-218x150.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 218x150, components 3\012- data
Size
9.7 kB (9717 bytes)
Hash
7517739e3764c60b1d9c9e66586a37c7
96e9686153eb9b4815df0ae1dea1b874bfa2252c
ea283d2d50d9aa4665d69ba9f61d1d50d108e2e344b6cfcee999e0e4f6a27351

HTTP Headers

GET /wp-content/uploads/2017/10/IMG_9842-2-e1507828268455-218x150.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:33 GMT
accept-ranges: bytes
content-length: 9717
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/02/D85_0531-320x213.jpg

50.87.147.174

200 OK

26 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/02/D85_0531-320x213.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 320x213, components 3\012- data
Size
26 kB (26260 bytes)
Hash
4576a74124747d8f9ccedb2354481bfa
ca70a5c35f0709c63b9efe93a9b12098df7ff70f
07691e5bc908034c407614b4878dcc63e3e894971f665a4eb2dcc4fb8c8f9898

HTTP Headers

GET /wp-content/uploads/2018/02/D85_0531-320x213.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:32:01 GMT
accept-ranges: bytes
content-length: 26260
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:41 GMT
expires: Tue, 09 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 398526
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

142.250.74.35

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Size
17 kB (17336 bytes)
Hash
eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

HTTP Headers

GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 72094
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:51:59 GMT
expires: Thu, 11 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 265368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 72094
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

142.250.74.35

200 OK

29 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 29252, version 1.0\012- data
Size
29 kB (29252 bytes)
Hash
560f20b3c1c9c5da37a1f3db36a107a0
592121dc8d1cb5ab1e588122a69be069ab7f14af
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf

HTTP Headers

GET /s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29252
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 23:51:34 GMT
expires: Wed, 10 Jan 2024 23:51:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:46:53 GMT
content-type: font/woff2
age: 294193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.35

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:12 GMT
expires: Sat, 13 Jan 2024 13:33:12 GMT
cache-control: public, max-age=31536000
age: 72095
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iantravels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 223253
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

iantravels.com/wp-content/uploads/2019/08/9.--696x385.jpg

50.87.147.174

200 OK

41 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/08/9.--696x385.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x385, components 3\012- data
Size
41 kB (40889 bytes)
Hash
3688a95da7d2ded3ca97bf08324aa977
7f332cebe7fef451a9838fceb4d9335c8317976b
35e67062f1ba257663d7013915e8c3cba31eb360eae395fa11a30f2956b491cd

HTTP Headers

GET /wp-content/uploads/2019/08/9.--696x385.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:58 GMT
accept-ranges: bytes
content-length: 40889
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/08/8.-Feature-Image-696x385.jpg

50.87.147.174

200 OK

43 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/08/8.-Feature-Image-696x385.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x385, components 3\012- data
Size
43 kB (43374 bytes)
Hash
74720d07ecc8fe327244383fac998b21
c9bfe83d90f10e355205a0253c09f3f0ba360866
182f5e02e92a076e05e41c510efcc87b27906868f3b06ee86fc859a167499364

HTTP Headers

GET /wp-content/uploads/2019/08/8.-Feature-Image-696x385.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:59 GMT
accept-ranges: bytes
content-length: 43374
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/07/3-min-696x385.jpg

50.87.147.174

200 OK

60 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/07/3-min-696x385.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x385, components 3\012- data
Size
60 kB (59924 bytes)
Hash
dc4791417c3068a044eaf9459cbf21c0
2fab2be0640eece483d165012ec5fdd4c9bbb45b
716a2e8e7d1a27eaf3bad62c7d98f1e8b85d60d4c2cf3331ff8bbac9d76e3a26

HTTP Headers

GET /wp-content/uploads/2019/07/3-min-696x385.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:57 GMT
accept-ranges: bytes
content-length: 59924
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/09/pic-3-696x385.jpg

50.87.147.174

200 OK

82 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/09/pic-3-696x385.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x385, components 3\012- data
Size
82 kB (81672 bytes)
Hash
62cef24dbfa00031c2da1ee4befa254a
7532952a910dda59b4301ed2b8632fa2a3ebbaf6
a4e1e9abc6420176b08dca51f650f8dcd90da56dfa6859fa6bbe122bb1a923da

HTTP Headers

GET /wp-content/uploads/2019/09/pic-3-696x385.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:57 GMT
accept-ranges: bytes
content-length: 81672
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x385.png

50.87.147.174

200 OK

205 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x385.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 696 x 385, 8-bit colormap, non-interlaced\012- data
Size
205 kB (205126 bytes)
Hash
adcb2bbfdd6e0077fd1b6ef2b5834a73
744c4a10030d02ac745948a5fdc05c4e4ad9c796
8640f1716e1e57f368755ff7f872d484a6c88943160836db8c01878a16e7f5ef

HTTP Headers

GET /wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x385.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 17:13:01 GMT
accept-ranges: bytes
content-length: 205126
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15

50.87.147.174

200 OK

22 kB

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 22064, version 0.0\012- data
Size
22 kB (22064 bytes)
Hash
146a865dce63d141ebdbf2ee6d72ff89
b53ccefe41f86c33a9fd049ee3e1dc39d41d37d6
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?15 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://iantravels.com/wp-content/themes/Newspaper/style.css?ver=81582bdb254a94e4464424087c6479a8
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
content-length: 22064
cache-control: max-age=10368000
expires: Sun, 14 May 2023 09:34:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: font/woff
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/08/9.--696x464.jpg

50.87.147.174

200 OK

48 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/08/9.--696x464.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x464, components 3\012- data
Size
48 kB (48009 bytes)
Hash
c025df22fddba1e2bdad732832d9e9e0
891fecd9540f1d9c0aec7c376d4dd18c9564c1c8
1368cca7eaee44e3fd47807a7a36abaeb4fc4941298f1c287a96a17dc38b694d

HTTP Headers

GET /wp-content/uploads/2019/08/9.--696x464.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:59 GMT
accept-ranges: bytes
content-length: 48009
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/08/8.-Feature-Image-696x464.jpg

50.87.147.174

200 OK

50 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/08/8.-Feature-Image-696x464.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x464, components 3\012- data
Size
50 kB (50477 bytes)
Hash
6af8669b700d349ab954bebea252051c
e898987a745cf539f6b059d749a5a35d804c6ccd
047052a41e3df9dcd19b6184dc7f72776d1df57e941f41a2fd64ec03eff98b3c

HTTP Headers

GET /wp-content/uploads/2019/08/8.-Feature-Image-696x464.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:59 GMT
accept-ranges: bytes
content-length: 50477
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/07/3-min-696x464.jpg

50.87.147.174

200 OK

78 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/07/3-min-696x464.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x464, components 3\012- data
Size
78 kB (77973 bytes)
Hash
74cf1f12948e1cbfc11d794f3105f929
030ab63b17beef73aedbfcbe044dc6084da3730f
637e8eca3335bdea0a81bec4f7a227ef840a8401bfa7f3b86d248c6a13537919

HTTP Headers

GET /wp-content/uploads/2019/07/3-min-696x464.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:56 GMT
accept-ranges: bytes
content-length: 77973
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/09/pic-3-696x522.jpg

50.87.147.174

200 OK

106 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/09/pic-3-696x522.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", progressive, precision 8, 696x522, components 3\012- data
Size
106 kB (105933 bytes)
Hash
8c6fa8be4db2e829061090035e6900f0
1ca6f6d74fc319747b1bae41dd70cae43d46c8f4
3e43a580321d9a44fa6e9f6903abb3c3e2afe221bb7a3b55aee81401f2f8748d

HTTP Headers

GET /wp-content/uploads/2019/09/pic-3-696x522.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:57 GMT
accept-ranges: bytes
content-length: 105933
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2018/09/10.jpg

50.87.147.174

200 OK

116 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2018/09/10.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1068x712, components 3\012- data
Size
116 kB (116322 bytes)
Hash
3e73672445bf2ca160fe7276221ffbd6
79f11c350603556eb7b3cc11565e35badfc9a545
45eae602f7fd0434b7770568a7aa3b7c83cfa424e642e0ce0ccd0615cec45975

HTTP Headers

GET /wp-content/uploads/2018/09/10.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:32:02 GMT
accept-ranges: bytes
content-length: 116322
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2017/09/Ian-Ritter-Headshot-Florida.jpg

50.87.147.174

200 OK

510 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2017/09/Ian-Ritter-Headshot-Florida.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1020x683, components 3\012- data
Size
510 kB (509866 bytes)
Hash
b52702de0bd67e5a8585fab98e5612a3
08bebcfabf5af04b334b8804fb885da1c7f3664f
0620d59098a97ff7cbe4957feb7727f9d27bac9af9a5d379b02bec53c20e97b7

HTTP Headers

GET /wp-content/uploads/2017/09/Ian-Ritter-Headshot-Florida.jpg HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:31:30 GMT
accept-ranges: bytes
content-length: 509866
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x415.png

50.87.147.174

200 OK

220 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x415.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 696 x 415, 8-bit colormap, non-interlaced\012- data
Size
220 kB (219982 bytes)
Hash
15567b4f50e94095a95eb2afda891f30
630908d7de4bd52da2f930a64f0ffd4a8a01f6c2
c1073d5b846d5cb7f3ed7ecd335e4e6c8dd65050318cb25008ebaa5478dd7101

HTTP Headers

GET /wp-content/uploads/2021/10/Daring-Greatly-by-Brene-Brown-1-696x415.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 17:12:57 GMT
accept-ranges: bytes
content-length: 219982
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:47 GMT
server: Apache
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 14 Jan 2023 08:21:54 GMT
expires: Sat, 14 Jan 2023 10:21:54 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 4375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/linkid.js

142.250.74.46

200 OK

859 B

URL HTTP/2
www.google-analytics.com/plugins/ua/linkid.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1335)
Size
859 B (859 bytes)
Hash
904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237

HTTP Headers

GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iantravels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:30:49 GMT
expires: Sat, 14 Jan 2023 10:30:49 GMT
cache-control: public, max-age=3600
age: 240
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/01/cropped-favicon-192x192.png

50.87.147.174

200 OK

21 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/01/cropped-favicon-192x192.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21216 bytes)
Hash
707571f09c5879d02d49a46e7aff8281
353e43ce1f93f57d702ef2c1aedbd67004cc5db9
671d02f706d87bfe48f4907ccf10cde51378b766157c5dbc0e5eceb727bd7c2d

HTTP Headers

GET /wp-content/uploads/2019/01/cropped-favicon-192x192.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:32:01 GMT
accept-ranges: bytes
content-length: 21216
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:49 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/uploads/2019/01/cropped-favicon-32x32.png

50.87.147.174

200 OK

1.8 kB

URL HTTP/2
iantravels.com/wp-content/uploads/2019/01/cropped-favicon-32x32.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1781 bytes)
Hash
f0eff15f2ed3dfcea589dcd326da956e
b6cddb9e98d12f9c71ef839763be6c3d953c6df5
a1d1f47a3c1d565bc658317a875de5d8f03790f0edd2fe74dfc972c54843054c

HTTP Headers

GET /wp-content/uploads/2019/01/cropped-favicon-32x32.png HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.1.1630171970.1673688870
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 13:32:00 GMT
accept-ranges: bytes
content-length: 1781
cache-control: max-age=10368000, public
expires: Sun, 14 May 2023 09:34:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sat, 14 Jan 2023 09:34:49 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/daring-greatly-by-brene-brown-a-summary/

50.87.147.174

200 OK

31 kB

URL HTTP/2
iantravels.com/daring-greatly-by-brene-brown-a-summary/
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
31 kB (31143 bytes)
Hash
ed02ca59ae8c57eb2ed8e550a4e1a772
2a2e5f4ad58ca49de16d4174473aa8c97698922a
ce3aa01003c6a9bc3a190f633d8712e94d1f41df4ef905ab517b5f974b7cf0f8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /daring-greatly-by-brene-brown-a-summary/ HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
X-Moz: prefetch
Connection: keep-alive
Cookie: _ga_RBL0NSSPGP=GS1.1.1673688870.1.0.1673688870.0.0.0; _ga=GA1.2.1630171970.1673688870; _gid=GA1.2.828591334.1673688874; _gat_gtag_UA_134715505_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,Cookie,User-Agent
last-modified: Sat, 14 Jan 2023 07:10:33 GMT
accept-ranges: bytes
content-length: 31143
cache-control: max-age=0
expires: Sat, 14 Jan 2023 09:34:50 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 14 Jan 2023 09:34:50 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper/style.css?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

0 B

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper/style.css?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/Newspaper/style.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

50.87.147.174

200 OK

0 B

URL HTTP/2
iantravels.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 04:57:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1

50.87.147.174

200 OK

0 B

URL HTTP/2
iantravels.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Thu, 29 Jul 2021 12:27:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: application/javascript; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

iantravels.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

0 B

URL HTTP/2
iantravels.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: iantravels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iantravels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 04:11:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 14 Jan 2024 09:34:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
content-type: text/css; charset=utf-8
date: Sat, 14 Jan 2023 09:34:46 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML